Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/tnIMWehV7-s3YFdByca6v2OZEG0.roa
File: tnIMWehV7-s3YFdByca6v2OZEG0.roa (raw, json)
Hash identifier: NWfOiZrn7Md8Y/fglpHdXuMUMsLmCrcIFNvYQcevZ/0=
Subject key identifier: B6:72:0C:59:E8:55:EF:EB:37:60:57:41:C9:C6:BA:BF:63:99:10:6D
Certificate issuer: /CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Certificate serial: 0195FBF0B144DCEC7BD5F65FDC2BE0F5629C
Authority key identifier: 0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/tnIMWehV7-s3YFdByca6v2OZEG0.roa
Signing time: Thu 03 Apr 2025 13:56:50 +0000
ROA not before: Thu 03 Apr 2025 13:56:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201589
IP address blocks: 5.101.36.0/24 maxlen: 24
5.101.37.0/24 maxlen: 24
5.101.38.0/24 maxlen: 24
5.101.39.0/24 maxlen: 24
5.101.71.0/24 maxlen: 24
31.184.232.0/24 maxlen: 24
31.184.233.0/24 maxlen: 24
31.184.234.0/24 maxlen: 24
31.184.235.0/24 maxlen: 24
91.108.187.0/24 maxlen: 24
185.238.152.0/24 maxlen: 24
185.238.153.0/24 maxlen: 24
185.238.154.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
2a13:1ec0::/44 maxlen: 44
2a13:1ec0:100::/44 maxlen: 44
2a13:1ec0:110::/44 maxlen: 44
2a13:1ec0:200::/44 maxlen: 44
2a13:1ec0:1000::/44 maxlen: 44
2a13:1ec0:1010::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 22:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:f0:b1:44:dc:ec:7b:d5:f6:5f:dc:2b:e0:f5:62:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Validity
Not Before: Apr 3 13:56:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6720c59e855efeb37605741c9c6babf6399106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:90:f9:a9:e7:78:78:87:72:93:96:02:d1:
69:a8:b7:84:57:7d:4e:66:c7:fe:93:8b:70:b6:c7:
d6:8d:ca:8e:19:c7:53:6a:11:89:16:32:0e:d4:ff:
3c:94:01:ab:3c:ee:94:b5:fd:3f:8c:86:6b:31:5d:
ea:0d:14:8c:dd:c9:02:21:4c:e3:00:04:b8:04:b3:
98:9e:af:29:7a:86:3b:91:a1:de:02:3e:ba:a6:6b:
72:17:4b:b6:5e:6b:2b:45:9e:68:98:86:53:8b:df:
9e:29:cc:64:89:60:09:5f:cc:89:c9:88:4f:1e:f2:
b7:2e:67:bf:8f:b5:e4:b4:1d:3a:21:9a:97:68:7d:
4e:3c:9a:f5:b6:62:4f:b1:2e:1e:14:59:90:33:07:
90:22:30:fe:4b:27:ec:86:a5:50:56:92:d2:14:4d:
fe:13:9c:69:2e:1c:40:88:da:ab:28:50:e9:c5:22:
5d:50:60:ff:d2:91:e9:30:e2:50:2a:02:65:7d:e8:
6f:b9:fe:2e:7f:8d:17:33:97:c0:df:4a:8a:5b:59:
ef:7f:fc:21:92:fb:57:ec:3d:8c:6c:0d:da:45:92:
ca:ee:5f:45:83:9b:b6:dd:66:2d:00:be:75:2f:ef:
fe:6f:80:1b:f9:f7:1a:2a:45:e9:94:6a:42:6a:e1:
ad:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:72:0C:59:E8:55:EF:EB:37:60:57:41:C9:C6:BA:BF:63:99:10:6D
X509v3 Authority Key Identifier:
keyid:0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/tnIMWehV7-s3YFdByca6v2OZEG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.36.0/22
5.101.71.0/24
31.184.232.0/22
91.108.187.0/24
185.238.152.0/22
IPv6:
2a13:1ec0::/44
2a13:1ec0:100::/43
2a13:1ec0:200::/44
2a13:1ec0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
0f:7b:09:63:f9:f0:cf:58:fc:9b:e7:b4:32:df:87:8e:92:43:
4d:44:aa:1f:33:d8:e3:6e:56:dc:75:2b:ab:ee:a1:99:ff:c1:
61:f4:5f:39:5f:00:66:c5:36:88:4f:41:8a:5a:11:0e:6e:40:
6d:57:00:4b:06:6a:cd:3c:88:d1:27:6a:6f:97:a7:6a:9f:97:
c2:30:6e:d3:84:cd:06:74:ff:84:e1:14:de:c6:d4:3a:1f:9c:
6f:74:5e:ed:ff:f5:dc:12:8b:57:b8:88:d6:bb:dc:51:d1:3e:
05:5a:fe:bd:9d:bc:1c:7e:e1:b6:ef:0b:56:d9:9f:d6:e2:8e:
4b:fa:74:3b:37:6e:7a:04:6b:6e:9c:12:a4:2b:8b:48:16:b8:
dc:94:94:aa:6e:29:45:15:b3:cc:29:3a:af:4b:e3:6d:1b:6c:
13:eb:56:0b:f9:f9:7e:92:a4:6f:3a:4e:55:13:10:f5:0c:58:
e5:20:c6:71:a5:ed:32:b6:8a:cd:c7:95:ba:fe:72:cf:99:4c:
64:f9:57:f9:04:a0:9b:5c:27:07:4e:84:7f:44:44:76:60:2f:
ca:cf:72:7b:45:d7:13:f8:1b:1f:bf:99:3d:53:f5:88:27:bd:
87:b3:e8:32:9b:64:5d:7e:78:77:9a:e4:17:c7:ab:7e:5a:fb:
37:4d:ed:84
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZX78LFE3Ox71fZf3Cvg9WKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMGY5ZjA0NGUyYjkyOTg3OGQ3NDdjNWZmYmI4MGFkMTBl
M2Q2YmQwHhcNMjUwNDAzMTM1NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcyMGM1OWU4NTVlZmViMzc2MDU3NDFjOWM2YmFiZjYzOTkxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCQ+anneHiHcpOWAtFpqLeEV31O
Zsf+k4twtsfWjcqOGcdTahGJFjIO1P88lAGrPO6Utf0/jIZrMV3qDRSM3ckCIUzj
AAS4BLOYnq8peoY7kaHeAj66pmtyF0u2XmsrRZ5omIZTi9+eKcxkiWAJX8yJyYhP
HvK3Lme/j7XktB06IZqXaH1OPJr1tmJPsS4eFFmQMweQIjD+SyfshqVQVpLSFE3+
E5xpLhxAiNqrKFDpxSJdUGD/0pHpMOJQKgJlfehvuf4uf40XM5fA30qKW1nvf/wh
kvtX7D2MbA3aRZLK7l9Fg5u23WYtAL51L+/+b4Ab+fcaKkXplGpCauGtMQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFLZyDFnoVe/rN2BXQcnGur9jmRBtMB8GA1UdIwQY
MBaAFA8PnwROK5KYeNdHxf+7gK0Q49a9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2Et
Y2RiZDNiNmNlNzc3LzEvdG5JTVdlaFY3LXMzWUZkQnljYTZ2Mk9aRUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2EtY2RiZDNiNmNlNzc3
LzEvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAkBAIAATAeAwQCBWUkAwQA
BWVHAwQCH7joAwQAW2y7AwQCue6YMCoEAgACMCQDBwQqEx7AAAADBwUqEx7AAQAD
BwQqEx7AAgADBwUqEx7AEAAwDQYJKoZIhvcNAQELBQADggEBAA97CWP58M9Y/Jvn
tDLfh46SQ01Eqh8z2ONuVtx1K6vuoZn/wWH0XzlfAGbFNohPQYpaEQ5uQG1XAEsG
as08iNEnam+Xp2qfl8IwbtOEzQZ0/4ThFN7G1DofnG90Xu3/9dwSi1e4iNa73FHR
PgVa/r2dvBx+4bbvC1bZn9bijkv6dDs3bnoEa26cEqQri0gWuNyUlKpuKUUVs8wp
Oq9L420bbBPrVgv5+X6SpG86TlUTEPUMWOUgxnGl7TK2is3Hlbr+cs+ZTGT5V/kE
oJtcJwdOhH9ERHZgL8rPcntF1xP4Gx+/mT1T9YgnvYez6DKbZF1+eHea5BfHq35a
+zdN7YQ=
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:07:49 2025 by rpki-client