Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/gAxY9Ai19tPf64T_-1A45_M9JAg.roa
File: gAxY9Ai19tPf64T_-1A45_M9JAg.roa (raw, json)
Hash identifier: F3XDSdZIZGfT9wqUqiwTGUU5laJ9L91bgQ43nfMk4G4=
Subject key identifier: 80:0C:58:F4:08:B5:F6:D3:DF:EB:84:FF:FB:50:38:E7:F3:3D:24:08
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 0196F7428878D8A6740B29132974B184A2E4
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/gAxY9Ai19tPf64T_-1A45_M9JAg.roa
Signing time: Thu 22 May 2025 09:10:54 +0000
ROA not before: Thu 22 May 2025 09:10:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 84.37.58.0/23 maxlen: 24
84.37.74.0/23 maxlen: 24
84.37.78.0/23 maxlen: 24
84.37.90.0/23 maxlen: 24
84.37.94.0/23 maxlen: 24
84.37.102.0/23 maxlen: 24
84.37.130.0/23 maxlen: 24
84.37.150.0/23 maxlen: 24
84.37.154.0/23 maxlen: 24
84.37.158.0/23 maxlen: 24
84.37.162.0/23 maxlen: 24
84.37.166.0/23 maxlen: 24
84.37.170.0/23 maxlen: 24
84.37.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:42:88:78:d8:a6:74:0b:29:13:29:74:b1:84:a2:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: May 22 09:10:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=800c58f408b5f6d3dfeb84fffb5038e7f33d2408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:45:20:cd:2c:c4:dd:a6:8a:78:43:7d:33:8f:
05:3f:98:82:97:10:4e:5d:62:6c:be:d1:12:0e:b4:
d5:03:43:2e:26:97:ab:47:53:62:e9:d5:f2:f4:cd:
67:f3:94:f9:fb:33:b9:50:c3:1d:19:1c:82:32:8f:
b3:5e:f2:f8:6a:56:16:5c:58:a1:3a:cb:3c:be:8f:
46:7d:90:1e:56:c1:ce:2f:bb:47:41:4c:d3:0c:bc:
ab:b3:3c:0e:a2:07:44:6a:a3:ad:c4:9a:8c:78:5a:
00:da:8d:11:8b:bb:ba:9b:25:d8:ff:4d:9b:ca:ec:
4b:7f:d2:bb:d1:05:02:12:61:e7:de:df:c6:00:3d:
56:e8:1c:d3:56:fd:10:fc:30:33:50:ce:8f:32:db:
c8:e5:7a:51:53:63:4e:1d:c3:81:c7:49:86:68:fa:
12:4e:1b:86:f0:78:6e:8c:30:96:35:6f:b0:71:a1:
17:df:37:50:38:2b:2a:8f:2b:3f:cd:43:3b:11:20:
ba:3d:63:31:e6:fc:74:e4:3b:3e:a8:47:41:95:62:
f4:2d:4b:41:09:15:59:40:be:1f:4e:ec:8b:63:83:
a9:1e:ab:77:1f:82:9a:b1:18:f8:ba:8c:a0:cf:a9:
c8:35:fd:5f:74:e0:a4:32:ff:1c:6d:ad:11:16:73:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0C:58:F4:08:B5:F6:D3:DF:EB:84:FF:FB:50:38:E7:F3:3D:24:08
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/gAxY9Ai19tPf64T_-1A45_M9JAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.37.58.0/23
84.37.74.0/23
84.37.78.0/23
84.37.90.0/23
84.37.94.0/23
84.37.102.0/23
84.37.130.0/23
84.37.150.0/23
84.37.154.0/23
84.37.158.0/23
84.37.162.0/23
84.37.166.0/23
84.37.170.0/23
84.37.174.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:c1:97:98:c9:5e:aa:df:1d:08:b7:aa:c7:21:fa:f9:3f:f9:
32:92:de:ca:a6:d3:35:01:1d:5d:af:91:2c:be:5a:5d:c9:df:
91:52:54:7f:67:8d:08:f4:6d:99:f9:c3:94:0b:fd:be:00:eb:
e5:93:c8:bd:45:07:d0:31:1b:98:87:00:0d:d8:5d:9c:93:3b:
a1:61:05:2f:5e:07:b6:e8:eb:d7:4b:7e:38:c0:9c:80:1f:ee:
a1:5e:a0:49:aa:22:f6:63:84:9e:f9:fc:f0:20:c4:aa:60:ba:
c3:e0:b2:7b:26:06:08:94:a8:40:ea:a0:bf:71:6e:5c:fc:11:
42:75:d4:82:a8:1b:ac:a3:0a:9e:94:51:f7:82:0a:af:38:65:
7f:46:f0:64:f1:5f:14:0a:c2:cb:3c:c2:ca:e3:ad:f4:cc:15:
47:e7:ad:c5:3f:c7:d3:f1:15:6c:a2:c7:ce:50:d2:17:12:4f:
42:38:ec:4b:06:4f:b0:38:3b:53:8e:3a:64:28:26:3c:d2:7d:
d4:be:9f:84:00:31:a6:ad:de:02:db:be:f3:1d:4d:ab:22:84:
b5:13:48:85:1e:f4:6d:e8:47:f5:8f:d6:ef:dc:ca:3f:f5:2a:
88:d3:4d:72:21:07:ea:5f:27:a7:91:20:07:c8:0d:24:44:0b:
ea:58:d1:4c
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZb3Qoh42KZ0CykTKXSxhKLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwNTIyMDkxMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBjNThmNDA4YjVmNmQzZGZlYjg0ZmZmYjUwMzhlN2YzM2QyNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEUgzSzE3aaKeEN9M48FP5iClxBO
XWJsvtESDrTVA0MuJperR1Ni6dXy9M1n85T5+zO5UMMdGRyCMo+zXvL4alYWXFih
Oss8vo9GfZAeVsHOL7tHQUzTDLyrszwOogdEaqOtxJqMeFoA2o0Ri7u6myXY/02b
yuxLf9K70QUCEmHn3t/GAD1W6BzTVv0Q/DAzUM6PMtvI5XpRU2NOHcOBx0mGaPoS
ThuG8HhujDCWNW+wcaEX3zdQOCsqjys/zUM7ESC6PWMx5vx05Ds+qEdBlWL0LUtB
CRVZQL4fTuyLY4OpHqt3H4KasRj4uoygz6nINf1fdOCkMv8cba0RFnMzZwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFIAMWPQItfbT3+uE//tQOOfzPSQIMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvZ0F4WTlBaTE5dFBmNjRUXy0xQTQ1X005SkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBVCU6AwQB
VCVKAwQBVCVOAwQBVCVaAwQBVCVeAwQBVCVmAwQBVCWCAwQBVCWWAwQBVCWaAwQB
VCWeAwQBVCWiAwQBVCWmAwQBVCWqAwQBVCWuMA0GCSqGSIb3DQEBCwUAA4IBAQAd
wZeYyV6q3x0It6rHIfr5P/kykt7KptM1AR1dr5Esvlpdyd+RUlR/Z40I9G2Z+cOU
C/2+AOvlk8i9RQfQMRuYhwAN2F2ckzuhYQUvXge26OvXS344wJyAH+6hXqBJqiL2
Y4Se+fzwIMSqYLrD4LJ7JgYIlKhA6qC/cW5c/BFCddSCqBusowqelFH3ggqvOGV/
RvBk8V8UCsLLPMLK4630zBVH563FP8fT8RVsosfOUNIXEk9COOxLBk+wODtTjjpk
KCY80n3Uvp+EADGmrd4C277zHU2rIoS1E0iFHvRt6Ef1j9bv3Mo/9SqI001yIQfq
XyenkSAHyA0kRAvqWNFM
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:22:21 2025 by rpki-client