Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/F-ex4YSMwZWRlDqi0lboAC-57e4.roa
File: F-ex4YSMwZWRlDqi0lboAC-57e4.roa (raw, json)
Hash identifier: KLfsy9giQ+JQPtL39ozeUmuTPlERJzd7etQHgRjMQ78=
Subject key identifier: 17:E7:B1:E1:84:8C:C1:95:91:94:3A:A2:D2:56:E8:00:2F:B9:ED:EE
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0195FF6C69E51B05397D4FB35CBB3251A3A2
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/F-ex4YSMwZWRlDqi0lboAC-57e4.roa
Signing time: Fri 04 Apr 2025 06:10:49 +0000
ROA not before: Fri 04 Apr 2025 06:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.139.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:6c:69:e5:1b:05:39:7d:4f:b3:5c:bb:32:51:a3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Apr 4 06:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17e7b1e1848cc19591943aa2d256e8002fb9edee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:84:cd:9b:fe:93:cc:6c:7f:1a:fd:04:f5:8c:
48:5d:89:fd:bd:b8:96:26:02:f5:98:da:0a:3b:52:
61:95:5c:0d:97:2c:8b:b6:fe:7d:5f:5b:08:75:1a:
52:70:a5:bc:64:f3:33:da:9b:24:35:94:7a:a4:1b:
1b:8d:6a:de:0d:69:33:46:86:f1:0f:38:d5:e8:3b:
df:e7:c1:60:8a:d0:4e:81:2e:e0:1d:17:fd:87:05:
02:56:10:be:e4:b1:22:f0:38:1c:33:9e:6e:44:0e:
5a:bb:1a:24:0e:83:75:11:f9:92:db:57:a8:98:b5:
bc:b2:90:93:f4:08:db:6a:ba:2b:d2:ea:61:64:23:
80:18:53:18:f1:27:f2:a0:1b:d3:97:76:0b:e2:b7:
89:68:e3:49:29:02:c0:3e:b5:ea:9b:37:a4:dd:9d:
61:8e:73:fa:df:18:ae:ba:eb:09:ff:b0:39:a6:3a:
14:b0:3a:f5:f2:2f:ad:31:e6:e9:0f:b3:2c:7e:5e:
49:0c:45:60:18:44:8d:56:66:23:ce:8a:f6:d2:4f:
d9:1e:14:71:e4:7f:c5:25:77:6a:c4:70:d6:5f:d9:
9e:ce:7a:01:22:41:59:96:d4:51:e9:12:31:3d:5f:
29:00:03:43:8d:59:3c:88:8d:30:7d:4c:52:39:67:
93:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E7:B1:E1:84:8C:C1:95:91:94:3A:A2:D2:56:E8:00:2F:B9:ED:EE
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/F-ex4YSMwZWRlDqi0lboAC-57e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.68.0/23
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
70:d2:ed:03:c6:55:69:5d:d3:78:b7:6b:b0:c9:ac:cb:76:d8:
fe:10:49:69:0e:41:af:a9:0f:26:27:21:48:b3:95:94:79:f8:
bb:20:71:3c:57:a9:5c:bf:7e:d5:f5:bc:29:50:e1:a8:16:bb:
b9:8b:56:b9:43:92:8c:4b:94:d8:1c:f2:2d:99:62:64:e3:24:
cf:25:65:b2:b2:38:ac:a5:a0:bf:81:bb:a2:ee:ba:1d:fb:e3:
80:6b:b0:6b:57:75:68:65:f5:05:38:b0:69:ae:d3:cf:b6:b9:
1d:12:e1:8a:57:9a:55:b6:9c:24:71:2b:58:eb:3b:29:ca:b3:
32:b1:e5:aa:da:3d:d1:c2:fb:12:d7:91:19:ed:d0:be:33:72:
60:ad:ec:f0:4b:91:7c:3b:8f:bf:f9:34:b1:a4:46:fe:6b:bb:
f9:e5:ae:cc:8b:07:4f:63:92:0c:75:60:86:74:d6:9d:15:b5:
1c:31:32:ad:2e:e7:14:43:a2:1e:be:74:1e:d5:f3:c6:01:5a:
59:33:93:e2:12:17:90:19:36:ba:ca:da:40:4a:95:3e:9e:85:
3b:78:40:15:89:29:74:d5:61:b6:77:e9:71:0c:0d:b0:c8:a4:
61:13:80:7d:c8:7f:2f:7c:34:e2:d6:a4:05:57:a1:e1:f0:82:
1a:c9:04:ee
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZX/bGnlGwU5fU+zXLsyUaOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwNDA0MDYxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2U3YjFlMTg0OGNjMTk1OTE5NDNhYTJkMjU2ZTgwMDJmYjllZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YTNm/6TzGx/Gv0E9YxIXYn9vbiW
JgL1mNoKO1JhlVwNlyyLtv59X1sIdRpScKW8ZPMz2pskNZR6pBsbjWreDWkzRobx
DzjV6Dvf58FgitBOgS7gHRf9hwUCVhC+5LEi8DgcM55uRA5auxokDoN1EfmS21eo
mLW8spCT9Ajbaror0uphZCOAGFMY8SfyoBvTl3YL4reJaONJKQLAPrXqmzek3Z1h
jnP63xiuuusJ/7A5pjoUsDr18i+tMebpD7Msfl5JDEVgGESNVmYjzor20k/ZHhRx
5H/FJXdqxHDWX9meznoBIkFZltRR6RIxPV8pAANDjVk8iI0wfUxSOWeTNQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFBfnseGEjMGVkZQ6otJW6AAvue3uMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvRi1leDRZU013WldSbERxaTBsYm9BQy01N2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAxBAIAATArAwQCW8SIAwQB
XbNEAwQAXbN4AwUHX1VTgAMEAF+11QMEAG3EhQMEAMO2CDAUBAIAAjAOAwUBKgSG
gAMFACoJ1cAwDQYJKoZIhvcNAQELBQADggEBAHDS7QPGVWld03i3a7DJrMt22P4Q
SWkOQa+pDyYnIUizlZR5+LsgcTxXqVy/ftX1vClQ4agWu7mLVrlDkoxLlNgc8i2Z
YmTjJM8lZbKyOKyloL+Bu6Luuh3744BrsGtXdWhl9QU4sGmu08+2uR0S4YpXmlW2
nCRxK1jrOynKszKx5araPdHC+xLXkRnt0L4zcmCt7PBLkXw7j7/5NLGkRv5ru/nl
rsyLB09jkgx1YIZ01p0VtRwxMq0u5xRDoh6+dB7V88YBWlkzk+ISF5AZNrrK2kBK
lT6ehTt4QBWJKXTVYbZ36XEMDbDIpGETgH3Ify98NOLWpAVXoeHwghrJBO4=
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:59:15 2025 by rpki-client