Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5VEZ7JcFmXiaWyk5RVHAojQYYGI.roa
File: 5VEZ7JcFmXiaWyk5RVHAojQYYGI.roa (raw, json)
Hash identifier: 3yUSESCkJd78E2LmJL5uepnC54miAABRgJPm19V647o=
Subject key identifier: E5:51:19:EC:97:05:99:78:9A:5B:29:39:45:51:C0:A2:34:18:60:62
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 019426D9E5EB52E2C54DCD0245008EEA1F2C
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5VEZ7JcFmXiaWyk5RVHAojQYYGI.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202613
IP address blocks: 83.136.104.0/23 maxlen: 24
83.136.110.0/23 maxlen: 24
185.8.196.0/22 maxlen: 24
2a02:29e1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e5:eb:52:e2:c5:4d:cd:02:45:00:8e:ea:1f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e55119ec970599789a5b29394551c0a234186062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e7:2b:94:2e:10:c9:54:bb:b6:c8:3f:9a:cf:
fa:ab:14:cd:4f:05:60:15:34:de:2f:08:6c:bc:0d:
e8:3d:ed:ca:82:83:39:25:bf:a4:1b:1e:a8:e7:e0:
ae:62:03:24:b0:12:3d:83:79:10:7b:07:ff:5f:04:
f3:cc:57:8e:b9:93:26:e7:c6:e0:b6:e6:33:a2:15:
cf:78:e9:4f:7f:d0:22:23:8a:5d:38:7b:7e:3c:75:
7e:ee:b5:07:18:57:cb:0e:ad:06:6d:71:ed:9e:75:
66:84:26:e8:22:af:5d:25:2d:7a:cc:89:6b:19:a6:
63:60:6d:34:cc:1b:f1:60:c3:a7:d4:4c:3c:3e:86:
af:c4:23:ab:bb:06:bf:81:db:5b:a6:e8:06:de:7e:
3d:3c:5a:7a:10:35:6f:6c:13:30:4f:e3:3c:82:e0:
26:6e:02:fb:54:1d:e5:fd:b4:42:53:78:85:b4:aa:
4f:ec:50:8b:e9:44:84:2a:a7:d0:d7:32:0e:0f:bb:
fb:f2:fc:83:a8:07:bb:86:5c:fe:3a:af:85:d8:1f:
93:6d:95:bd:2e:b7:82:9a:c4:37:fb:94:dc:ee:95:
66:16:02:13:b0:e2:a7:04:29:bf:b1:13:86:e1:57:
b8:4b:44:46:06:16:56:28:bb:9f:2d:49:bb:1d:fa:
d3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:51:19:EC:97:05:99:78:9A:5B:29:39:45:51:C0:A2:34:18:60:62
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5VEZ7JcFmXiaWyk5RVHAojQYYGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/23
83.136.110.0/23
185.8.196.0/22
IPv6:
2a02:29e1::/32
Signature Algorithm: sha256WithRSAEncryption
9d:38:4d:fb:53:a5:12:9e:49:97:ac:74:6f:af:3b:6b:7f:99:
66:23:39:8f:f9:78:87:2e:5d:c8:5c:ff:ae:01:45:a9:7a:69:
56:52:09:ff:f9:30:35:ab:27:50:16:de:ae:4d:a7:a4:a0:43:
0b:80:55:6d:dd:9c:c3:0e:e4:0b:26:db:dc:ba:d7:2d:a4:98:
08:76:64:b7:9c:21:cc:17:37:66:48:10:57:90:cc:85:a0:9f:
0c:86:5b:b3:2d:40:43:47:05:bb:cc:68:ab:4a:37:07:4b:4c:
2f:d0:63:d4:fa:41:ca:b0:cb:b5:77:48:e5:78:c1:1a:13:03:
f3:49:c5:14:36:cf:69:96:dd:7a:ad:4b:04:1a:63:b3:b2:d8:
23:2c:07:8a:8d:11:7b:4c:92:4c:37:fd:f1:1b:9f:e8:b5:05:
c2:bf:b8:a3:b6:b3:e3:d8:cf:35:a8:b5:2e:04:ec:cc:b9:cb:
25:71:ef:f6:fd:c0:a4:9d:6e:ed:52:07:ae:61:fc:12:5f:1b:
2e:8a:9f:5e:ea:43:e3:8f:e1:c4:65:01:df:5e:58:29:41:a4:
28:16:93:32:dc:22:86:d9:d9:7a:f4:af:8f:8b:66:cb:2c:a3:
cc:77:e6:b7:de:d1:d8:d7:46:5c:83:ac:d8:bc:22:c5:ce:da:
e0:0a:bb:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQm2eXrUuLFTc0CRQCO6h8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTUxMTllYzk3MDU5OTc4OWE1YjI5Mzk0NTUxYzBhMjM0MTg2MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtucrlC4QyVS7tsg/ms/6qxTNTwVg
FTTeLwhsvA3oPe3KgoM5Jb+kGx6o5+CuYgMksBI9g3kQewf/XwTzzFeOuZMm58bg
tuYzohXPeOlPf9AiI4pdOHt+PHV+7rUHGFfLDq0GbXHtnnVmhCboIq9dJS16zIlr
GaZjYG00zBvxYMOn1Ew8PoavxCOruwa/gdtbpugG3n49PFp6EDVvbBMwT+M8guAm
bgL7VB3l/bRCU3iFtKpP7FCL6USEKqfQ1zIOD7v78vyDqAe7hlz+Oq+F2B+TbZW9
LreCmsQ3+5Tc7pVmFgITsOKnBCm/sROG4Ve4S0RGBhZWKLufLUm7HfrTjwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOVRGeyXBZl4mlspOUVRwKI0GGBiMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvNVZFWjdKY0ZtWGlhV3lrNVJWSEFvalFZWUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBU4hoAwQB
U4huAwQCuQjEMA0EAgACMAcDBQAqAinhMA0GCSqGSIb3DQEBCwUAA4IBAQCdOE37
U6USnkmXrHRvrztrf5lmIzmP+XiHLl3IXP+uAUWpemlWUgn/+TA1qydQFt6uTaek
oEMLgFVt3ZzDDuQLJtvcutctpJgIdmS3nCHMFzdmSBBXkMyFoJ8MhluzLUBDRwW7
zGirSjcHS0wv0GPU+kHKsMu1d0jleMEaEwPzScUUNs9plt16rUsEGmOzstgjLAeK
jRF7TJJMN/3xG5/otQXCv7ijtrPj2M81qLUuBOzMucslce/2/cCknW7tUgeuYfwS
Xxsuip9e6kPjj+HEZQHfXlgpQaQoFpMy3CKG2dl69K+Pi2bLLKPMd+a33tHY10Zc
g6zYvCLFztrgCrtl
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:26:25 2025 by rpki-client