Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5d1Rsk4FP5GLfjvT0EmBWD5qTow.roa
File: 5d1Rsk4FP5GLfjvT0EmBWD5qTow.roa (raw, json)
Hash identifier: NqA84KX0Y0A9uS0K8Q/J20+otaYRcSGIUSuIKX3VI7s=
Subject key identifier: E5:DD:51:B2:4E:05:3F:91:8B:7E:3B:D3:D0:49:81:58:3E:6A:4E:8C
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 01957C42145151D2B36CB6C8F0158817CFB0
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5d1Rsk4FP5GLfjvT0EmBWD5qTow.roa
Signing time: Sun 09 Mar 2025 18:54:19 +0000
ROA not before: Sun 09 Mar 2025 18:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.48.0/24 maxlen: 32
91.241.49.0/24 maxlen: 32
91.241.50.0/24 maxlen: 32
91.241.51.0/24 maxlen: 32
194.5.236.0/24 maxlen: 32
194.5.237.0/24 maxlen: 32
2a00:7544::/32 maxlen: 32
2a00:7545::/32 maxlen: 32
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7c:42:14:51:51:d2:b3:6c:b6:c8:f0:15:88:17:cf:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Mar 9 18:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5dd51b24e053f918b7e3bd3d04981583e6a4e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a1:a0:87:32:a6:3b:fb:b7:f9:68:1b:99:1d:
c7:8e:3e:59:f5:cd:8c:c8:71:de:9b:bf:fe:92:20:
8d:20:b8:2a:fa:74:dd:7b:16:a6:45:74:68:ed:43:
83:1b:60:73:05:26:68:ad:a1:ba:33:1b:58:50:15:
18:4e:bf:78:88:3e:5f:4a:0e:1b:ce:72:d7:a3:48:
41:eb:c0:9e:f3:df:39:07:94:a4:9e:80:32:93:4b:
b7:b3:08:a6:97:96:b7:b5:59:06:5c:64:32:47:35:
fd:e5:47:c8:e2:92:34:3a:a4:7d:3f:0a:26:03:cf:
6a:bd:0c:c2:d1:dc:f9:85:16:6d:d8:57:75:a0:5e:
b7:8d:42:dc:4f:4e:79:85:74:75:08:1d:0d:55:7e:
c9:31:8d:d4:bb:c4:64:4d:d6:24:73:44:89:3b:a8:
2c:91:38:82:8e:4a:38:c1:3f:8a:98:ef:bc:99:c3:
0f:11:b7:f4:ea:fb:6a:9b:cf:47:28:60:e2:59:94:
81:fa:95:16:18:94:31:7c:84:2a:f7:94:7b:ed:b1:
27:c5:d3:6f:1d:29:06:8e:1f:a1:aa:a3:e6:bb:f3:
49:29:02:fb:82:6d:04:f9:0a:a1:96:85:39:ad:09:
31:8d:a2:3f:a4:1c:2b:b7:15:1a:77:c9:7a:88:6c:
94:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DD:51:B2:4E:05:3F:91:8B:7E:3B:D3:D0:49:81:58:3E:6A:4E:8C
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5d1Rsk4FP5GLfjvT0EmBWD5qTow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/22
194.5.236.0/23
IPv6:
2a00:7544::/31
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
14:eb:c6:df:e6:4a:2a:bb:ef:6d:9d:cb:f1:35:4b:d7:ec:65:
40:c4:d3:df:57:6a:07:67:17:9a:73:ec:a9:78:d6:c1:e5:2e:
e4:1a:50:ba:50:11:4c:bb:93:72:f4:74:f4:4f:cf:14:de:f0:
e1:82:bd:a0:c1:f4:dc:99:3b:71:c2:3c:ec:0a:d7:c6:68:c4:
4f:8e:d1:25:3e:92:73:4a:f5:be:51:eb:2c:1c:fd:6c:45:c8:
c0:db:47:e8:47:45:6c:a4:af:ce:53:f7:a8:24:d8:e2:d1:ab:
5b:ff:ce:ae:47:59:8c:e8:ec:03:0e:07:df:df:e7:4e:ab:df:
57:62:fc:22:b6:e0:8d:ae:36:c2:eb:6b:d5:9c:2d:f6:75:7a:
22:2a:ae:bf:56:7c:20:9e:51:64:79:6e:9e:8c:dc:40:55:46:
f4:97:b1:56:39:43:11:1a:12:27:b2:7f:36:89:a7:88:f8:db:
ed:ee:81:ec:fb:50:1a:34:7c:c2:d8:83:08:07:56:17:67:1e:
9a:38:a8:33:6e:ce:06:da:f0:64:de:ab:0e:88:ab:47:3b:c1:
47:ea:ea:6c:97:5b:9c:75:45:a2:13:c3:b2:69:be:7d:0a:85:
0e:f5:25:cb:c8:09:44:a1:c4:52:84:54:81:e3:1c:ac:3d:f9:
39:f8:e3:9e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZV8QhRRUdKzbLbI8BWIF8+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjUwMzA5MTg1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRkNTFiMjRlMDUzZjkxOGI3ZTNiZDNkMDQ5ODE1ODNlNmE0ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6GghzKmO/u3+WgbmR3Hjj5Z9c2M
yHHem7/+kiCNILgq+nTdexamRXRo7UODG2BzBSZoraG6MxtYUBUYTr94iD5fSg4b
znLXo0hB68Ce8985B5SknoAyk0u3swiml5a3tVkGXGQyRzX95UfI4pI0OqR9Pwom
A89qvQzC0dz5hRZt2Fd1oF63jULcT055hXR1CB0NVX7JMY3Uu8RkTdYkc0SJO6gs
kTiCjko4wT+KmO+8mcMPEbf06vtqm89HKGDiWZSB+pUWGJQxfIQq95R77bEnxdNv
HSkGjh+hqqPmu/NJKQL7gm0E+QqhloU5rQkxjaI/pBwrtxUad8l6iGyUcQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOXdUbJOBT+Ri34709BJgVg+ak6MMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvNWQxUnNrNEZQNUdMZmp2VDBFbUJXRDVxVG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW/EwAwQB
wgXsMBQEAgACMA4DBQEqAHVEAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAFOvG
3+ZKKrvvbZ3L8TVL1+xlQMTT31dqB2cXmnPsqXjWweUu5BpQulARTLuTcvR09E/P
FN7w4YK9oMH03Jk7ccI87ArXxmjET47RJT6Sc0r1vlHrLBz9bEXIwNtH6EdFbKSv
zlP3qCTY4tGrW//OrkdZjOjsAw4H39/nTqvfV2L8Irbgja42wutr1Zwt9nV6Iiqu
v1Z8IJ5RZHlunozcQFVG9JexVjlDERoSJ7J/NomniPjb7e6B7PtQGjR8wtiDCAdW
F2cemjioM27OBtrwZN6rDoirRzvBR+rqbJdbnHVFohPDsmm+fQqFDvUly8gJRKHE
UoRUgeMcrD35Ofjjng==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:46:41 2025 by rpki-client