Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/G7Gj-wNHQ4f1McLnqLZ1qzcaJ3Q.roa
File: G7Gj-wNHQ4f1McLnqLZ1qzcaJ3Q.roa (raw, json)
Hash identifier: a3cjYcM4+KPGd8Ub1jI8tlRifmfOnBjLF0b8hwTZjiw=
Subject key identifier: 1B:B1:A3:FB:03:47:43:87:F5:31:C2:E7:A8:B6:75:AB:37:1A:27:74
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0194258FA2DC6C194D7F9BE02B9E3EC7740D
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/G7Gj-wNHQ4f1McLnqLZ1qzcaJ3Q.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56466
IP address blocks: 5.200.64.0/19 maxlen: 24
5.200.80.0/20 maxlen: 20
31.24.200.0/21 maxlen: 21
87.247.179.0/24 maxlen: 24
89.235.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a2:dc:6c:19:4d:7f:9b:e0:2b:9e:3e:c7:74:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bb1a3fb03474387f531c2e7a8b675ab371a2774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:8b:f0:57:14:ab:85:06:20:d4:99:f0:25:
0b:c2:cc:a9:3e:09:fd:04:77:5b:bf:53:c4:32:84:
0e:86:62:3d:3c:83:d9:cc:5d:83:e4:55:d2:f4:ec:
d8:d3:03:cb:4a:1a:3f:4f:79:fe:71:b3:2a:61:a5:
47:8a:1a:e6:d1:c9:3a:9a:f4:00:75:95:b7:db:09:
22:ad:d8:89:f9:68:51:81:4b:6d:79:30:71:7b:31:
b4:6f:a4:b7:e9:83:d9:81:f4:62:ca:d8:08:22:49:
43:00:bf:9e:fd:a4:4d:ba:63:28:79:a0:80:3f:81:
9b:d6:c9:9a:60:b6:7f:73:6b:c4:23:43:1d:51:50:
26:29:74:a7:f0:e8:06:72:af:05:ec:69:f6:1d:39:
23:63:60:af:fc:c2:0a:dc:d8:11:f3:f2:5c:d7:66:
44:b6:d9:f3:3f:63:f5:1e:de:40:b0:0f:b5:ab:99:
fd:c2:22:3a:80:b1:f2:f2:74:ed:24:95:e6:ef:bb:
ee:95:0b:05:7d:84:70:d2:18:1f:37:d1:cd:73:4a:
1b:68:00:05:94:d0:5a:be:18:a0:b6:25:83:01:ee:
0b:94:95:83:08:6b:87:77:56:84:83:80:ad:ed:6f:
11:a0:ba:54:9d:66:2f:f9:9d:70:ca:90:7c:1b:b9:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B1:A3:FB:03:47:43:87:F5:31:C2:E7:A8:B6:75:AB:37:1A:27:74
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/G7Gj-wNHQ4f1McLnqLZ1qzcaJ3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.64.0/19
31.24.200.0/21
87.247.179.0/24
89.235.77.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2f:a6:a9:d6:0a:03:5c:cc:4b:97:61:1e:36:0d:98:b6:57:
eb:db:1e:5a:54:9f:92:61:31:9a:c0:41:70:f3:49:aa:ce:a3:
6f:f8:28:ac:6f:e2:02:6f:f4:6e:2f:43:1d:cd:81:8c:c5:e2:
5e:67:8d:dd:0e:bf:86:35:93:09:32:0c:ef:c2:eb:a4:98:07:
8b:ed:3c:fa:a1:98:e5:a9:5e:81:f4:99:cc:cf:29:82:57:4d:
a5:21:0b:9c:b6:f3:05:31:04:e6:dc:e9:f4:b5:6a:fe:49:10:
76:6f:80:23:93:22:f9:ea:22:51:d4:2b:70:31:e3:63:ca:ae:
b2:43:f9:e9:03:5b:ef:2c:e8:69:bd:14:e0:41:98:41:84:c2:
98:cd:74:71:5e:15:51:e8:ae:7e:3a:db:65:07:94:8c:bc:b6:
cb:14:fd:37:fe:dc:02:ab:fb:da:b9:f7:82:6d:a5:27:93:1b:
09:0d:cf:36:c0:30:62:2a:f1:21:94:db:34:06:bc:84:06:0c:
0d:e0:fb:7b:eb:b8:6d:1e:eb:3f:d1:8f:dd:c3:96:2b:2b:c7:
35:56:a6:2d:f5:0a:39:0f:02:5f:26:b9:8b:d7:b3:09:0b:c0:
14:4d:cb:c2:c2:92:19:34:97:f8:e0:34:9a:af:97:44:22:45:
56:0a:3e:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj6LcbBlNf5vgK54+x3QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmIxYTNmYjAzNDc0Mzg3ZjUzMWMyZTdhOGI2NzVhYjM3MWEyNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixOL8FcUq4UGINSZ8CULwsypPgn9
BHdbv1PEMoQOhmI9PIPZzF2D5FXS9OzY0wPLSho/T3n+cbMqYaVHihrm0ck6mvQA
dZW32wkirdiJ+WhRgUtteTBxezG0b6S36YPZgfRiytgIIklDAL+e/aRNumMoeaCA
P4Gb1smaYLZ/c2vEI0MdUVAmKXSn8OgGcq8F7Gn2HTkjY2Cv/MIK3NgR8/Jc12ZE
ttnzP2P1Ht5AsA+1q5n9wiI6gLHy8nTtJJXm77vulQsFfYRw0hgfN9HNc0obaAAF
lNBavhigtiWDAe4LlJWDCGuHd1aEg4Ct7W8RoLpUnWYv+Z1wypB8G7n5NQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBuxo/sDR0OH9THC56i2das3Gid0MB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvRzdHai13TkhRNGYxTWNMbnFMWjFxemNhSjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFBchAAwQD
HxjIAwQAV/ezAwQAWetNMA0GCSqGSIb3DQEBCwUAA4IBAQB3L6ap1goDXMxLl2Ee
Ng2Ytlfr2x5aVJ+SYTGawEFw80mqzqNv+Cisb+ICb/RuL0MdzYGMxeJeZ43dDr+G
NZMJMgzvwuukmAeL7Tz6oZjlqV6B9JnMzymCV02lIQuctvMFMQTm3On0tWr+SRB2
b4AjkyL56iJR1CtwMeNjyq6yQ/npA1vvLOhpvRTgQZhBhMKYzXRxXhVR6K5+Ottl
B5SMvLbLFP03/twCq/vaufeCbaUnkxsJDc82wDBiKvEhlNs0BryEBgwN4Pt767ht
Hus/0Y/dw5YrK8c1VqYt9Qo5DwJfJrmL17MJC8AUTcvCwpIZNJf44DSar5dEIkVW
Cj4Y
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:49:56 2025 by rpki-client