Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/H_D-F9H9qkVTvnZv4CfQRltBb5w.roa
File: H_D-F9H9qkVTvnZv4CfQRltBb5w.roa (raw, json)
Hash identifier: PiMHHCzc4EPLDkYnKgKADo5O/sWTyR5QCsz73IjSeGQ=
Subject key identifier: 1F:F0:FE:17:D1:FD:AA:45:53:BE:76:6F:E0:27:D0:46:5B:41:6F:9C
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0196146D4E96546E0A321FE48599D8C4C778
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/H_D-F9H9qkVTvnZv4CfQRltBb5w.roa
Signing time: Tue 08 Apr 2025 08:03:49 +0000
ROA not before: Tue 08 Apr 2025 08:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.218.0/23 maxlen: 23
5.10.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 20:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:6d:4e:96:54:6e:0a:32:1f:e4:85:99:d8:c4:c7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Apr 8 08:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ff0fe17d1fdaa4553be766fe027d0465b416f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:83:26:14:d1:3f:d0:2d:fc:1e:1b:dc:68:14:
8b:cf:9e:ec:bd:65:02:2a:b4:32:28:dc:ab:02:42:
93:2e:ff:3e:f6:a8:89:2f:a0:78:20:e9:86:8e:a0:
1d:6d:6e:dd:65:d0:ad:8e:73:8c:ca:a4:a7:4c:e9:
8d:4c:87:71:04:de:15:39:1d:db:0f:7b:ba:ed:e3:
9c:de:bc:46:9d:e5:e4:3a:42:4c:8c:49:24:92:5c:
f5:40:0f:cc:53:50:93:99:91:69:00:7f:ed:ed:49:
71:35:8e:e3:4e:33:a1:72:25:47:ad:76:3e:34:2d:
cf:0e:0a:21:22:6d:08:51:11:f4:08:de:95:91:b2:
08:29:c9:35:42:39:1f:7a:85:a1:fa:e3:7b:59:bb:
f6:e8:b8:84:a2:c8:0f:ad:73:97:75:e5:3b:80:90:
f1:93:be:47:44:ad:f0:1d:71:58:7b:39:ea:2f:05:
84:7f:ab:31:3e:8c:b8:49:9c:24:c8:76:11:b0:02:
7a:bd:90:01:e7:49:dd:14:d3:68:89:b2:d7:ee:5d:
e0:88:52:4a:fd:9e:89:36:f7:da:cd:52:ea:16:cb:
24:e1:1e:ae:de:5f:e4:15:07:08:e3:32:4d:25:d4:
78:47:c6:ea:d9:df:3a:49:d5:7e:0d:8e:b7:40:87:
8b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F0:FE:17:D1:FD:AA:45:53:BE:76:6F:E0:27:D0:46:5B:41:6F:9C
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/H_D-F9H9qkVTvnZv4CfQRltBb5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/24
5.10.218.0/23
5.10.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:bc:27:65:19:6a:6b:59:fd:b9:a2:51:6f:64:20:c1:28:cd:
3d:bc:89:3c:aa:3b:5b:fb:b6:4b:33:2f:ea:b4:6e:50:f5:2c:
94:14:b0:4e:3e:db:95:01:59:75:7d:83:91:69:3a:23:75:fd:
64:02:c0:6f:83:09:97:f0:e3:2c:ef:d1:02:f7:69:b8:5c:e7:
dc:ac:ee:19:c0:22:e0:12:82:4c:b5:c0:22:07:4a:e0:86:4f:
79:3a:f7:65:bc:f6:a3:0c:8f:96:8b:6a:e7:a2:0a:bf:16:4e:
42:5d:02:f8:e2:56:d9:55:e5:84:f8:66:02:ee:e7:3e:5e:a5:
d9:5f:e4:a0:d4:5c:2a:27:80:d7:16:c6:17:b8:db:0a:40:ca:
f6:da:7e:76:3c:38:71:9f:10:c5:77:8a:a8:bd:b8:03:b0:0e:
07:13:7f:1e:82:a8:0c:00:d8:93:33:71:af:7a:d5:f9:65:ac:
b3:1d:ff:4d:fd:17:fc:76:0d:f4:bb:a9:0f:23:91:39:14:fc:
de:b0:6e:df:49:37:f1:9b:d5:9c:db:dd:ea:32:40:2f:73:bf:
3f:b0:6f:70:b9:23:d2:7a:4f:f9:15:22:f5:0a:b2:22:a5:78:
1e:52:01:be:cd:51:fb:9c:7c:6c:dd:95:45:c2:21:9b:85:e7:
9f:d7:01:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYUbU6WVG4KMh/khZnYxMd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNDA4MDgwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmYwZmUxN2QxZmRhYTQ1NTNiZTc2NmZlMDI3ZDA0NjViNDE2ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IMmFNE/0C38HhvcaBSLz57svWUC
KrQyKNyrAkKTLv8+9qiJL6B4IOmGjqAdbW7dZdCtjnOMyqSnTOmNTIdxBN4VOR3b
D3u67eOc3rxGneXkOkJMjEkkklz1QA/MU1CTmZFpAH/t7UlxNY7jTjOhciVHrXY+
NC3PDgohIm0IURH0CN6VkbIIKck1QjkfeoWh+uN7Wbv26LiEosgPrXOXdeU7gJDx
k75HRK3wHXFYeznqLwWEf6sxPoy4SZwkyHYRsAJ6vZAB50ndFNNoibLX7l3giFJK
/Z6JNvfazVLqFssk4R6u3l/kFQcI4zJNJdR4R8bq2d86SdV+DY63QIeLewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB/w/hfR/apFU752b+An0EZbQW+cMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvSF9ELUY5SDlxa1ZUdm5adjRDZlFSbHRCYjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQrUAwQB
BQraAwQABQrfMA0GCSqGSIb3DQEBCwUAA4IBAQAuvCdlGWprWf25olFvZCDBKM09
vIk8qjtb+7ZLMy/qtG5Q9SyUFLBOPtuVAVl1fYORaTojdf1kAsBvgwmX8OMs79EC
92m4XOfcrO4ZwCLgEoJMtcAiB0rghk95OvdlvPajDI+Wi2rnogq/Fk5CXQL44lbZ
VeWE+GYC7uc+XqXZX+Sg1FwqJ4DXFsYXuNsKQMr22n52PDhxnxDFd4qovbgDsA4H
E38egqgMANiTM3GvetX5ZayzHf9N/Rf8dg30u6kPI5E5FPzesG7fSTfxm9Wc293q
MkAvc78/sG9wuSPSek/5FSL1CrIipXgeUgG+zVH7nHxs3ZVFwiGbheef1wGY
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:40:18 2025 by rpki-client