Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/5lxNCVmtG-eGQDzqS31HH90R7gQ.roa
File: 5lxNCVmtG-eGQDzqS31HH90R7gQ.roa (raw, json)
Hash identifier: UMFun1XpckbWJBcsjucwYOiUnMjxn3AfVM2MpuImkbQ=
Subject key identifier: E6:5C:4D:09:59:AD:1B:E7:86:40:3C:EA:4B:7D:47:1F:DD:11:EE:04
Certificate issuer: /CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Certificate serial: 019635736EC313A7DE417959E9FEFC5DC80E
Authority key identifier: E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/5lxNCVmtG-eGQDzqS31HH90R7gQ.roa
Signing time: Mon 14 Apr 2025 17:57:59 +0000
ROA not before: Mon 14 Apr 2025 17:57:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205800
IP address blocks: 185.140.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/53OduQwc6YQx3zSKE3blOsbgUjw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/53OduQwc6YQx3zSKE3blOsbgUjw.mft
rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 05:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:35:73:6e:c3:13:a7:de:41:79:59:e9:fe:fc:5d:c8:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7739db90c1ce98431df348a1376e53ac6e0523c
Validity
Not Before: Apr 14 17:57:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e65c4d0959ad1be786403cea4b7d471fdd11ee04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8f:2d:ad:18:d1:27:5b:d8:08:10:60:7c:54:
86:c0:be:61:51:87:2a:b8:fa:54:86:5a:d7:6e:e3:
1f:67:06:01:1e:d4:38:67:0b:7b:f3:31:0b:14:21:
9c:a6:3f:dc:a5:46:2f:10:bf:33:d2:bd:c0:cc:09:
2e:c0:e1:82:be:fb:01:16:bc:4e:97:93:48:88:c9:
65:e8:f8:9e:aa:af:2a:18:e6:7d:48:3f:7d:c0:7d:
7a:e6:8f:02:63:4e:9a:79:83:cc:16:9c:d1:d3:95:
14:e6:6e:16:60:23:ec:79:b5:04:7c:84:77:58:54:
11:74:82:42:29:44:bb:ce:b5:18:68:76:18:37:8c:
17:a4:65:d5:f8:71:be:33:ee:b4:8e:eb:a7:80:6b:
2f:eb:ad:d9:e7:1a:93:a5:05:dc:9c:89:9d:ec:65:
9d:46:f0:73:aa:2d:05:01:be:ff:ad:8d:a1:dd:71:
30:bf:c2:f2:e1:0c:c2:df:2a:b6:3b:04:94:af:10:
de:66:31:41:cb:7a:83:78:4a:5b:9c:8c:3e:24:ce:
9f:11:8d:8f:e0:e7:b5:2b:50:9b:3b:7c:34:e3:1d:
39:6e:e4:20:65:84:67:bb:9c:f8:79:65:d1:69:c5:
33:ae:0a:f5:9f:07:6d:8e:c2:7c:b4:8c:57:2f:28:
02:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:5C:4D:09:59:AD:1B:E7:86:40:3C:EA:4B:7D:47:1F:DD:11:EE:04
X509v3 Authority Key Identifier:
keyid:E7:73:9D:B9:0C:1C:E9:84:31:DF:34:8A:13:76:E5:3A:C6:E0:52:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53OduQwc6YQx3zSKE3blOsbgUjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/5lxNCVmtG-eGQDzqS31HH90R7gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/547034-395c-43f0-a34c-19428f92c1cc/1/53OduQwc6YQx3zSKE3blOsbgUjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f2:67:86:44:5c:d0:bb:73:e3:00:5b:20:f5:5d:b7:64:b2:
d9:71:4c:b1:1d:59:4d:1a:aa:d1:b4:3a:70:90:4d:38:a3:6d:
4e:e1:7d:82:0e:ab:68:0e:d8:59:c5:a0:68:df:17:5c:f7:d3:
f6:98:ec:e0:b4:66:fe:e6:a6:ae:61:ca:d6:31:a0:11:bf:6c:
6d:1c:0f:48:64:50:28:45:14:b3:82:dd:07:7b:c2:cf:33:00:
a6:7e:27:1b:dd:a9:ac:89:8b:3b:1e:ad:98:3d:9e:9b:41:ef:
9a:12:5a:19:60:2c:68:b4:01:56:ae:49:39:e6:c7:4b:e2:09:
2c:88:4e:7f:e3:5e:af:98:b3:f9:37:bb:cd:13:45:6d:59:f2:
47:09:4b:1e:65:b8:cc:db:63:ee:84:32:7d:5a:69:18:15:ef:
0c:4e:00:0d:42:03:73:ea:59:23:48:39:b9:05:9b:f7:16:67:
03:b1:9c:08:51:dd:d3:ab:ac:4b:75:4c:b2:71:07:b8:fd:a0:
84:85:10:ed:7d:3e:aa:8f:c2:e5:4c:c0:ea:e2:91:11:2e:35:
1e:5f:ea:22:5d:6e:b0:20:8e:b3:07:ab:c9:8c:4c:33:90:cc:
d3:73:8b:d0:cc:79:8f:f8:cb:a5:9e:c4:60:e8:14:42:f0:17:
fa:02:1d:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY1c27DE6feQXlZ6f78XcgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NzM5ZGI5MGMxY2U5ODQzMWRmMzQ4YTEzNzZlNTNhYzZl
MDUyM2MwHhcNMjUwNDE0MTc1NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjVjNGQwOTU5YWQxYmU3ODY0MDNjZWE0YjdkNDcxZmRkMTFlZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I8trRjRJ1vYCBBgfFSGwL5hUYcq
uPpUhlrXbuMfZwYBHtQ4Zwt78zELFCGcpj/cpUYvEL8z0r3AzAkuwOGCvvsBFrxO
l5NIiMll6Pieqq8qGOZ9SD99wH165o8CY06aeYPMFpzR05UU5m4WYCPsebUEfIR3
WFQRdIJCKUS7zrUYaHYYN4wXpGXV+HG+M+60juungGsv663Z5xqTpQXcnImd7GWd
RvBzqi0FAb7/rY2h3XEwv8Ly4QzC3yq2OwSUrxDeZjFBy3qDeEpbnIw+JM6fEY2P
4Oe1K1CbO3w04x05buQgZYRnu5z4eWXRacUzrgr1nwdtjsJ8tIxXLygCYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZcTQlZrRvnhkA86kt9Rx/dEe4EMB8GA1UdIwQY
MBaAFOdznbkMHOmEMd80ihN25TrG4FI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMt
MTk0MjhmOTJjMWNjLzEvNWx4TkNWbXRHLWVHUUR6cVMzMUhIOTBSN2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC81NDcwMzQtMzk1Yy00M2YwLWEzNGMtMTk0MjhmOTJjMWNj
LzEvNTNPZHVRd2M2WVF4M3pTS0UzYmxPc2JnVWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYzDMA0G
CSqGSIb3DQEBCwUAA4IBAQB/8meGRFzQu3PjAFsg9V23ZLLZcUyxHVlNGqrRtDpw
kE04o21O4X2CDqtoDthZxaBo3xdc99P2mOzgtGb+5qauYcrWMaARv2xtHA9IZFAo
RRSzgt0He8LPMwCmficb3amsiYs7Hq2YPZ6bQe+aEloZYCxotAFWrkk55sdL4gks
iE5/416vmLP5N7vNE0VtWfJHCUseZbjM22PuhDJ9WmkYFe8MTgANQgNz6lkjSDm5
BZv3FmcDsZwIUd3Tq6xLdUyycQe4/aCEhRDtfT6qj8LlTMDq4pERLjUeX+oiXW6w
II6zB6vJjEwzkMzTc4vQzHmP+MulnsRg6BRC8Bf6Ah10
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:23:45 2025 by rpki-client