Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/27thg2xR1ns9dxvQknh6OQz2HQE.roa
File: 27thg2xR1ns9dxvQknh6OQz2HQE.roa (raw, json)
Hash identifier: 8utEVwtgJM/87D9G8Lvp0Zap9PR/R1pmHN8nnbsDNS0=
Subject key identifier: DB:BB:61:83:6C:51:D6:7B:3D:77:1B:D0:92:78:7A:39:0C:F6:1D:01
Certificate issuer: /CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
Certificate serial: 019425FDB4B02028721C4A2DC51F7539FF28
Authority key identifier: 59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/27thg2xR1ns9dxvQknh6OQz2HQE.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3223
IP address blocks: 5.254.0.0/17 maxlen: 24
5.254.0.0/24 maxlen: 24
93.114.40.0/21 maxlen: 24
93.114.41.0/24 maxlen: 24
93.114.42.0/24 maxlen: 24
93.114.45.0/24 maxlen: 24
93.114.46.0/24 maxlen: 24
93.115.80.0/21 maxlen: 24
93.115.80.0/22 maxlen: 24
93.115.88.0/22 maxlen: 22
93.115.92.0/22 maxlen: 24
185.242.204.0/24 maxlen: 24
185.242.205.0/24 maxlen: 24
185.242.206.0/24 maxlen: 24
185.242.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/WXtExKeTHGam_56S27MspyPUzPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/WXtExKeTHGam_56S27MspyPUzPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b4:b0:20:28:72:1c:4a:2d:c5:1f:75:39:ff:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbbb61836c51d67b3d771bd092787a390cf61d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:07:27:11:26:86:4c:2b:be:9e:48:ed:8f:90:
e2:39:db:a5:5a:76:a5:f5:9e:49:be:70:84:68:76:
21:cb:30:c0:6d:f6:05:38:5a:63:a3:9e:81:f3:0e:
8a:5f:50:4f:65:c1:dd:6e:cf:af:d2:a9:5d:3e:30:
79:5d:25:af:12:45:f9:c0:d8:ed:3c:d6:8b:85:ca:
6f:2f:bc:a9:a0:a3:10:4a:c7:0c:35:30:87:7d:f6:
81:d7:61:2a:33:35:5c:af:bd:6e:45:1d:fc:74:96:
b1:01:ea:44:94:bf:4a:dd:45:03:bd:cd:af:89:4a:
bf:f0:d7:93:41:01:52:12:51:6b:f7:1f:a2:1f:78:
c7:08:f4:83:df:ca:5f:66:dc:4c:dd:de:99:bb:12:
c3:f7:fa:8e:05:46:66:92:76:f2:a1:b4:66:b5:2d:
92:00:d0:dc:0c:1b:f7:56:c0:1a:f4:22:94:e1:7b:
64:cd:7e:af:22:e3:63:5c:07:d0:a9:e4:85:16:e5:
79:66:e2:5e:c1:24:43:5a:27:84:7a:cd:36:d9:9c:
e7:c9:24:4c:03:be:e3:b3:cc:1d:e5:00:d7:f4:e1:
3c:67:66:cb:28:36:82:f6:a7:4b:34:f5:e7:a6:fd:
65:37:4a:d5:0f:c5:db:55:90:b6:4a:29:86:8e:2d:
88:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BB:61:83:6C:51:D6:7B:3D:77:1B:D0:92:78:7A:39:0C:F6:1D:01
X509v3 Authority Key Identifier:
keyid:59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/27thg2xR1ns9dxvQknh6OQz2HQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/WXtExKeTHGam_56S27MspyPUzPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.254.0.0/17
93.114.40.0/21
93.115.80.0/20
185.242.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:8b:33:0f:e3:b3:f0:80:74:f2:6e:5f:bd:5b:4d:0a:0e:2e:
a0:65:69:fa:3f:82:6c:5d:17:56:35:8e:52:70:fb:8e:19:20:
bf:49:27:83:15:f7:d8:a5:87:16:5d:1c:66:e0:ea:da:c9:f1:
1c:87:89:8d:08:80:4e:45:25:06:8a:09:d3:bd:7d:70:78:41:
8b:6c:d6:12:20:6f:0d:92:1f:13:71:1e:3d:d1:5a:be:ca:28:
57:bc:23:e1:c8:d8:db:b6:51:b2:ad:c7:18:2b:b8:e2:68:bb:
7e:a7:82:76:98:cc:c1:0c:6b:f7:92:11:f1:ee:9b:90:9d:52:
96:c1:af:50:39:fe:f7:68:a7:21:06:f5:08:3c:81:d2:42:07:
76:a6:3e:be:dc:51:03:fd:27:73:55:aa:a7:97:ca:7d:5a:33:
c1:ac:6b:e0:0c:e4:e1:29:66:ac:ec:ae:d6:f9:7a:6a:95:ef:
f6:d3:b0:e1:75:57:86:a0:4b:eb:c1:40:2c:7f:66:b2:7d:c3:
2a:49:4c:c7:99:01:23:83:09:6f:6c:c2:b5:52:7d:ed:c2:f7:
4b:56:4e:a9:31:87:eb:54:07:73:33:6e:84:79:d9:31:1b:c2:
0a:9e:e0:94:80:9a:9c:f5:b5:1f:a2:e4:ca:ef:b6:a4:65:ee:
82:9e:eb:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/bSwIChyHEotxR91Of8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2I0NGM0YTc5MzFjNjZhNmZmOWU5MmRiYjMyY2E3MjNk
NGNjZjcwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmJiNjE4MzZjNTFkNjdiM2Q3NzFiZDA5Mjc4N2EzOTBjZjYxZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwcnESaGTCu+nkjtj5DiOdulWnal
9Z5JvnCEaHYhyzDAbfYFOFpjo56B8w6KX1BPZcHdbs+v0qldPjB5XSWvEkX5wNjt
PNaLhcpvL7ypoKMQSscMNTCHffaB12EqMzVcr71uRR38dJaxAepElL9K3UUDvc2v
iUq/8NeTQQFSElFr9x+iH3jHCPSD38pfZtxM3d6ZuxLD9/qOBUZmknbyobRmtS2S
ANDcDBv3VsAa9CKU4XtkzX6vIuNjXAfQqeSFFuV5ZuJewSRDWieEes022ZznySRM
A77js8wd5QDX9OE8Z2bLKDaC9qdLNPXnpv1lN0rVD8XbVZC2SimGji2IAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNu7YYNsUdZ7PXcb0JJ4ejkM9h0BMB8GA1UdIwQY
MBaAFFl7RMSnkxxmpv+ektuzLKcj1Mz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1h0RXhLZVRIR2FtXzU2UzI3TXNweVBVelBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85NWZmOGYtNjZiYy00YjExLTk4ZjAt
MGFiMjFiMmYyNzU0LzEvMjd0aGcyeFIxbnM5ZHh2UWtuaDZPUXoySFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85NWZmOGYtNjZiYy00YjExLTk4ZjAtMGFiMjFiMmYyNzU0
LzEvV1h0RXhLZVRIR2FtXzU2UzI3TXNweVBVelBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHBf4AAwQD
XXIoAwQEXXNQAwQCufLMMA0GCSqGSIb3DQEBCwUAA4IBAQAMizMP47PwgHTybl+9
W00KDi6gZWn6P4JsXRdWNY5ScPuOGSC/SSeDFffYpYcWXRxm4OrayfEch4mNCIBO
RSUGignTvX1weEGLbNYSIG8Nkh8TcR490Vq+yihXvCPhyNjbtlGyrccYK7jiaLt+
p4J2mMzBDGv3khHx7puQnVKWwa9QOf73aKchBvUIPIHSQgd2pj6+3FED/SdzVaqn
l8p9WjPBrGvgDOThKWas7K7W+Xpqle/207DhdVeGoEvrwUAsf2ayfcMqSUzHmQEj
gwlvbMK1Un3twvdLVk6pMYfrVAdzM26EedkxG8IKnuCUgJqc9bUfouTK77akZe6C
nusw
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:40:29 2025 by rpki-client