Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/f99QaNImVksd_4fwJs_0jT5Ig2g.roa
File: f99QaNImVksd_4fwJs_0jT5Ig2g.roa (raw, json)
Hash identifier: UE3mO+CTEUsKvTBCtFKJEMJlm1F6YnPBO42bToz3pgQ=
Subject key identifier: 7F:DF:50:68:D2:26:56:4B:1D:FF:87:F0:26:CF:F4:8D:3E:48:83:68
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 0195DC1D68E8982E45CCB890227CBE684C60
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/f99QaNImVksd_4fwJs_0jT5Ig2g.roa
Signing time: Fri 28 Mar 2025 09:37:49 +0000
ROA not before: Fri 28 Mar 2025 09:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
91.92.112.0/24 maxlen: 24
91.92.113.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.252.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:1d:68:e8:98:2e:45:cc:b8:90:22:7c:be:68:4c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Mar 28 09:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fdf5068d226564b1dff87f026cff48d3e488368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:f8:71:ec:ce:b7:f4:40:ed:b7:e6:ec:92:
95:e4:a1:15:48:74:a6:62:0b:97:22:f1:b9:39:b4:
a1:70:2b:eb:6c:23:7e:29:2c:af:c9:f8:a0:bf:51:
26:9c:90:39:7e:dd:b7:87:dc:20:13:77:e1:e0:f7:
fa:d0:8b:a4:1d:b2:38:42:f1:36:28:96:18:cd:2b:
b2:db:7e:07:18:cd:c1:3d:3d:f7:80:dc:70:32:60:
3f:3a:4f:3a:5c:56:fe:57:d6:82:13:24:54:27:e3:
e9:06:bc:bb:e3:2f:06:53:af:14:71:35:90:ee:78:
c6:0f:d4:85:69:19:ce:f3:05:f5:72:83:97:a1:3a:
63:8f:85:e3:67:c0:5d:fd:97:a4:de:e9:5c:06:37:
04:f7:f3:0f:85:ee:ac:93:16:83:fd:7f:70:db:8e:
6f:60:f9:71:84:f9:59:a4:6b:42:30:8d:86:f4:d6:
a8:6d:43:a9:18:a0:b5:e1:6e:fa:4d:ad:55:34:0d:
78:d0:60:4f:bd:15:d2:8e:b3:5c:6b:9b:36:86:c5:
3a:07:dc:da:9c:ba:3d:69:a9:bc:02:da:9f:ac:26:
7d:59:b2:e1:5c:47:5f:9c:23:c5:0d:0e:32:36:6f:
40:68:bf:3e:db:b3:0a:94:91:9e:aa:1a:65:c9:bc:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DF:50:68:D2:26:56:4B:1D:FF:87:F0:26:CF:F4:8D:3E:48:83:68
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/f99QaNImVksd_4fwJs_0jT5Ig2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.164.0/24
107.150.171.0/24
107.150.175.0/24
107.150.177.0/24
185.252.210.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:65:13:d1:9c:2a:bd:41:30:e4:fa:dd:5a:18:7c:42:20:63:
95:45:28:d2:0e:d3:11:7b:fa:09:0c:f3:45:28:e9:e2:b7:a3:
05:1d:ab:45:0d:8f:1a:9e:0d:e4:15:2b:4e:32:4f:eb:8f:d4:
04:28:d3:2e:d0:12:4d:9e:a8:9b:78:38:96:fd:b5:82:34:aa:
87:72:b0:90:c0:d3:fd:50:58:82:7d:d9:cd:ff:50:44:aa:19:
b8:d1:7b:96:fc:65:96:ff:38:59:5b:88:58:58:0c:d4:0f:c4:
29:22:a2:26:1c:f4:6b:67:2e:a2:c6:45:81:96:80:95:c1:5a:
34:32:15:7e:a6:4e:40:01:8f:bf:bd:90:ba:cd:a6:f6:df:19:
0d:7c:9e:3e:47:48:c1:55:19:f5:db:f6:e6:15:84:dd:68:73:
0d:ee:79:75:ca:b7:16:c0:c7:30:be:2d:81:08:db:c9:01:aa:
2e:f1:a4:e3:b7:b0:c4:be:78:0e:1e:3f:a7:22:4e:2d:3d:3b:
3c:7a:e4:96:51:72:a2:e3:fa:72:23:cc:c5:22:54:0a:9e:9b:
a1:b8:15:27:e4:2f:7c:05:a4:e3:79:68:79:51:8e:62:81:71:
3f:b8:cc:8e:5e:63:8e:56:a2:c8:83:2e:cf:02:08:23:6b:f6:
53:ef:b9:b6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZXcHWjomC5FzLiQIny+aExgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjUwMzI4MDkzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmRmNTA2OGQyMjY1NjRiMWRmZjg3ZjAyNmNmZjQ4ZDNlNDg4MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L74cezOt/RA7bfm7JKV5KEVSHSm
YguXIvG5ObShcCvrbCN+KSyvyfigv1EmnJA5ft23h9wgE3fh4Pf60IukHbI4QvE2
KJYYzSuy234HGM3BPT33gNxwMmA/Ok86XFb+V9aCEyRUJ+PpBry74y8GU68UcTWQ
7njGD9SFaRnO8wX1coOXoTpjj4XjZ8Bd/Zek3ulcBjcE9/MPhe6skxaD/X9w245v
YPlxhPlZpGtCMI2G9NaobUOpGKC14W76Ta1VNA140GBPvRXSjrNca5s2hsU6B9za
nLo9aam8AtqfrCZ9WbLhXEdfnCPFDQ4yNm9AaL8+27MKlJGeqhplybwJdQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFH/fUGjSJlZLHf+H8CbP9I0+SINoMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvZjk5UWFOSW1Wa3NkXzRmd0pzXzBqVDVJZzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABf85MAwD
BAAF/z0DBAYF/wADBAAX/EIDBAFbXHADBABrlqQDBABrlqsDBABrlq8DBABrlrED
BAC5/NIwDQYJKoZIhvcNAQELBQADggEBAJtlE9GcKr1BMOT63VoYfEIgY5VFKNIO
0xF7+gkM80Uo6eK3owUdq0UNjxqeDeQVK04yT+uP1AQo0y7QEk2eqJt4OJb9tYI0
qodysJDA0/1QWIJ92c3/UESqGbjRe5b8ZZb/OFlbiFhYDNQPxCkioiYc9GtnLqLG
RYGWgJXBWjQyFX6mTkABj7+9kLrNpvbfGQ18nj5HSMFVGfXb9uYVhN1ocw3ueXXK
txbAxzC+LYEI28kBqi7xpOO3sMS+eA4eP6ciTi09Ozx65JZRcqLj+nIjzMUiVAqe
m6G4FSfkL3wFpON5aHlRjmKBcT+4zI5eY45WosiDLs8CCCNr9lPvubY=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:24:59 2025 by rpki-client