Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/5LFA7pu9BAuW9Zs8wziojRaCNSk.roa
File: 5LFA7pu9BAuW9Zs8wziojRaCNSk.roa (raw, json)
Hash identifier: UzC92ONklOjy0NiAl9iqdlk8UfZjfzE3sfwqDQwnG80=
Subject key identifier: E4:B1:40:EE:9B:BD:04:0B:96:F5:9B:3C:C3:38:A8:8D:16:82:35:29
Certificate issuer: /CN=a95f638862529b6dafd440e172a22f0120b09aea
Certificate serial: 0194228DCFF5F7B709A7B25800D65021ECC2
Authority key identifier: A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/5LFA7pu9BAuW9Zs8wziojRaCNSk.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24954
IP address blocks: 193.57.12.0/24 maxlen: 24
193.57.13.0/24 maxlen: 24
193.57.34.0/24 maxlen: 24
193.57.176.0/24 maxlen: 24
193.57.177.0/24 maxlen: 24
193.57.178.0/24 maxlen: 24
193.57.179.0/24 maxlen: 24
193.57.180.0/24 maxlen: 24
194.5.74.0/24 maxlen: 24
194.5.75.0/24 maxlen: 24
194.5.76.0/24 maxlen: 24
194.5.77.0/24 maxlen: 24
194.5.150.0/24 maxlen: 24
194.5.151.0/24 maxlen: 24
194.5.166.0/24 maxlen: 24
194.5.167.0/24 maxlen: 24
2001:67c:8a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/qV9jiGJSm22v1EDhcqIvASCwmuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/qV9jiGJSm22v1EDhcqIvASCwmuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cf:f5:f7:b7:09:a7:b2:58:00:d6:50:21:ec:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a95f638862529b6dafd440e172a22f0120b09aea
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4b140ee9bbd040b96f59b3cc338a88d16823529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:52:1e:93:63:03:4e:23:7c:8c:19:ad:47:
f2:5c:dc:74:f5:aa:ca:25:be:f9:0c:e5:4e:89:58:
5b:67:a9:33:ee:40:5f:7e:ac:bf:9f:e4:36:52:93:
7d:3b:7e:90:f8:e4:e7:70:ca:ee:4c:0d:a6:9e:31:
99:70:01:b3:6a:f4:d2:12:fc:16:8b:fe:55:5e:cf:
aa:65:7b:ee:ac:e2:a1:67:e0:1a:47:ff:a4:f5:4d:
48:b6:45:1a:54:5e:91:e5:74:03:e0:4a:14:12:1c:
b1:b4:84:17:b3:1d:6a:18:e4:25:40:e7:5a:4f:24:
fd:bb:97:6b:60:d5:76:9a:7a:7d:48:9e:d6:16:5d:
f1:56:65:f0:a0:d0:94:c2:29:24:2f:7d:e1:70:d5:
91:86:dd:90:ea:0a:84:7f:d8:90:b0:d3:2e:6e:c7:
1a:f9:ef:28:7c:26:4c:f0:02:ac:34:ff:39:91:69:
87:70:cc:11:cd:f3:75:5b:8a:4b:c4:cc:b1:93:8b:
4b:7f:cb:b7:4b:e6:72:ca:6f:c7:d9:68:61:ea:84:
cc:5c:da:d0:45:ef:10:47:bf:76:13:12:ec:9d:fb:
f4:a2:e1:64:f8:9e:c3:4e:c5:45:a7:e3:c8:a0:9b:
9b:c8:36:5a:1e:4b:e6:74:c5:04:74:36:4f:1e:e2:
c2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B1:40:EE:9B:BD:04:0B:96:F5:9B:3C:C3:38:A8:8D:16:82:35:29
X509v3 Authority Key Identifier:
keyid:A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/5LFA7pu9BAuW9Zs8wziojRaCNSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/qV9jiGJSm22v1EDhcqIvASCwmuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.12.0/23
193.57.34.0/24
193.57.176.0-193.57.180.255
194.5.74.0-194.5.77.255
194.5.150.0/23
194.5.166.0/23
IPv6:
2001:67c:8a0::/48
Signature Algorithm: sha256WithRSAEncryption
72:e6:9c:4c:2f:a6:d0:c6:ab:92:e9:5f:c4:f5:24:15:c8:e1:
ae:92:a5:d5:6f:6e:2d:1d:d9:46:91:84:1d:d4:0e:f6:16:10:
8c:d4:cd:c4:01:cf:56:c8:df:15:4d:7d:78:18:56:c6:d8:3d:
fe:80:1e:59:01:59:91:84:4f:06:dc:1e:7e:b4:e7:03:6e:c7:
33:f8:a4:05:5f:23:42:df:56:9b:c5:5f:7c:87:77:c6:44:d4:
6f:c2:3e:64:f0:2b:69:12:77:91:5b:6d:4f:fa:32:77:2e:d8:
3c:ef:8a:40:cd:c8:c0:74:40:87:34:bb:62:22:9b:65:49:cd:
57:f3:e5:55:7f:cc:a7:fa:ad:2e:ad:54:b1:97:50:9e:0c:57:
cc:a4:36:d4:c5:14:cd:3e:20:9c:6f:85:d8:9e:47:fc:ce:c4:
e9:df:52:76:31:3d:93:c0:7b:87:fe:f4:34:0f:78:3a:f7:32:
f6:6e:60:d7:a6:78:70:85:01:00:07:04:6e:28:4d:8d:a8:a9:
60:fc:86:fd:91:75:08:36:5f:b5:57:4d:3e:a3:47:e9:0a:1c:
10:14:84:a2:d4:45:b1:76:17:3d:89:ba:55:d5:e9:97:a4:e8:
91:3e:83:ec:84:23:b7:45:d4:fc:ab:fd:1a:4b:10:8a:19:1d:
42:56:13:22
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQijc/197cJp7JYANZQIezCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NWY2Mzg4NjI1MjliNmRhZmQ0NDBlMTcyYTIyZjAxMjBi
MDlhZWEwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGIxNDBlZTliYmQwNDBiOTZmNTliM2NjMzM4YTg4ZDE2ODIzNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2dSHpNjA04jfIwZrUfyXNx09arK
Jb75DOVOiVhbZ6kz7kBffqy/n+Q2UpN9O36Q+OTncMruTA2mnjGZcAGzavTSEvwW
i/5VXs+qZXvurOKhZ+AaR/+k9U1ItkUaVF6R5XQD4EoUEhyxtIQXsx1qGOQlQOda
TyT9u5drYNV2mnp9SJ7WFl3xVmXwoNCUwikkL33hcNWRht2Q6gqEf9iQsNMubsca
+e8ofCZM8AKsNP85kWmHcMwRzfN1W4pLxMyxk4tLf8u3S+Zyym/H2Whh6oTMXNrQ
Re8QR792ExLsnfv0ouFk+J7DTsVFp+PIoJubyDZaHkvmdMUEdDZPHuLCCQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOSxQO6bvQQLlvWbPMM4qI0WgjUpMB8GA1UdIwQY
MBaAFKlfY4hiUpttr9RA4XKiLwEgsJrqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVY5amlHSlNtMjJ2MUVEaGNxSXZBU0N3bXVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hZjQ5M2YtNDFmZS00MDZkLWIzZmYt
ZWJiNTNjMjUzMDdiLzEvNUxGQTdwdTlCQXVXOVpzOHd6aW9qUmFDTlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hZjQ5M2YtNDFmZS00MDZkLWIzZmYtZWJiNTNjMjUzMDdi
LzEvcVY5amlHSlNtMjJ2MUVEaGNxSXZBU0N3bXVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQBwTkMAwQA
wTkiMAwDBATBObADBADBObQwDAMEAcIFSgMEAcIFTAMEAcIFlgMEAcIFpjAPBAIA
AjAJAwcAIAEGfAigMA0GCSqGSIb3DQEBCwUAA4IBAQBy5pxML6bQxquS6V/E9SQV
yOGukqXVb24tHdlGkYQd1A72FhCM1M3EAc9WyN8VTX14GFbG2D3+gB5ZAVmRhE8G
3B5+tOcDbscz+KQFXyNC31abxV98h3fGRNRvwj5k8CtpEneRW21P+jJ3Ltg874pA
zcjAdECHNLtiIptlSc1X8+VVf8yn+q0urVSxl1CeDFfMpDbUxRTNPiCcb4XYnkf8
zsTp31J2MT2TwHuH/vQ0D3g69zL2bmDXpnhwhQEABwRuKE2NqKlg/Ib9kXUINl+1
V00+o0fpChwQFISi1EWxdhc9ibpV1emXpOiRPoPshCO3RdT8q/0aSxCKGR1CVhMi
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:56:47 2025 by rpki-client