Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5SbPyjmIYXelitOmA1AVO3bhm0Q.roa
File: 5SbPyjmIYXelitOmA1AVO3bhm0Q.roa (raw, json)
Hash identifier: 1XIxpyYBD9DDRIa0BTpbMKp2ZvPzaojB9NovyRazhxQ=
Subject key identifier: E5:26:CF:CA:39:88:61:77:A5:8A:D3:A6:03:50:15:3B:76:E1:9B:44
Certificate issuer: /CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
Certificate serial: 019422FB3052B4EDC5980ED2F2FE42B224F5
Authority key identifier: E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5SbPyjmIYXelitOmA1AVO3bhm0Q.roa
Signing time: Wed 01 Jan 2025 17:47:54 +0000
ROA not before: Wed 01 Jan 2025 17:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58209
IP address blocks: 217.18.81.0/24 maxlen: 24
2a0e:5e40::/31 maxlen: 31
2a0e:5e42::/31 maxlen: 31
2a0e:5e47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5fmtISzWWrTuK46bP4uDPDkA6n0.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5fmtISzWWrTuK46bP4uDPDkA6n0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:30:52:b4:ed:c5:98:0e:d2:f2:fe:42:b2:24:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f9ad212cd65ab4ee2b8e9b3f8b833c3900ea7d
Validity
Not Before: Jan 1 17:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e526cfca39886177a58ad3a60350153b76e19b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:38:ac:2c:63:3a:49:97:b7:cd:90:a8:2b:
6f:7a:9d:79:16:82:67:a8:0c:15:c1:bf:e8:53:22:
b5:4a:c0:0c:bb:00:02:28:62:33:7e:95:9a:6b:e8:
cd:72:5e:92:90:d2:b1:4f:a7:57:a3:31:72:6b:04:
ce:ae:f5:e4:cb:98:5f:24:a0:ef:6f:4d:e6:c2:32:
8a:04:3f:a9:cb:52:b1:b1:a7:16:c4:94:32:1b:b0:
1d:42:11:17:04:da:ca:00:53:19:33:55:fb:c4:02:
e2:91:56:ef:12:dc:59:8e:f8:c9:22:c5:20:89:32:
3d:a7:13:42:59:a6:bc:43:37:e6:ad:0e:cb:14:b0:
07:29:e0:ed:8e:97:49:74:1a:82:8b:65:3e:0c:03:
5b:a6:3e:47:a7:02:5b:82:0c:f4:3f:b1:bb:7a:e9:
2f:13:be:c2:f2:6d:e0:53:e1:c5:9e:d4:26:f8:97:
e5:2f:cc:c5:6c:81:4a:67:be:e0:cf:93:6f:b4:76:
d3:fb:62:2a:ff:6a:29:22:0c:e0:bf:3b:fd:a3:52:
ad:6f:da:1a:2e:6d:a6:8e:d3:a7:e4:97:a7:e9:6e:
f4:e8:f3:36:e9:90:be:2c:d0:39:8f:f4:db:f1:b1:
13:3c:15:5c:cb:6d:e0:c1:b8:1b:c7:e5:84:36:17:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:26:CF:CA:39:88:61:77:A5:8A:D3:A6:03:50:15:3B:76:E1:9B:44
X509v3 Authority Key Identifier:
keyid:E5:F9:AD:21:2C:D6:5A:B4:EE:2B:8E:9B:3F:8B:83:3C:39:00:EA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fmtISzWWrTuK46bP4uDPDkA6n0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5SbPyjmIYXelitOmA1AVO3bhm0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f80926-e9a9-41f9-95a0-9b813a2002aa/1/5fmtISzWWrTuK46bP4uDPDkA6n0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.81.0/24
IPv6:
2a0e:5e40::/30
2a0e:5e47::/32
Signature Algorithm: sha256WithRSAEncryption
76:ac:3a:f6:e0:dc:6b:5d:33:23:66:3f:d3:6b:21:a2:e0:9c:
9f:bc:68:d0:91:21:db:8c:dd:5f:be:f5:45:12:ff:7f:14:7f:
c1:0e:36:fa:ea:06:67:88:4c:38:91:b1:b8:b0:51:94:cd:90:
b2:07:9b:4c:52:16:75:9c:a9:91:10:e1:4c:40:e9:8a:25:e0:
cb:ea:8d:65:98:78:f5:86:cb:1b:f9:dc:00:69:8e:ba:15:fc:
3c:1f:5f:d2:9c:fc:f0:20:c6:9e:6f:1c:fd:52:7d:0d:d6:2b:
bd:34:a2:e5:44:1d:81:8d:d3:38:c4:b6:0b:bb:d6:39:aa:72:
62:8f:b1:18:7e:83:33:ef:55:6e:b3:7a:81:33:7c:cb:cc:3a:
10:2a:f2:a3:17:3d:fc:dd:64:17:83:4e:19:3d:d1:ec:a6:30:
52:97:b2:cf:b6:f1:83:91:2c:f4:2d:fa:8c:83:1f:e9:05:56:
d9:18:cd:b0:54:f4:01:40:64:c5:80:78:7f:73:f6:cb:1b:9b:
dc:77:ed:ba:8d:9a:cb:6f:0f:7f:6d:24:c1:75:b9:be:36:e3:
38:b7:e4:78:99:07:1b:70:76:fe:a2:75:92:02:39:45:37:89:
7e:8a:e7:08:60:9d:96:bf:96:1c:79:a5:8b:2c:46:59:63:76:
e4:b0:ef:c1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQi+zBStO3FmA7S8v5CsiT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZjlhZDIxMmNkNjVhYjRlZTJiOGU5YjNmOGI4MzNjMzkw
MGVhN2QwHhcNMjUwMTAxMTc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI2Y2ZjYTM5ODg2MTc3YTU4YWQzYTYwMzUwMTUzYjc2ZTE5YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxo4rCxjOkmXt82QqCtvep15FoJn
qAwVwb/oUyK1SsAMuwACKGIzfpWaa+jNcl6SkNKxT6dXozFyawTOrvXky5hfJKDv
b03mwjKKBD+py1KxsacWxJQyG7AdQhEXBNrKAFMZM1X7xALikVbvEtxZjvjJIsUg
iTI9pxNCWaa8QzfmrQ7LFLAHKeDtjpdJdBqCi2U+DANbpj5HpwJbggz0P7G7eukv
E77C8m3gU+HFntQm+JflL8zFbIFKZ77gz5NvtHbT+2Iq/2opIgzgvzv9o1Ktb9oa
Lm2mjtOn5Jen6W706PM26ZC+LNA5j/Tb8bETPBVcy23gwbgbx+WENhdm0QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOUmz8o5iGF3pYrTpgNQFTt24ZtEMB8GA1UdIwQY
MBaAFOX5rSEs1lq07iuOmz+Lgzw5AOp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAt
OWI4MTNhMjAwMmFhLzEvNVNiUHlqbUlZWGVsaXRPbUExQVZPM2JobTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mODA5MjYtZTlhOS00MWY5LTk1YTAtOWI4MTNhMjAwMmFh
LzEvNWZtdElTeldXclR1SzQ2YlA0dURQRGtBNm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQA2RJRMBQE
AgACMA4DBQIqDl5AAwUAKg5eRzANBgkqhkiG9w0BAQsFAAOCAQEAdqw69uDca10z
I2Y/02shouCcn7xo0JEh24zdX771RRL/fxR/wQ42+uoGZ4hMOJGxuLBRlM2Qsgeb
TFIWdZypkRDhTEDpiiXgy+qNZZh49YbLG/ncAGmOuhX8PB9f0pz88CDGnm8c/VJ9
DdYrvTSi5UQdgY3TOMS2C7vWOapyYo+xGH6DM+9VbrN6gTN8y8w6ECryoxc9/N1k
F4NOGT3R7KYwUpeyz7bxg5Es9C36jIMf6QVW2RjNsFT0AUBkxYB4f3P2yxub3Hft
uo2ay28Pf20kwXW5vjbjOLfkeJkHG3B2/qJ1kgI5RTeJfornCGCdlr+WHHmliyxG
WWN25LDvwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:47:05 2025 by rpki-client