Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/tTr3yBFPThh1LKoDvfe7lT4KAhU.roa
File: tTr3yBFPThh1LKoDvfe7lT4KAhU.roa (raw, json)
Hash identifier: rMkbO3LBGUKRzGY5bNc/Rymk3Ag6qe14nmgO9u0tnVE=
Subject key identifier: B5:3A:F7:C8:11:4F:4E:18:75:2C:AA:03:BD:F7:BB:95:3E:0A:02:15
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 0196ECD51813C46D9007D62907A8F07E3A23
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/tTr3yBFPThh1LKoDvfe7lT4KAhU.roa
Signing time: Tue 20 May 2025 08:35:10 +0000
ROA not before: Tue 20 May 2025 08:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205847
IP address blocks: 5.181.56.0/24 maxlen: 24
5.181.57.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.58.0/24 maxlen: 24
5.181.59.0/24 maxlen: 24
2a0c:a740:100::/48 maxlen: 48
2a0c:a741:1000::/38 maxlen: 38
2a0c:a741:2000::/38 maxlen: 38
2a0c:a741:3000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 17:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:d5:18:13:c4:6d:90:07:d6:29:07:a8:f0:7e:3a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: May 20 08:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b53af7c8114f4e18752caa03bdf7bb953e0a0215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:54:f7:f6:a9:2e:07:9f:c8:5b:36:4c:ff:dd:
df:58:d4:3d:05:5c:ca:b2:e0:a5:b0:5e:15:ce:da:
1a:4f:dc:84:4b:ae:a9:63:22:04:77:f5:66:aa:39:
4b:c2:ed:ce:1a:aa:ec:12:4e:4c:3d:74:94:6f:c3:
95:f8:81:15:d9:3b:79:a6:59:36:59:21:b4:53:50:
0a:bd:43:1e:40:c7:8d:28:a6:25:fe:87:13:cc:0c:
0f:2b:21:2f:b5:c5:3f:47:bf:1e:f2:c7:a6:82:88:
80:da:f7:91:1d:2a:d1:46:7e:2f:86:f9:09:03:59:
eb:4d:0f:1a:d7:44:13:c4:54:d8:d2:4d:23:9e:5c:
23:64:f9:d5:4f:68:2c:be:f1:aa:9c:87:a8:ff:b8:
d0:e5:66:91:e0:40:5c:d5:5d:62:ef:76:c6:52:62:
32:94:2d:01:f2:c8:07:ea:c4:1c:bc:d0:a1:f3:fe:
3a:05:0b:15:68:87:c1:ee:33:ad:4c:71:ce:38:82:
bd:39:85:ef:cd:f4:cb:ca:b5:2d:4f:f4:72:ff:a6:
c0:f8:c5:b5:f9:eb:64:9c:54:13:74:06:72:0c:4e:
0d:10:22:a3:29:10:55:15:30:17:6f:29:38:55:ce:
e0:8b:e2:94:c0:69:e1:ae:ac:89:55:14:9e:ba:56:
81:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3A:F7:C8:11:4F:4E:18:75:2C:AA:03:BD:F7:BB:95:3E:0A:02:15
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/tTr3yBFPThh1LKoDvfe7lT4KAhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.56.0/22
IPv6:
2a0c:a740:100::/48
2a0c:a741:1000::/38
2a0c:a741:2000::/38
2a0c:a741:3000::/38
Signature Algorithm: sha256WithRSAEncryption
68:a7:6d:7a:39:27:b7:26:e6:af:c6:cf:a1:00:e4:2a:2e:ee:
d7:96:b0:7d:b4:23:17:42:05:cb:b7:c3:bd:97:eb:5f:67:18:
47:1e:02:a7:61:16:1d:38:99:69:30:8a:86:f6:6f:b9:04:1e:
af:91:bf:4c:60:2b:5d:d7:c6:cf:8d:4b:c7:8a:f3:e6:42:19:
aa:a0:b1:83:01:9d:6a:3e:1d:12:e5:cf:4d:7f:e7:4e:dc:9f:
22:7e:82:7b:5c:7a:4d:05:9a:f5:f5:ac:fb:f3:47:58:1f:9e:
ef:d4:db:1f:df:75:22:76:4e:bd:fc:13:9f:1b:a0:74:97:bb:
8a:40:85:69:b3:04:88:70:c6:98:c9:f7:2e:14:19:5f:50:a0:
0e:67:84:02:2c:74:17:fa:02:32:a4:60:6b:2a:f4:47:b4:e2:
02:2f:1b:bd:db:cc:4d:d4:c6:2b:ea:2e:aa:b6:6f:9e:82:3b:
a3:96:ec:4d:5d:76:e9:a8:dc:91:a6:80:7b:fd:8a:9f:69:f2:
8b:b0:39:df:2b:da:e7:25:3a:3b:62:06:a9:9a:1f:ef:f9:db:
32:52:96:8c:f8:aa:00:43:4d:de:62:51:0e:99:a1:f6:d4:51:
85:69:cf:a7:01:1b:f2:62:f8:53:6d:38:7b:d9:d2:ce:1a:54:
f7:73:7b:f1
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZbs1RgTxG2QB9YpB6jwfjojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjUwNTIwMDgzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTNhZjdjODExNGY0ZTE4NzUyY2FhMDNiZGY3YmI5NTNlMGEwMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lT39qkuB5/IWzZM/93fWNQ9BVzK
suClsF4VztoaT9yES66pYyIEd/VmqjlLwu3OGqrsEk5MPXSUb8OV+IEV2Tt5plk2
WSG0U1AKvUMeQMeNKKYl/ocTzAwPKyEvtcU/R78e8semgoiA2veRHSrRRn4vhvkJ
A1nrTQ8a10QTxFTY0k0jnlwjZPnVT2gsvvGqnIeo/7jQ5WaR4EBc1V1i73bGUmIy
lC0B8sgH6sQcvNCh8/46BQsVaIfB7jOtTHHOOIK9OYXvzfTLyrUtT/Ry/6bA+MW1
+etknFQTdAZyDE4NECKjKRBVFTAXbyk4Vc7gi+KUwGnhrqyJVRSeulaBDQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLU698gRT04YdSyqA733u5U+CgIVMB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvdFRyM3lCRlBUaGgxTEtvRHZmZTdsVDRLQWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAMBAIAATAGAwQCBbU4MCcE
AgACMCEDBwAqDKdAAQADBgIqDKdBEAMGAioMp0EgAwYCKgynQTAwDQYJKoZIhvcN
AQELBQADggEBAGinbXo5J7cm5q/Gz6EA5Cou7teWsH20IxdCBcu3w72X619nGEce
AqdhFh04mWkwiob2b7kEHq+Rv0xgK13Xxs+NS8eK8+ZCGaqgsYMBnWo+HRLlz01/
507cnyJ+gntcek0FmvX1rPvzR1gfnu/U2x/fdSJ2Tr38E58boHSXu4pAhWmzBIhw
xpjJ9y4UGV9QoA5nhAIsdBf6AjKkYGsq9Ee04gIvG73bzE3UxivqLqq2b56CO6OW
7E1ddumo3JGmgHv9ip9p8ouwOd8r2uclOjtiBqmaH+/52zJSloz4qgBDTd5iUQ6Z
ofbUUYVpz6cBG/Ji+FNtOHvZ0s4aVPdze/E=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:42:18 2025 by rpki-client