Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/b5tCOGfZlXjj3Rp4LI2wyRIwTZc.roa
File: b5tCOGfZlXjj3Rp4LI2wyRIwTZc.roa (raw, json)
Hash identifier: Ux81ccFaPxD7MPa+kjPcqatGWLTvR5GEGbxi2D0f0BI=
Subject key identifier: 6F:9B:42:38:67:D9:95:78:E3:DD:1A:78:2C:8D:B0:C9:12:30:4D:97
Certificate issuer: /CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Certificate serial: 019421B20BA2B1019857A7130F0293BB5CA6
Authority key identifier: DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/b5tCOGfZlXjj3Rp4LI2wyRIwTZc.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43070
IP address blocks: 77.95.40.0/21 maxlen: 21
89.187.192.0/22 maxlen: 22
89.187.196.0/23 maxlen: 23
185.45.136.0/22 maxlen: 22
2a02:910::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0b:a2:b1:01:98:57:a7:13:0f:02:93:bb:5c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f9b423867d99578e3dd1a782c8db0c912304d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:95:70:95:a3:69:c7:1b:b5:b2:b8:71:4f:b8:
18:a3:fb:57:b3:a9:60:8c:25:19:f4:c7:e4:d4:af:
99:92:b1:7b:db:f9:d0:b2:9c:32:5d:a7:32:a7:5a:
7d:99:e7:b8:f4:68:8e:46:49:15:b9:71:99:2a:d0:
e9:ce:f1:5b:dd:d4:eb:e5:97:37:a2:d0:f2:80:60:
ab:d4:f0:fe:39:c8:94:54:ed:37:c3:e8:2c:73:b8:
a3:62:62:e0:73:0b:58:49:38:05:0a:01:49:48:2d:
c5:2a:39:3e:ee:43:7f:cd:58:e2:d9:ef:b9:34:92:
9e:ca:08:91:02:0f:98:ca:5d:51:5a:ce:e5:39:cc:
38:e4:31:b7:fc:8d:77:99:ca:99:49:8f:3f:c5:5a:
72:55:16:f8:2d:92:46:44:b2:15:40:97:a9:67:1b:
68:88:9c:f7:0c:35:8e:2d:94:e0:e9:47:d2:68:5b:
ce:17:e8:cd:2c:fc:3a:6f:b0:49:c1:16:0d:ab:a4:
24:af:14:a0:fb:20:2c:2a:91:cc:7c:b0:2f:f4:cd:
26:ac:bc:c1:c2:80:99:e6:9e:1c:43:d2:df:a6:27:
f6:02:fe:82:b4:ff:ef:5a:0d:2b:0c:48:a6:12:07:
80:8c:35:40:fa:a4:c1:3a:f3:20:da:26:9e:f4:cf:
98:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9B:42:38:67:D9:95:78:E3:DD:1A:78:2C:8D:B0:C9:12:30:4D:97
X509v3 Authority Key Identifier:
keyid:DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/b5tCOGfZlXjj3Rp4LI2wyRIwTZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.40.0/21
89.187.192.0-89.187.197.255
185.45.136.0/22
IPv6:
2a02:910::/32
Signature Algorithm: sha256WithRSAEncryption
74:e8:6a:1e:e8:7b:da:3e:6b:3e:5c:4d:27:ae:4a:fc:df:d7:
c0:b2:f0:2d:c5:b8:02:76:a7:83:0b:d5:e8:e0:b7:60:7d:49:
c5:77:96:7e:08:86:2e:3c:04:aa:ab:ef:fb:62:e1:ba:45:9d:
e6:bb:fe:f7:61:83:1a:d2:b1:24:67:5f:d2:d8:dd:18:83:66:
e5:63:5a:c1:eb:7b:a7:b9:ec:56:2b:e5:59:5d:cb:8f:b8:c9:
51:a7:f7:99:38:b2:06:0e:81:bd:a4:9a:ff:a6:c7:2d:b4:90:
0c:3f:94:8a:07:09:8f:3c:8a:27:0b:df:df:d7:4a:a1:0d:d0:
96:5d:58:21:62:ec:8d:f0:e7:1b:8c:0d:c0:16:70:06:24:c8:
51:da:e6:a3:87:33:08:99:6b:98:76:ee:72:c4:9d:8d:ab:5f:
d5:fc:42:4a:3b:15:2e:20:20:e1:f1:d6:12:26:81:a9:9b:22:
f1:08:ab:87:29:e2:85:c6:3d:d3:e7:07:1a:1c:cf:ab:43:1e:
b8:44:39:22:4e:1e:34:0f:ad:ba:f2:ea:d9:4b:c6:33:f7:4e:
3c:1a:28:b7:7e:2c:d2:1a:79:52:de:d0:f2:17:83:87:bd:58:
35:ac:db:ee:91:0a:a7:f2:03:bd:c7:c0:b6:89:b0:bb:03:5f:
59:60:db:b0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQhsguisQGYV6cTDwKTu1ymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTU3MmZjYmQ2NjVmNzJlMDBlNWZmZGI4ZGI4MDJkMWNi
ZWM4OTQwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjliNDIzODY3ZDk5NTc4ZTNkZDFhNzgyYzhkYjBjOTEyMzA0ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZVwlaNpxxu1srhxT7gYo/tXs6lg
jCUZ9Mfk1K+ZkrF72/nQspwyXacyp1p9mee49GiORkkVuXGZKtDpzvFb3dTr5Zc3
otDygGCr1PD+OciUVO03w+gsc7ijYmLgcwtYSTgFCgFJSC3FKjk+7kN/zVji2e+5
NJKeygiRAg+Yyl1RWs7lOcw45DG3/I13mcqZSY8/xVpyVRb4LZJGRLIVQJepZxto
iJz3DDWOLZTg6UfSaFvOF+jNLPw6b7BJwRYNq6QkrxSg+yAsKpHMfLAv9M0mrLzB
woCZ5p4cQ9Lfpif2Av6CtP/vWg0rDEimEgeAjDVA+qTBOvMg2iae9M+YKQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFG+bQjhn2ZV4490aeCyNsMkSME2XMB8GA1UdIwQY
MBaAFN6Vcvy9Zl9y4A5f/bjbgC0cvsiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODct
YTkyOTM0Y2IxZGU4LzEvYjV0Q09HZlpsWGpqM1JwNExJMnd5Ukl3VFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODctYTkyOTM0Y2IxZGU4
LzEvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDTV8oMAwD
BAZZu8ADBAFZu8QDBAK5LYgwDQQCAAIwBwMFACoCCRAwDQYJKoZIhvcNAQELBQAD
ggEBAHToah7oe9o+az5cTSeuSvzf18Cy8C3FuAJ2p4ML1ejgt2B9ScV3ln4Ihi48
BKqr7/ti4bpFnea7/vdhgxrSsSRnX9LY3RiDZuVjWsHre6e57FYr5Vldy4+4yVGn
95k4sgYOgb2kmv+mxy20kAw/lIoHCY88iicL39/XSqEN0JZdWCFi7I3w5xuMDcAW
cAYkyFHa5qOHMwiZa5h27nLEnY2rX9X8Qko7FS4gIOHx1hImgambIvEIq4cp4oXG
PdPnBxocz6tDHrhEOSJOHjQPrbry6tlLxjP3TjwaKLd+LNIaeVLe0PIXg4e9WDWs
2+6RCqfyA73HwLaJsLsDX1lg27A=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:34:39 2025 by rpki-client