Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/5PJP9sz2Qj0R_qvQUI34qPi3A1Y.roa
File: 5PJP9sz2Qj0R_qvQUI34qPi3A1Y.roa (raw, json)
Hash identifier: pR71ZCmNXZbyYfyvw8Yav6FbU05FRtn+pbwLEcOTYyA=
Subject key identifier: E4:F2:4F:F6:CC:F6:42:3D:11:FE:AB:D0:50:8D:F8:A8:F8:B7:03:56
Certificate issuer: /CN=1820f13139161384eaf13a1f7db60e2c68a43956
Certificate serial: 019425216C8870EB11006EBF04B797CDBC4E
Authority key identifier: 18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/5PJP9sz2Qj0R_qvQUI34qPi3A1Y.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42611
IP address blocks: 84.18.224.0/19 maxlen: 24
85.208.12.0/22 maxlen: 24
91.193.8.0/22 maxlen: 24
2a09:8040::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6c:88:70:eb:11:00:6e:bf:04:b7:97:cd:bc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1820f13139161384eaf13a1f7db60e2c68a43956
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4f24ff6ccf6423d11feabd0508df8a8f8b70356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1e:2a:5b:88:2e:53:c6:78:92:37:f4:00:c6:
84:f2:5a:73:74:4d:d0:a7:fb:12:12:9a:75:a8:5f:
22:20:3b:f5:12:0f:44:56:05:be:55:e7:45:d7:5d:
29:c4:1b:19:dc:0f:10:b8:bd:37:b7:3f:69:80:bb:
3a:22:2e:ed:34:24:21:20:9d:96:fc:a2:14:8b:a2:
da:89:4f:a6:bd:a9:f9:4a:3f:c8:69:86:48:eb:0f:
07:22:b2:56:5d:21:51:43:49:64:c3:e9:c7:14:ab:
01:69:fa:b7:35:c7:b1:e6:42:18:c1:39:66:ea:3f:
f0:2c:b6:e1:9a:d1:e9:eb:85:58:06:3f:cb:c7:d4:
cb:3e:51:bf:b5:c3:aa:67:2b:4e:78:49:ef:35:54:
99:af:0b:c9:fb:37:6b:23:5e:e5:be:5e:7d:74:11:
ce:a4:99:68:0c:8c:19:3f:3f:d4:20:7c:96:88:55:
2a:58:44:a5:b7:28:5a:ea:d6:69:d4:43:93:27:ca:
be:60:7d:3c:11:2b:6a:b5:b4:a0:1e:d0:2d:86:eb:
eb:a1:fb:27:28:07:5d:eb:ef:65:8b:9b:5a:92:50:
0a:0d:a6:ad:0c:0f:d9:2b:bb:ae:45:b6:71:f0:7b:
ae:2e:51:f5:8c:5d:90:16:b0:3c:1d:4e:ea:02:e9:
1d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F2:4F:F6:CC:F6:42:3D:11:FE:AB:D0:50:8D:F8:A8:F8:B7:03:56
X509v3 Authority Key Identifier:
keyid:18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/5PJP9sz2Qj0R_qvQUI34qPi3A1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.224.0/19
85.208.12.0/22
91.193.8.0/22
IPv6:
2a09:8040::/29
Signature Algorithm: sha256WithRSAEncryption
29:ea:e8:b2:21:4d:2e:51:8c:47:52:10:86:cf:19:c0:ee:9f:
ce:e5:c0:d8:58:94:c5:ab:97:f4:a4:b1:b9:84:b4:39:72:a0:
6b:a6:e9:4b:e2:d8:21:92:d8:bf:16:8a:1b:44:34:e8:d4:bc:
b3:b6:ae:21:ed:64:d1:11:9c:b8:ca:7e:e5:99:15:0a:8b:9d:
5e:c0:b3:7f:56:68:2a:c0:59:6f:71:b2:b4:42:a7:e6:98:f1:
56:9d:79:d0:9e:25:ee:5b:e6:19:55:dc:6a:ce:ea:11:84:f4:
b5:3e:86:d3:fa:a3:f3:41:65:87:86:0e:fe:ca:ea:38:56:4d:
a0:78:e9:06:70:e8:b5:c4:c2:f9:11:0f:ef:f7:59:76:c3:05:
be:46:30:1d:18:a8:cc:a1:3b:34:f3:b8:79:d0:37:da:89:60:
88:41:37:1f:3f:23:e4:69:9c:0a:be:cd:b6:d6:18:f7:a1:a2:
a5:63:e8:8d:ca:eb:0a:7c:8d:4b:d5:01:bd:f5:4a:4a:15:90:
2b:73:82:b8:86:2d:86:a8:25:f8:90:06:f1:c1:c7:9e:54:74:
d4:b8:d9:ab:86:64:bd:22:eb:96:d1:bd:c1:91:29:4e:91:81:
c8:a1:dd:bd:ff:4c:a0:ec:c8:8f:3b:63:dd:2c:18:22:17:c8:
74:95:60:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIWyIcOsRAG6/BLeXzbxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MjBmMTMxMzkxNjEzODRlYWYxM2ExZjdkYjYwZTJjNjhh
NDM5NTYwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGYyNGZmNmNjZjY0MjNkMTFmZWFiZDA1MDhkZjhhOGY4YjcwMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B4qW4guU8Z4kjf0AMaE8lpzdE3Q
p/sSEpp1qF8iIDv1Eg9EVgW+VedF110pxBsZ3A8QuL03tz9pgLs6Ii7tNCQhIJ2W
/KIUi6LaiU+mvan5Sj/IaYZI6w8HIrJWXSFRQ0lkw+nHFKsBafq3Ncex5kIYwTlm
6j/wLLbhmtHp64VYBj/Lx9TLPlG/tcOqZytOeEnvNVSZrwvJ+zdrI17lvl59dBHO
pJloDIwZPz/UIHyWiFUqWESltyha6tZp1EOTJ8q+YH08EStqtbSgHtAthuvrofsn
KAdd6+9li5taklAKDaatDA/ZK7uuRbZx8HuuLlH1jF2QFrA8HU7qAukdEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOTyT/bM9kI9Ef6r0FCN+Kj4twNWMB8GA1UdIwQY
MBaAFBgg8TE5FhOE6vE6H322DixopDlWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjct
MzY3ZGMzODUyNjFhLzEvNVBKUDlzejJRajBSX3F2UVVJMzRxUGkzQTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjctMzY3ZGMzODUyNjFh
LzEvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVBLgAwQC
VdAMAwQCW8EIMA0EAgACMAcDBQMqCYBAMA0GCSqGSIb3DQEBCwUAA4IBAQAp6uiy
IU0uUYxHUhCGzxnA7p/O5cDYWJTFq5f0pLG5hLQ5cqBrpulL4tghkti/FoobRDTo
1Lyztq4h7WTREZy4yn7lmRUKi51ewLN/VmgqwFlvcbK0QqfmmPFWnXnQniXuW+YZ
VdxqzuoRhPS1PobT+qPzQWWHhg7+yuo4Vk2geOkGcOi1xML5EQ/v91l2wwW+RjAd
GKjMoTs087h50DfaiWCIQTcfPyPkaZwKvs221hj3oaKlY+iNyusKfI1L1QG99UpK
FZArc4K4hi2GqCX4kAbxwceeVHTUuNmrhmS9IuuW0b3BkSlOkYHIod29/0yg7MiP
O2PdLBgiF8h0lWC/
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:54:50 2025 by rpki-client