Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/DWkmqBrpCgufAcboTbO1ejK6V9s.roa
File: DWkmqBrpCgufAcboTbO1ejK6V9s.roa (raw, json)
Hash identifier: dRIP4UxK0A9ebBuRcG7opsgwJ+IJo0cC8WeCC52uH20=
Subject key identifier: 0D:69:26:A8:1A:E9:0A:0B:9F:01:C6:E8:4D:B3:B5:7A:32:BA:57:DB
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 0194258F6A659F08F7DBC21BB09C77E37B80
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/DWkmqBrpCgufAcboTbO1ejK6V9s.roa
Signing time: Thu 02 Jan 2025 05:49:03 +0000
ROA not before: Thu 02 Jan 2025 05:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.20.0/24 maxlen: 24
5.57.21.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.1.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.4.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.30.0/24 maxlen: 24
37.10.31.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6a:65:9f:08:f7:db:c2:1b:b0:9c:77:e3:7b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 2 05:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d6926a81ae90a0b9f01c6e84db3b57a32ba57db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:b0:b3:5f:bc:7f:11:f9:c1:77:b3:7b:da:
38:3b:be:75:63:1e:8e:2f:45:7d:f9:1b:39:47:67:
9e:43:50:f4:6d:47:59:8b:ec:48:5b:a2:0a:b8:c6:
1d:2b:72:56:b1:e8:e8:3a:d2:d2:07:98:e3:18:95:
5f:48:dd:21:8b:f7:a2:f8:76:9f:ea:2f:90:7a:89:
08:27:69:34:34:7f:4c:b1:46:66:6a:2b:50:c7:6d:
af:b7:90:bf:27:7e:2f:ec:b7:23:bd:a7:dd:ca:84:
e9:30:5f:eb:22:f0:3d:25:c4:ee:e4:f1:6c:82:50:
78:77:c6:84:21:bc:e1:a6:02:8f:e4:0c:11:0a:16:
94:8b:12:7e:73:4c:45:ac:b6:d6:17:a8:96:f5:4a:
4b:0c:57:66:04:03:51:05:5b:5a:09:14:fa:62:55:
8f:6b:c3:0e:0c:7c:88:28:3c:58:17:8d:99:03:9c:
c6:65:ac:6e:f7:ef:97:09:38:71:11:76:df:f1:55:
78:88:8e:4e:c3:ac:aa:cf:6b:a9:9c:5f:b0:0d:8b:
98:87:8a:20:f4:66:a3:45:aa:70:7a:97:3c:50:65:
c7:65:fc:39:38:b9:34:7f:14:9c:4a:5b:45:6b:64:
56:18:70:85:e0:c8:b9:a2:58:42:e5:74:47:c3:12:
95:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:69:26:A8:1A:E9:0A:0B:9F:01:C6:E8:4D:B3:B5:7A:32:BA:57:DB
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/DWkmqBrpCgufAcboTbO1ejK6V9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0-5.57.21.255
5.57.23.0/24
37.10.0.0/23
37.10.4.0/22
37.10.30.0/23
37.10.63.0/24
185.28.220.0/22
Signature Algorithm: sha256WithRSAEncryption
82:21:17:18:63:1b:a8:4c:99:81:60:93:69:b6:be:0c:94:db:
df:dd:e1:bf:67:b5:59:a5:3d:bd:7c:5c:9f:7e:f3:96:e4:4b:
63:e8:52:ab:73:80:bf:3b:6d:d3:43:96:ef:6b:56:2e:17:47:
7d:a5:3d:68:9c:70:e9:d6:fb:2e:c0:29:27:53:65:69:2e:84:
6b:ee:09:34:17:67:a6:e6:35:9b:c1:a7:77:fc:56:7d:37:14:
ef:8b:7e:a8:a8:7d:88:4c:02:dd:8e:e8:05:99:31:1d:b5:bd:
92:46:22:4a:70:04:76:88:6b:23:2b:85:09:78:1d:58:52:11:
1a:63:8c:c3:fa:ae:69:44:30:95:1d:cb:2d:24:14:d6:10:7e:
52:97:28:ee:04:b4:63:ed:96:43:f7:7e:09:c2:ba:21:16:f3:
15:3c:b8:c0:76:ff:cd:5b:1d:ff:66:d1:2e:67:99:64:2f:94:
f1:8e:50:c8:f7:90:7e:8e:a4:40:63:d4:be:f7:57:5a:1d:ed:
02:72:13:cf:b2:ba:03:b4:09:7b:03:7a:f9:0f:47:77:23:18:
c3:ce:73:94:fa:65:20:ec:a3:aa:7c:96:d9:d0:c2:12:bc:59:
d0:fd:ab:12:bd:d9:46:72:d6:a2:c2:52:0d:fb:18:d5:ca:5a:
31:6f:36:60
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQlj2plnwj328IbsJx343uAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjUwMTAyMDU0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY5MjZhODFhZTkwYTBiOWYwMWM2ZTg0ZGIzYjU3YTMyYmE1N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujuws1+8fxH5wXeze9o4O751Yx6O
L0V9+Rs5R2eeQ1D0bUdZi+xIW6IKuMYdK3JWsejoOtLSB5jjGJVfSN0hi/ei+Haf
6i+QeokIJ2k0NH9MsUZmaitQx22vt5C/J34v7LcjvafdyoTpMF/rIvA9JcTu5PFs
glB4d8aEIbzhpgKP5AwRChaUixJ+c0xFrLbWF6iW9UpLDFdmBANRBVtaCRT6YlWP
a8MODHyIKDxYF42ZA5zGZaxu9++XCThxEXbf8VV4iI5Ow6yqz2upnF+wDYuYh4og
9GajRapwepc8UGXHZfw5OLk0fxScSltFa2RWGHCF4Mi5olhC5XRHwxKV1wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFA1pJqga6QoLnwHG6E2ztXoyulfbMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvRFdrbXFCcnBDZ3VmQWNib1RiTzFlaks2VjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAQFORAD
BAEFORQDBAAFORcDBAElCgADBAIlCgQDBAElCh4DBAAlCj8DBAK5HNwwDQYJKoZI
hvcNAQELBQADggEBAIIhFxhjG6hMmYFgk2m2vgyU29/d4b9ntVmlPb18XJ9+85bk
S2PoUqtzgL87bdNDlu9rVi4XR32lPWiccOnW+y7AKSdTZWkuhGvuCTQXZ6bmNZvB
p3f8Vn03FO+LfqiofYhMAt2O6AWZMR21vZJGIkpwBHaIayMrhQl4HVhSERpjjMP6
rmlEMJUdyy0kFNYQflKXKO4EtGPtlkP3fgnCuiEW8xU8uMB2/81bHf9m0S5nmWQv
lPGOUMj3kH6OpEBj1L73V1od7QJyE8+yugO0CXsDevkPR3cjGMPOc5T6ZSDso6p8
ltnQwhK8WdD9qxK92UZy1qLCUg37GNXKWjFvNmA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:39:06 2025 by rpki-client