Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/5jyvM7zUsDe1Lex0DtFpG8BBbZo.roa
File: 5jyvM7zUsDe1Lex0DtFpG8BBbZo.roa (raw, json)
Hash identifier: PCMtayIHrF6LrkVGhI1nprpYM2aF/ClvU/EhrY1JrmQ=
Subject key identifier: E6:3C:AF:33:BC:D4:B0:37:B5:2D:EC:74:0E:D1:69:1B:C0:41:6D:9A
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 019653730B343C37FD5CEDD3161E5C9120F0
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/5jyvM7zUsDe1Lex0DtFpG8BBbZo.roa
Signing time: Sun 20 Apr 2025 13:46:10 +0000
ROA not before: Sun 20 Apr 2025 13:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50810
IP address blocks: 37.98.64.0/20 maxlen: 22
37.98.104.0/21 maxlen: 22
37.98.112.0/21 maxlen: 24
93.119.208.0/20 maxlen: 24
178.131.0.0/18 maxlen: 24
178.131.4.0/24 maxlen: 24
178.131.64.0/19 maxlen: 22
178.131.96.0/20 maxlen: 22
178.131.112.0/21 maxlen: 22
178.131.128.0/18 maxlen: 24
188.211.0.0/20 maxlen: 24
188.211.15.0/24 maxlen: 24
188.212.240.0/21 maxlen: 24
188.213.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 19:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:73:0b:34:3c:37:fd:5c:ed:d3:16:1e:5c:91:20:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Apr 20 13:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e63caf33bcd4b037b52dec740ed1691bc0416d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:15:97:10:b9:94:50:b9:d0:99:98:b9:05:34:
4e:de:51:bd:cf:91:97:d7:8b:db:45:fc:6c:82:8f:
ca:ae:9d:e7:2e:42:7c:e7:f5:e3:86:02:d4:af:87:
59:1c:00:fc:ed:eb:ce:f2:9e:ee:c1:b8:6e:40:b1:
ac:0b:57:13:b5:d2:8f:92:00:df:c5:54:65:68:8d:
fa:46:cc:b2:f9:98:21:8b:9c:4e:66:4f:16:68:ba:
c7:07:08:f5:a8:b9:1f:2b:1b:1c:a7:c6:d0:9f:22:
79:3b:d1:2f:d7:8d:89:5c:71:42:83:6b:38:45:20:
e5:d8:58:a1:e1:df:9b:f3:81:98:6f:2b:2e:f8:7d:
14:8b:fa:f5:c9:d7:d5:8a:44:5a:b2:13:61:b0:b9:
60:a2:ba:eb:28:e7:3d:86:b5:26:93:22:22:a8:b3:
0d:61:7f:03:eb:60:12:d2:9e:75:4c:47:ad:88:f4:
72:e1:1a:9e:57:a9:0e:2a:46:f2:d5:fe:e4:a4:da:
50:02:54:b6:e4:91:67:23:2f:25:36:47:ac:33:89:
d5:9b:50:06:0b:61:8f:9c:73:25:7f:b5:ef:62:5a:
7b:11:31:2f:05:c1:06:94:5b:3f:37:65:7a:35:28:
6a:ad:50:9a:82:99:21:e1:7c:40:bc:b1:cf:2a:df:
95:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:3C:AF:33:BC:D4:B0:37:B5:2D:EC:74:0E:D1:69:1B:C0:41:6D:9A
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/5jyvM7zUsDe1Lex0DtFpG8BBbZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/20
37.98.104.0-37.98.119.255
93.119.208.0/20
178.131.0.0-178.131.119.255
178.131.128.0/18
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
49:8a:a0:0f:ab:7e:c3:3a:9f:1a:f7:3d:ac:8f:8d:dc:6d:7d:
50:9f:c4:51:2f:6a:61:94:d1:bb:f5:a6:77:64:27:93:45:cb:
4e:d1:47:12:05:e5:42:1b:88:3e:2a:7e:e6:60:b8:7e:eb:37:
f8:ad:18:65:63:2e:89:17:07:5b:55:fd:10:fa:43:f4:b8:fb:
4c:70:78:25:05:4f:56:e2:ba:be:bb:56:4d:ff:77:cc:fc:2f:
b8:14:58:dd:d3:28:96:39:70:11:4c:ac:a6:37:5f:96:b8:db:
78:a1:24:1a:b6:36:1e:2d:e7:60:e9:9e:8e:01:1b:f6:1d:26:
9d:af:ae:ec:8d:74:75:98:db:b3:89:0c:b0:05:1a:69:53:38:
99:b3:3c:8b:8c:85:9b:a7:07:9a:58:64:ef:50:fe:57:50:5b:
41:02:7c:c5:e7:b3:bf:d4:17:70:3b:c0:58:c9:a8:87:53:ba:
58:74:d8:f0:d5:87:fd:4f:99:37:58:5c:52:20:51:e7:e4:54:
dc:a0:77:6c:60:c4:ac:15:4a:96:ba:b8:7c:e6:51:48:3a:84:
3d:a6:25:64:1f:5c:be:42:fb:2f:fd:af:f2:0e:a5:61:ad:3f:
00:bf:2f:65:74:a8:6e:56:9c:d6:85:8b:56:94:09:22:af:72:
4c:a8:97:1f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZZTcws0PDf9XO3TFh5ckSDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjUwNDIwMTM0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjNjYWYzM2JjZDRiMDM3YjUyZGVjNzQwZWQxNjkxYmMwNDE2ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBWXELmUULnQmZi5BTRO3lG9z5GX
14vbRfxsgo/Krp3nLkJ85/XjhgLUr4dZHAD87evO8p7uwbhuQLGsC1cTtdKPkgDf
xVRlaI36Rsyy+Zghi5xOZk8WaLrHBwj1qLkfKxscp8bQnyJ5O9Ev142JXHFCg2s4
RSDl2Fih4d+b84GYbysu+H0Ui/r1ydfVikRashNhsLlgorrrKOc9hrUmkyIiqLMN
YX8D62AS0p51TEetiPRy4RqeV6kOKkby1f7kpNpQAlS25JFnIy8lNkesM4nVm1AG
C2GPnHMlf7XvYlp7ETEvBcEGlFs/N2V6NShqrVCagpkh4XxAvLHPKt+ViQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOY8rzO81LA3tS3sdA7RaRvAQW2aMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvNWp5dk03elVzRGUxTGV4MER0RnBHOEJCYlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAATA/AwQEJWJAMAwD
BAMlYmgDBAMlYnADBARdd9AwCwMDALKDAwQDsoNwAwQGsoOAAwQEvNMAAwQDvNTw
AwQCvNXAMA0GCSqGSIb3DQEBCwUAA4IBAQBJiqAPq37DOp8a9z2sj43cbX1Qn8RR
L2phlNG79aZ3ZCeTRctO0UcSBeVCG4g+Kn7mYLh+6zf4rRhlYy6JFwdbVf0Q+kP0
uPtMcHglBU9W4rq+u1ZN/3fM/C+4FFjd0yiWOXARTKymN1+WuNt4oSQatjYeLedg
6Z6OARv2HSadr67sjXR1mNuziQywBRppUziZszyLjIWbpweaWGTvUP5XUFtBAnzF
57O/1BdwO8BYyaiHU7pYdNjw1Yf9T5k3WFxSIFHn5FTcoHdsYMSsFUqWurh85lFI
OoQ9piVkH1y+Qvsv/a/yDqVhrT8Avy9ldKhuVpzWhYtWlAkir3JMqJcf
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:53:34 2025 by rpki-client