Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_Tj_i-7N5zda7qA59iJy4uEXNzI.roa
File: _Tj_i-7N5zda7qA59iJy4uEXNzI.roa (raw, json)
Hash identifier: W1tQMO9u06xEh1f8Nq/CqIAgu1ldZc1/hVaRm3iVhR8=
Subject key identifier: FD:38:FF:8B:EE:CD:E7:37:5A:EE:A0:39:F6:22:72:E2:E1:17:37:32
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0197183C9C6A22F140242C27C72AA1526F9F
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_Tj_i-7N5zda7qA59iJy4uEXNzI.roa
Signing time: Wed 28 May 2025 18:51:54 +0000
ROA not before: Wed 28 May 2025 18:51:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 5.35.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:3c:9c:6a:22:f1:40:24:2c:27:c7:2a:a1:52:6f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 28 18:51:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd38ff8beecde7375aeea039f62272e2e1173732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:43:83:a7:7a:ca:13:4d:52:35:69:ce:26:1d:
69:70:83:1d:c4:ef:b3:ca:67:60:b7:69:86:25:6f:
57:4a:66:49:58:f2:3e:9b:44:11:2b:43:34:35:1a:
05:7b:03:55:c6:83:18:9e:58:9b:a3:38:aa:32:91:
ed:6d:86:5d:cb:d6:b7:47:50:69:7b:fa:d8:8b:46:
bb:ad:f6:e1:5b:e3:d0:50:71:e5:ee:7e:89:00:78:
65:91:9d:97:ed:5f:04:ae:ba:92:47:3c:54:c7:f1:
41:fa:7d:82:25:87:30:e8:ea:6e:32:c4:1e:ea:ba:
97:f2:4c:da:f5:29:cb:a4:9b:7d:49:5a:9a:aa:52:
16:35:25:cb:da:af:78:6b:78:01:2e:06:7c:11:b2:
1a:a7:5e:19:be:03:37:14:12:58:d4:15:2c:d7:1a:
67:ec:8d:de:c1:d6:68:f1:88:9a:6b:b4:cf:77:9d:
ea:d7:ca:d5:19:2e:12:5d:fe:f7:c5:52:da:1a:bf:
ae:9a:8d:51:9a:ee:f9:5f:3a:14:08:60:13:43:52:
c6:d6:a0:41:a5:e0:34:f5:b9:79:b7:82:1e:55:2b:
03:83:ab:80:fb:56:d6:7b:70:88:cd:4b:36:38:d8:
de:32:1e:40:1e:3f:19:4c:c9:90:d9:8a:67:68:52:
be:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:38:FF:8B:EE:CD:E7:37:5A:EE:A0:39:F6:22:72:E2:E1:17:37:32
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_Tj_i-7N5zda7qA59iJy4uEXNzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:b8:7c:c8:68:5e:69:38:ac:81:a4:88:2b:82:26:f7:25:5e:
95:a5:14:05:94:84:67:9a:63:d0:04:af:5e:58:ba:f8:9d:bd:
c0:45:d0:9c:f4:59:5d:8f:8d:e5:e0:6b:ce:50:78:b0:c9:f2:
86:aa:5c:2a:cf:d4:2c:e9:74:01:5a:5c:d5:19:ee:05:7d:20:
1c:5f:11:c0:2a:42:72:9b:35:9c:9d:0e:f3:d3:93:e9:59:2f:
8f:a6:43:e1:06:03:48:2a:f6:bd:36:84:da:36:93:b2:36:14:
8c:01:5e:e2:f9:03:fc:39:55:26:9e:9e:e5:7b:8c:1e:88:5f:
ad:38:dd:0a:86:49:1b:37:80:8f:9b:bb:8d:3a:62:56:0c:50:
36:45:f7:2c:8e:49:60:36:29:09:31:66:3b:55:39:76:dc:2e:
4d:99:17:4f:07:e9:cf:49:78:56:5f:78:17:ff:cd:4a:e3:49:
15:d9:ad:6f:85:ed:1e:7f:96:3d:f5:82:fa:f5:fb:84:cb:63:
4c:23:57:8d:6b:3b:27:dc:d0:13:48:b2:e2:23:3d:d9:46:a8:
cd:c8:20:b5:89:59:e8:71:f6:6b:a0:8a:fc:be:3b:db:7b:c0:
82:1c:71:be:51:62:bd:e2:9f:e7:58:c2:de:63:1d:a5:ea:c5:
53:36:6b:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcYPJxqIvFAJCwnxyqhUm+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNTI4MTg1MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDM4ZmY4YmVlY2RlNzM3NWFlZWEwMzlmNjIyNzJlMmUxMTczNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEODp3rKE01SNWnOJh1pcIMdxO+z
ymdgt2mGJW9XSmZJWPI+m0QRK0M0NRoFewNVxoMYnliboziqMpHtbYZdy9a3R1Bp
e/rYi0a7rfbhW+PQUHHl7n6JAHhlkZ2X7V8ErrqSRzxUx/FB+n2CJYcw6OpuMsQe
6rqX8kza9SnLpJt9SVqaqlIWNSXL2q94a3gBLgZ8EbIap14ZvgM3FBJY1BUs1xpn
7I3ewdZo8Yiaa7TPd53q18rVGS4SXf73xVLaGr+umo1Rmu75XzoUCGATQ1LG1qBB
peA09bl5t4IeVSsDg6uA+1bWe3CIzUs2ONjeMh5AHj8ZTMmQ2YpnaFK+swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP04/4vuzec3Wu6gOfYicuLhFzcyMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvX1RqX2ktN041emRhN3FBNTlpSnk0dUVYTnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCOuHzIaF5pOKyBpIgrgib3JV6VpRQFlIRnmmPQBK9e
WLr4nb3ARdCc9Fldj43l4GvOUHiwyfKGqlwqz9Qs6XQBWlzVGe4FfSAcXxHAKkJy
mzWcnQ7z05PpWS+PpkPhBgNIKva9NoTaNpOyNhSMAV7i+QP8OVUmnp7le4weiF+t
ON0KhkkbN4CPm7uNOmJWDFA2RfcsjklgNikJMWY7VTl23C5NmRdPB+nPSXhWX3gX
/81K40kV2a1vhe0ef5Y99YL69fuEy2NMI1eNazsn3NATSLLiIz3ZRqjNyCC1iVno
cfZroIr8vjvbe8CCHHG+UWK94p/nWMLeYx2l6sVTNmtD
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:13:35 2025 by rpki-client