Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/jaE6BaYqv4cnylnB2zxQbZMqMS0.roa
File: jaE6BaYqv4cnylnB2zxQbZMqMS0.roa (raw, json)
Hash identifier: t2WgnnlqK7T5mfm7rPUugS3H7ujqQaRofZxqW6taksU=
Subject key identifier: 8D:A1:3A:05:A6:2A:BF:87:27:CA:59:C1:DB:3C:50:6D:93:2A:31:2D
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019610600457D37F3DADA59D464537B3B839
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/jaE6BaYqv4cnylnB2zxQbZMqMS0.roa
Signing time: Mon 07 Apr 2025 13:10:49 +0000
ROA not before: Mon 07 Apr 2025 13:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50436
IP address blocks: 5.28.64.0/18 maxlen: 19
5.28.64.0/19 maxlen: 19
5.28.96.0/19 maxlen: 19
37.120.0.0/17 maxlen: 18
77.64.183.0/24 maxlen: 24
77.64.220.0/23 maxlen: 24
92.206.8.0/21 maxlen: 24
92.206.22.0/23 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.76.0/22 maxlen: 24
92.206.208.0/24 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.254.0/23 maxlen: 24
94.139.0.0/19 maxlen: 20
217.68.167.0/24 maxlen: 24
2a02:2455:8000::/36 maxlen: 36
2a02:2455:9000::/36 maxlen: 40
2a02:2455:a000::/36 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:60:04:57:d3:7f:3d:ad:a5:9d:46:45:37:b3:b8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Apr 7 13:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8da13a05a62abf8727ca59c1db3c506d932a312d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:a4:18:01:fa:be:e7:e8:91:a9:31:ce:dc:
99:35:52:26:25:35:33:50:0c:7a:7d:c7:5d:5c:7a:
65:a3:35:72:e1:13:ab:15:da:86:38:30:64:82:ff:
86:f1:c5:ad:6f:0a:4c:13:d4:ff:d6:17:34:53:cd:
01:78:42:4a:e3:9f:b8:f6:c8:c0:3d:92:11:27:df:
70:5c:68:76:18:a7:bb:df:ea:2c:dc:c0:dc:67:7f:
2b:0c:7e:24:99:b6:98:51:da:6d:50:ab:25:4c:30:
06:33:f8:66:0d:f1:5e:e4:32:d5:a5:ff:04:3d:69:
f1:3a:2f:32:a4:a1:17:4c:72:70:6b:20:de:07:c2:
0e:8e:e7:30:af:1e:3b:c3:95:36:70:6a:78:13:dc:
33:10:40:2d:7d:6e:69:e3:1e:94:d4:a6:95:28:25:
4b:09:70:b7:c1:c6:82:40:f3:5f:b5:41:c0:a1:29:
08:c5:71:44:ab:f5:3b:c4:be:b7:78:bf:e0:c4:4e:
69:78:4b:4b:9c:5e:3b:bd:09:0d:8a:0e:0c:14:4c:
89:bd:e9:bb:e7:2d:99:a7:16:f6:ad:e9:d4:ba:38:
ba:2c:9a:c5:2d:f9:d4:67:01:ef:0b:0d:d8:7a:ef:
55:d8:aa:e9:c5:f8:a6:ac:8b:c7:46:b6:e4:49:76:
a9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A1:3A:05:A6:2A:BF:87:27:CA:59:C1:DB:3C:50:6D:93:2A:31:2D
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/jaE6BaYqv4cnylnB2zxQbZMqMS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
77.64.183.0/24
77.64.220.0/23
92.206.8.0/21
92.206.22.0/23
92.206.32.0/19
92.206.76.0/22
92.206.208.0/23
92.206.254.0/23
94.139.0.0/19
217.68.167.0/24
IPv6:
2a02:2455:8000::-2a02:2455:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b8:d6:f0:d6:20:5c:e9:70:1d:07:67:e2:75:54:a1:8d:28:b7:
11:e9:b6:53:7f:e2:36:4e:90:2e:fe:e7:c3:29:eb:b5:49:a4:
e2:e2:c7:bb:27:1a:53:b7:7f:f3:01:2b:38:d6:ce:75:1a:ee:
e0:bb:91:49:ec:4a:6e:15:ed:d8:a7:8e:1a:9a:8a:fa:33:43:
70:86:4a:b3:21:e1:01:d1:05:34:72:8f:1d:b3:05:17:ff:95:
06:63:8b:dc:ca:be:19:1e:e9:9a:18:dc:34:cd:79:d8:f2:49:
a3:10:15:12:73:57:c3:b4:49:2c:7a:cb:da:c3:d9:4c:21:fc:
95:f6:10:ce:33:9e:2f:ac:1e:ee:92:b3:d9:6a:a0:c5:7c:54:
7d:56:3f:20:75:dd:ea:20:d3:30:25:69:6f:10:db:98:87:7f:
26:5d:e3:84:aa:23:46:a3:a7:10:fa:1e:a9:17:60:22:da:52:
75:0f:7d:3b:0e:0e:c7:7a:71:a2:4b:66:86:d0:ae:7c:e2:66:
9a:3c:f8:fb:c6:9b:cb:eb:e9:ed:e2:7e:1f:1f:97:02:06:a3:
e6:72:fb:1b:bc:82:f9:f5:72:df:db:84:e2:41:4f:35:a5:8b:
cf:08:56:bc:c3:20:40:3f:a8:be:e3:fb:18:ea:72:a6:bd:49:
35:8b:8d:c0
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZYQYARX0389raWdRkU3s7g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjUwNDA3MTMxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGExM2EwNWE2MmFiZjg3MjdjYTU5YzFkYjNjNTA2ZDkzMmEzMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUikGAH6vufokakxztyZNVImJTUz
UAx6fcddXHplozVy4ROrFdqGODBkgv+G8cWtbwpME9T/1hc0U80BeEJK45+49sjA
PZIRJ99wXGh2GKe73+os3MDcZ38rDH4kmbaYUdptUKslTDAGM/hmDfFe5DLVpf8E
PWnxOi8ypKEXTHJwayDeB8IOjucwrx47w5U2cGp4E9wzEEAtfW5p4x6U1KaVKCVL
CXC3wcaCQPNftUHAoSkIxXFEq/U7xL63eL/gxE5peEtLnF47vQkNig4MFEyJvem7
5y2Zpxb2renUuji6LJrFLfnUZwHvCw3Yeu9V2KrpxfimrIvHRrbkSXapGQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFI2hOgWmKr+HJ8pZwds8UG2TKjEtMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvamFFNkJhWXF2NGNueWxuQjJ6eFFiWk1xTVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBOBAIAATBIAwQGBRxAAwQH
JXgAAwQATUC3AwQBTUDcAwQDXM4IAwQBXM4WAwQFXM4gAwQCXM5MAwQBXM7QAwQB
XM7+AwQFXosAAwQA2USnMBgEAgACMBIwEAMGByoCJFWAAwYEKgIkVaAwDQYJKoZI
hvcNAQELBQADggEBALjW8NYgXOlwHQdn4nVUoY0otxHptlN/4jZOkC7+58Mp67VJ
pOLix7snGlO3f/MBKzjWznUa7uC7kUnsSm4V7dinjhqaivozQ3CGSrMh4QHRBTRy
jx2zBRf/lQZji9zKvhke6ZoY3DTNedjySaMQFRJzV8O0SSx6y9rD2Uwh/JX2EM4z
ni+sHu6Ss9lqoMV8VH1WPyB13eog0zAlaW8Q25iHfyZd44SqI0ajpxD6HqkXYCLa
UnUPfTsODsd6caJLZobQrnziZpo8+PvGm8vr6e3ifh8flwIGo+Zy+xu8gvn1ct/b
hOJBTzWli88IVrzDIEA/qL7j+xjqcqa9STWLjcA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:03:35 2025 by rpki-client