Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/5jasWjlS1Ump0nRGI3DK46AyE-M.roa
File: 5jasWjlS1Ump0nRGI3DK46AyE-M.roa (raw, json)
Hash identifier: sMi9gwP2+D/zUCH8wz+ohSeZWvK9a9umXNsRtIbAM0g=
Subject key identifier: E6:36:AC:5A:39:52:D5:49:A9:D2:74:46:23:70:CA:E3:A0:32:13:E3
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 019421446A5EEF17C5BD74BAD861600A101A
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/5jasWjlS1Ump0nRGI3DK46AyE-M.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43060
IP address blocks: 91.196.76.0/23 maxlen: 24
91.196.77.0/24 maxlen: 24
94.158.48.0/20 maxlen: 20
94.158.48.0/21 maxlen: 21
94.158.56.0/24 maxlen: 24
94.158.57.0/24 maxlen: 24
94.158.58.0/24 maxlen: 24
94.158.59.0/24 maxlen: 24
94.158.60.0/24 maxlen: 24
94.158.61.0/24 maxlen: 24
94.158.62.0/24 maxlen: 24
94.158.63.0/24 maxlen: 24
185.196.216.0/22 maxlen: 22
2a04:1b80::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6a:5e:ef:17:c5:bd:74:ba:d8:61:60:0a:10:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e636ac5a3952d549a9d274462370cae3a03213e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:72:9b:d3:8b:6c:aa:8f:29:2e:e7:89:e9:
62:b9:ac:78:00:21:9b:cb:b0:ea:fc:fd:c6:17:c2:
44:07:f0:ff:b4:64:0f:66:d5:84:07:b9:cd:c5:0f:
84:9a:e4:4a:38:91:70:3f:28:dd:6f:5f:00:6e:13:
bf:fb:63:6b:4e:8d:08:49:68:82:ae:61:f6:72:e0:
c7:6b:a5:51:b6:7d:a1:3d:57:74:9a:56:9a:0a:25:
f2:f2:81:c8:e2:52:02:d2:f2:2c:8b:e3:6b:9a:50:
07:ef:ba:3c:56:a4:d7:a3:e6:79:96:37:75:df:04:
81:21:ba:40:1c:b3:90:50:19:15:a4:cb:bd:b8:9f:
47:a4:0b:87:5e:10:bf:ad:08:95:93:38:73:f0:40:
52:15:ec:35:cc:c0:41:50:58:ba:f4:d6:88:a3:09:
26:8c:53:f9:36:be:4b:c1:ea:6c:ac:48:63:3f:f7:
24:48:e1:4d:b4:79:77:87:91:15:89:21:d9:c6:5f:
46:a1:f9:22:69:32:dc:b5:e3:11:af:0d:66:f7:b2:
9a:94:2f:de:4a:4f:21:ec:8e:1c:a7:e3:0d:69:ce:
89:c3:1b:90:98:b9:87:70:ec:4d:a3:6b:8d:6e:80:
f7:70:b7:9b:1c:25:71:b7:65:9e:c5:87:7d:0c:85:
c7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:36:AC:5A:39:52:D5:49:A9:D2:74:46:23:70:CA:E3:A0:32:13:E3
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/5jasWjlS1Ump0nRGI3DK46AyE-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.76.0/23
94.158.48.0/20
185.196.216.0/22
IPv6:
2a04:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
ae:b1:91:20:bf:9c:62:ab:f2:5d:7c:7d:38:c0:a4:30:d4:e4:
1e:01:cd:64:5d:22:05:09:a0:66:65:79:5f:ee:e2:62:c7:69:
03:ac:bf:08:03:f7:10:88:2e:30:44:cb:0f:af:e9:27:20:54:
aa:1e:a2:b8:54:bc:71:d2:13:97:2b:a4:15:db:f5:a1:37:05:
d8:19:0b:d5:4f:6b:3f:31:2b:71:51:81:5c:ec:2e:90:06:e1:
9b:f3:5d:6c:60:d7:73:80:af:17:d9:92:4b:34:e1:9f:0b:ee:
ae:60:ff:e9:80:c8:2d:6b:73:48:88:05:ef:b4:25:4c:d9:39:
1e:62:c7:5a:36:5e:a0:f5:68:03:fe:7b:dc:30:28:07:37:44:
49:84:69:aa:d6:95:ad:02:4d:1d:94:d8:c6:59:b3:8e:ff:10:
c7:41:e2:d7:7e:d0:f8:a5:08:8e:4d:5f:bd:52:8b:8d:64:fe:
6b:50:cc:f0:7c:5a:2f:f7:ae:fe:f7:4a:14:9e:62:d7:bd:67:
9a:c6:28:ff:93:0a:89:19:bc:fb:76:45:3e:f9:07:65:4e:13:
4d:8d:bd:0c:4b:5c:bb:8d:6a:de:be:ea:6d:25:83:7b:ca:ca:
6e:78:d4:30:3d:93:0f:b8:c3:f1:6e:4a:ff:4c:6c:47:67:c5:
0c:24:e4:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhRGpe7xfFvXS62GFgChAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM2YWM1YTM5NTJkNTQ5YTlkMjc0NDYyMzcwY2FlM2EwMzIxM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgBym9OLbKqPKS7nieliuax4ACGb
y7Dq/P3GF8JEB/D/tGQPZtWEB7nNxQ+EmuRKOJFwPyjdb18AbhO/+2NrTo0ISWiC
rmH2cuDHa6VRtn2hPVd0mlaaCiXy8oHI4lIC0vIsi+NrmlAH77o8VqTXo+Z5ljd1
3wSBIbpAHLOQUBkVpMu9uJ9HpAuHXhC/rQiVkzhz8EBSFew1zMBBUFi69NaIowkm
jFP5Nr5LwepsrEhjP/ckSOFNtHl3h5EViSHZxl9GofkiaTLcteMRrw1m97KalC/e
Sk8h7I4cp+MNac6JwxuQmLmHcOxNo2uNboD3cLebHCVxt2WexYd9DIXHpwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOY2rFo5UtVJqdJ0RiNwyuOgMhPjMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvNWphc1dqbFMxVW1wMG5SR0kzREs0NkF5RS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8RMAwQE
Xp4wAwQCucTYMA0EAgACMAcDBQAqBBuAMA0GCSqGSIb3DQEBCwUAA4IBAQCusZEg
v5xiq/JdfH04wKQw1OQeAc1kXSIFCaBmZXlf7uJix2kDrL8IA/cQiC4wRMsPr+kn
IFSqHqK4VLxx0hOXK6QV2/WhNwXYGQvVT2s/MStxUYFc7C6QBuGb811sYNdzgK8X
2ZJLNOGfC+6uYP/pgMgta3NIiAXvtCVM2TkeYsdaNl6g9WgD/nvcMCgHN0RJhGmq
1pWtAk0dlNjGWbOO/xDHQeLXftD4pQiOTV+9UouNZP5rUMzwfFov967+90oUnmLX
vWeaxij/kwqJGbz7dkU++QdlThNNjb0MS1y7jWrevuptJYN7yspueNQwPZMPuMPx
bkr/TGxHZ8UMJOS/
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:38:16 2025 by rpki-client