Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9zIahErPKs5OI77jqtF3OFfSb84.roa
File: 9zIahErPKs5OI77jqtF3OFfSb84.roa (raw, json)
Hash identifier: LRBu381l6GjbbwghEnE2JO0YRx1RUI+gn5mW8OQMfKg=
Subject key identifier: F7:32:1A:84:4A:CF:2A:CE:4E:23:BE:E3:AA:D1:77:38:57:D2:6F:CE
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 0196EDDB2D9BA0DF868BBC39D6C326574288
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9zIahErPKs5OI77jqtF3OFfSb84.roa
Signing time: Tue 20 May 2025 13:21:26 +0000
ROA not before: Tue 20 May 2025 13:21:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41275
IP address blocks: 5.35.112.0/22 maxlen: 22
5.35.112.0/23 maxlen: 23
5.35.113.0/24 maxlen: 24
5.35.114.0/23 maxlen: 23
62.217.184.0/21 maxlen: 21
85.198.104.0/23 maxlen: 23
89.169.48.0/22 maxlen: 22
89.169.48.0/23 maxlen: 23
89.169.50.0/23 maxlen: 23
89.207.216.0/21 maxlen: 21
89.207.216.0/22 maxlen: 22
89.207.216.0/24 maxlen: 24
89.207.217.0/24 maxlen: 24
89.207.220.0/22 maxlen: 22
89.207.221.0/24 maxlen: 24
93.157.244.0/22 maxlen: 22
95.131.144.0/21 maxlen: 21
95.131.144.0/22 maxlen: 22
95.131.144.0/24 maxlen: 24
95.131.148.0/22 maxlen: 22
185.136.76.0/22 maxlen: 22
185.136.76.0/23 maxlen: 23
185.136.78.0/23 maxlen: 23
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
217.150.200.0/23 maxlen: 23
2a02:5fe0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 22:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:db:2d:9b:a0:df:86:8b:bc:39:d6:c3:26:57:42:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: May 20 13:21:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7321a844acf2ace4e23bee3aad1773857d26fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bd:fb:64:e5:48:ff:99:1b:5d:f4:fe:32:a0:
b0:80:74:5b:12:11:24:19:c8:46:23:6c:2c:a9:bb:
04:a1:39:9f:b5:d9:8f:65:7d:fd:65:10:50:a5:b6:
89:45:c7:6c:15:c0:61:1d:d4:5b:df:a4:1a:2f:4c:
75:04:71:b6:a4:5c:f2:58:17:50:48:d6:8a:e5:5e:
c4:f4:d3:2e:a9:d7:b5:b7:99:67:11:77:5d:f7:b5:
6a:a4:7f:b9:5a:d7:91:63:3c:c1:1e:eb:9c:74:7b:
35:cd:db:c8:3a:3c:c1:47:ee:39:4f:ff:8e:46:fd:
4f:24:1c:b9:8e:b7:ed:1e:35:d6:b3:e4:8d:49:3b:
80:1f:d4:50:fb:e7:ff:a3:0a:55:04:3c:99:e0:f9:
36:96:36:86:08:91:8c:e7:6b:41:83:4e:4f:79:9e:
02:97:58:4f:ba:1a:ac:53:a7:d2:3b:b7:da:71:38:
61:30:14:6d:bd:32:4a:90:b8:ca:6d:a8:8d:6b:ba:
d9:22:f7:76:24:13:2a:09:22:1f:8f:5b:47:48:6b:
28:56:63:7f:da:02:5a:1e:be:88:fc:90:82:f2:c4:
d7:3c:30:d8:ee:00:66:f7:09:77:39:69:25:74:23:
e6:d9:9d:66:69:8b:51:5a:62:a1:58:d4:7c:ba:17:
c3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:32:1A:84:4A:CF:2A:CE:4E:23:BE:E3:AA:D1:77:38:57:D2:6F:CE
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9zIahErPKs5OI77jqtF3OFfSb84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
85.198.104.0/23
89.169.48.0/22
89.207.216.0/21
93.157.244.0/22
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
217.150.200.0/23
IPv6:
2a02:5fe0::/29
Signature Algorithm: sha256WithRSAEncryption
33:6f:45:90:65:f4:88:52:ef:78:06:e8:2c:90:23:24:4d:0b:
d8:f9:a8:1d:fd:6f:9e:60:49:96:3f:e7:8c:d3:ca:35:ad:07:
ed:5c:06:b2:3b:cb:4b:e8:88:e5:01:15:fb:45:aa:f9:8e:78:
f1:27:25:27:2b:0d:03:ac:54:8e:b0:c3:7f:fc:22:0c:57:94:
d7:55:34:b9:55:3c:5b:de:c0:44:63:86:a8:b1:a7:ed:cf:66:
39:68:44:5f:fb:8a:46:53:01:ed:90:bd:6f:13:03:15:10:e4:
89:c0:27:e6:ab:59:4f:62:af:07:fa:d2:a8:79:48:16:38:55:
f2:b8:de:5a:06:93:18:8e:06:c1:81:3f:c1:89:5a:8a:5e:83:
74:a1:92:5b:58:34:ce:78:30:ff:5a:b7:62:d5:f7:d3:3b:0d:
af:98:ba:8e:b9:d0:59:50:05:30:0a:d0:98:b5:89:dc:c1:32:
35:22:0a:41:4d:81:3b:7f:b1:ff:79:5c:fc:d7:5f:e8:41:9b:
4f:80:e4:28:3f:0f:10:00:30:7d:cb:75:bc:cf:f5:f4:6a:cd:
f7:2c:bb:c6:1b:05:29:c9:24:c6:c5:64:ff:b8:dc:3e:66:5c:
1d:6d:57:d1:0b:e6:b7:36:73:29:8d:36:70:20:4f:a4:27:68:
97:90:d7:7c
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZbt2y2boN+Gi7w51sMmV0KIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjUwNTIwMTMyMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMyMWE4NDRhY2YyYWNlNGUyM2JlZTNhYWQxNzczODU3ZDI2ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir37ZOVI/5kbXfT+MqCwgHRbEhEk
GchGI2wsqbsEoTmftdmPZX39ZRBQpbaJRcdsFcBhHdRb36QaL0x1BHG2pFzyWBdQ
SNaK5V7E9NMuqde1t5lnEXdd97VqpH+5WteRYzzBHuucdHs1zdvIOjzBR+45T/+O
Rv1PJBy5jrftHjXWs+SNSTuAH9RQ++f/owpVBDyZ4Pk2ljaGCJGM52tBg05PeZ4C
l1hPuhqsU6fSO7facThhMBRtvTJKkLjKbaiNa7rZIvd2JBMqCSIfj1tHSGsoVmN/
2gJaHr6I/JCC8sTXPDDY7gBm9wl3OWkldCPm2Z1maYtRWmKhWNR8uhfDKQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFPcyGoRKzyrOTiO+46rRdzhX0m/OMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvOXpJYWhFclBLczVPSTc3anF0RjNPRmZTYjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCBSNwAwQD
Ptm4AwQBVcZoAwQCWakwAwQDWc/YAwQCXZ30AwQDX4OQAwQCuYhMMAwDBAC5mxED
BAK5mxADBAHZlsgwDQQCAAIwBwMFAyoCX+AwDQYJKoZIhvcNAQELBQADggEBADNv
RZBl9IhS73gG6CyQIyRNC9j5qB39b55gSZY/54zTyjWtB+1cBrI7y0voiOUBFftF
qvmOePEnJScrDQOsVI6ww3/8IgxXlNdVNLlVPFvewERjhqixp+3PZjloRF/7ikZT
Ae2QvW8TAxUQ5InAJ+arWU9irwf60qh5SBY4VfK43loGkxiOBsGBP8GJWopeg3Sh
kltYNM54MP9at2LV99M7Da+Yuo650FlQBTAK0Ji1idzBMjUiCkFNgTt/sf95XPzX
X+hBm0+A5Cg/DxAAMH3LdbzP9fRqzfcsu8YbBSnJJMbFZP+43D5mXB1tV9EL5rc2
cymNNnAgT6QnaJeQ13w=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:03:48 2025 by rpki-client