Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/ct-_W27EwoC0fOGDJoYPaUOCh1k.roa
File: ct-_W27EwoC0fOGDJoYPaUOCh1k.roa (raw, json)
Hash identifier: Ry7d3ypfHQ+1XBY6nTPep5IZIfXf1osPEMavue76/1w=
Subject key identifier: 72:DF:BF:5B:6E:C4:C2:80:B4:7C:E1:83:26:86:0F:69:43:82:87:59
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 019426D9EF70D19B9932FFAAFE830E6B5BAD
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/ct-_W27EwoC0fOGDJoYPaUOCh1k.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 5.11.16.0/22 maxlen: 22
5.11.16.0/23 maxlen: 23
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.18.0/23 maxlen: 23
5.11.18.0/24 maxlen: 24
5.11.19.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/24 maxlen: 24
5.11.25.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ef:70:d1:9b:99:32:ff:aa:fe:83:0e:6b:5b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72dfbf5b6ec4c280b47ce18326860f6943828759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b3:a8:f1:61:77:76:87:df:ae:ac:d6:74:3f:
47:16:04:47:00:1e:9f:0e:3c:f8:13:38:7a:5a:62:
2a:79:6f:14:d5:69:a6:4a:e8:b3:f3:95:03:00:f4:
15:ba:17:4b:bc:c7:33:7c:0f:b1:c2:9c:cc:ec:b2:
fd:67:f6:56:7d:de:16:2d:66:dc:04:e1:60:28:e2:
7f:b1:b9:b8:77:cb:71:ac:80:11:59:06:2e:1c:e9:
10:62:4c:51:17:71:12:1d:b1:23:e6:35:d0:fb:b0:
30:63:fa:a7:d7:68:20:6a:14:cf:34:6e:8d:29:69:
53:2d:42:a9:69:40:bb:16:ce:db:f8:6f:49:2e:c8:
5c:e8:fe:69:8e:19:db:00:fd:c4:2a:84:dd:ed:c4:
b1:80:03:b0:e8:c3:7c:f6:f3:d9:3c:e0:74:97:44:
be:e9:f6:36:5b:cd:e9:02:be:1a:a4:2b:b3:33:e7:
28:11:15:86:73:bd:21:cd:37:9e:99:73:a9:fb:9f:
c1:88:f7:00:2f:09:54:86:11:0c:6b:15:c2:22:e2:
f5:bc:b3:35:2c:02:4c:04:ad:1c:c9:37:2f:40:e0:
7a:05:dd:cf:c0:01:e1:77:91:98:67:c9:08:03:4d:
fa:09:92:5e:98:38:56:ea:35:c7:b9:f3:2e:ce:43:
4f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DF:BF:5B:6E:C4:C2:80:B4:7C:E1:83:26:86:0F:69:43:82:87:59
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/ct-_W27EwoC0fOGDJoYPaUOCh1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:eb:e7:fc:22:ac:66:71:73:a4:63:cb:c9:2a:e7:42:f7:60:
7e:8e:c1:c7:84:85:aa:dc:d6:d4:46:0b:28:7f:19:63:53:40:
d8:06:e8:8a:e0:d9:62:17:f4:23:4f:22:8d:9f:ea:d0:3c:8a:
d6:a5:b2:25:8e:2c:2d:f9:80:f5:1c:cb:51:f0:01:b8:d4:0c:
f6:69:f4:cb:f8:3f:d0:f4:b8:3a:9c:0b:d3:9c:e1:85:13:75:
7a:85:1c:e4:60:79:23:f1:e9:40:17:d5:cd:a6:d9:a7:03:64:
0a:a1:0c:2f:0b:6f:51:8f:11:cc:0f:af:87:c4:8f:3a:a2:e8:
02:d4:e5:1c:88:a6:22:65:ea:66:4c:fa:fa:90:e4:15:02:f5:
71:9d:8b:59:84:9e:5e:bc:6c:c6:25:5e:20:0d:a0:4b:fa:fc:
48:5d:7e:fd:6c:06:a6:2a:29:e8:53:4b:dc:8f:47:4e:29:41:
54:d5:06:00:2f:37:0c:03:e2:38:fe:11:81:5d:11:34:59:4e:
42:90:87:2b:98:a5:a1:fc:ef:e6:54:14:09:9c:bb:b1:7d:5c:
bc:ec:4f:ba:a5:83:00:66:92:e9:5d:fe:39:a0:3e:8f:a6:2d:
04:84:05:7f:d0:3e:6d:da:82:5f:38:f8:d3:0c:d4:f8:e5:51:
4b:19:03:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQm2e9w0ZuZMv+q/oMOa1utMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRmYmY1YjZlYzRjMjgwYjQ3Y2UxODMyNjg2MGY2OTQzODI4NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rOo8WF3doffrqzWdD9HFgRHAB6f
Djz4Ezh6WmIqeW8U1WmmSuiz85UDAPQVuhdLvMczfA+xwpzM7LL9Z/ZWfd4WLWbc
BOFgKOJ/sbm4d8txrIARWQYuHOkQYkxRF3ESHbEj5jXQ+7AwY/qn12ggahTPNG6N
KWlTLUKpaUC7Fs7b+G9JLshc6P5pjhnbAP3EKoTd7cSxgAOw6MN89vPZPOB0l0S+
6fY2W83pAr4apCuzM+coERWGc70hzTeemXOp+5/BiPcALwlUhhEMaxXCIuL1vLM1
LAJMBK0cyTcvQOB6Bd3PwAHhd5GYZ8kIA036CZJemDhW6jXHufMuzkNP2QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHLfv1tuxMKAtHzhgyaGD2lDgodZMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvY3QtX1cyN0V3b0MwZk9HREpvWVBhVU9DaDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAIFCxgwDQYJKoZIhvcNAQELBQADggEBAMLr5/wirGZxc6Rj
y8kq50L3YH6OwceEharc1tRGCyh/GWNTQNgG6Irg2WIX9CNPIo2f6tA8italsiWO
LC35gPUcy1HwAbjUDPZp9Mv4P9D0uDqcC9Oc4YUTdXqFHORgeSPx6UAX1c2m2acD
ZAqhDC8Lb1GPEcwPr4fEjzqi6ALU5RyIpiJl6mZM+vqQ5BUC9XGdi1mEnl68bMYl
XiANoEv6/Ehdfv1sBqYqKehTS9yPR04pQVTVBgAvNwwD4jj+EYFdETRZTkKQhyuY
paH87+ZUFAmcu7F9XLzsT7qlgwBmkuld/jmgPo+mLQSEBX/QPm3agl84+NMM1Pjl
UUsZA2s=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:57:59 2025 by rpki-client