Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/06fKvJ6DXtLQkPRF_5x6h3y4T5U.roa
File: 06fKvJ6DXtLQkPRF_5x6h3y4T5U.roa (raw, json)
Hash identifier: pwXaDGNXY2yyDJWetIQvjmX4OTShxo8fPOC9bn7nYwE=
Subject key identifier: D3:A7:CA:BC:9E:83:5E:D2:D0:90:F4:45:FF:9C:7A:87:7C:B8:4F:95
Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Certificate serial: 01941FFA49E076607259EA50F5910C8F9F05
Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/06fKvJ6DXtLQkPRF_5x6h3y4T5U.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29247
IP address blocks: 5.144.192.0/18 maxlen: 18
5.144.192.0/20 maxlen: 20
5.144.208.0/20 maxlen: 20
5.144.224.0/20 maxlen: 20
5.203.0.0/16 maxlen: 16
31.152.0.0/16 maxlen: 16
62.103.103.0/24 maxlen: 24
94.143.176.0/24 maxlen: 24
94.143.177.0/24 maxlen: 24
94.143.178.0/24 maxlen: 24
94.143.180.0/24 maxlen: 24
94.143.183.0/24 maxlen: 24
109.178.0.0/16 maxlen: 16
149.210.0.0/18 maxlen: 18
149.210.64.0/18 maxlen: 18
195.167.65.0/24 maxlen: 24
2a02:1388::/29 maxlen: 29
2a02:1388::/36 maxlen: 36
2a02:1388:2000::/36 maxlen: 36
2a02:1388:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:49:e0:76:60:72:59:ea:50:f5:91:0c:8f:9f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3a7cabc9e835ed2d090f445ff9c7a877cb84f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f5:37:9c:d6:66:89:6c:92:5b:f9:81:1c:22:
94:0a:a9:37:10:99:34:99:d9:b4:58:99:00:77:f0:
6a:6a:d2:a7:14:b2:09:02:8c:91:45:a7:c2:af:7f:
6a:ef:ea:05:a0:f8:b3:2f:6f:5d:4a:19:29:50:fb:
61:06:29:a8:24:7d:25:1f:0f:3c:1c:7d:87:48:a0:
25:77:ba:b1:0b:9b:71:40:e6:1b:a6:26:1a:d2:d7:
68:46:2b:ea:5f:5c:f6:5b:10:7f:ef:fd:82:89:17:
26:73:94:6f:2f:1d:df:84:46:9c:1f:db:b4:1e:1e:
ef:84:57:ba:96:57:ff:a2:fe:8d:11:21:bf:f0:5d:
64:7b:e0:1c:a6:cc:16:44:78:ec:cf:02:e8:03:63:
c4:65:17:79:ac:df:ac:ea:6e:1c:0b:ed:50:4e:60:
ce:45:4f:b9:10:fb:70:a7:61:29:4a:5c:00:79:6d:
2e:b6:30:83:46:d3:d7:1d:d2:88:90:3a:5f:f6:fc:
45:67:55:2b:5b:c3:1c:d7:28:dd:16:e6:3e:3d:4a:
85:e0:4b:f9:a0:a9:44:21:37:03:f4:00:ae:38:d2:
fc:67:33:9f:63:56:ef:f6:63:12:e3:bd:c9:d2:eb:
7b:ad:9e:56:6b:30:b6:87:d7:8b:b3:f2:e8:9e:1d:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A7:CA:BC:9E:83:5E:D2:D0:90:F4:45:FF:9C:7A:87:7C:B8:4F:95
X509v3 Authority Key Identifier:
keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/06fKvJ6DXtLQkPRF_5x6h3y4T5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.192.0/18
5.203.0.0/16
31.152.0.0/16
62.103.103.0/24
94.143.176.0-94.143.178.255
94.143.180.0/24
94.143.183.0/24
109.178.0.0/16
149.210.0.0/17
195.167.65.0/24
IPv6:
2a02:1388::/29
Signature Algorithm: sha256WithRSAEncryption
7f:ed:5e:86:b5:0a:56:c8:07:60:61:58:d6:bf:91:dd:65:85:
a4:39:9b:75:ef:61:e1:40:10:12:06:5c:f6:6a:81:e8:6e:9d:
99:e5:8a:e3:59:2a:68:38:57:0c:f0:a7:63:7b:e7:b8:1a:d9:
61:fc:32:62:70:34:9c:0e:6f:cd:d3:6e:34:de:7c:44:8e:48:
02:fc:76:77:65:22:37:26:fa:fe:95:50:75:1e:66:1d:e2:54:
12:f2:02:28:c5:3b:5d:82:fe:98:d5:35:22:14:df:fb:90:30:
11:37:e5:80:bb:bc:35:c0:f9:e5:67:39:17:83:73:c5:49:19:
0e:f9:b3:39:d8:56:6f:90:e7:b9:8b:22:5f:60:23:3e:4d:32:
d7:8a:b6:01:25:7c:cf:2b:ee:f5:8c:f0:d5:37:d7:cc:19:95:
e8:95:bb:13:f9:0b:13:d1:d6:97:41:b2:6e:c3:7c:77:bb:26:
1a:10:18:ce:e0:da:fc:d2:51:e2:7d:dd:9b:0d:f1:6f:ec:20:
c1:bd:23:e9:b9:43:28:cb:e8:31:a4:f8:38:68:31:60:d3:da:
f8:7f:8a:b5:0f:5a:ee:d3:c2:b2:bb:80:41:ee:9e:06:40:17:
a4:c4:b5:52:58:f3:b9:0b:bf:f4:26:ca:ce:37:bb:28:76:73:
aa:97:21:11
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQf+kngdmByWepQ9ZEMj58FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjljNTRmMTkxOTNlMDY1NDgxNjNmODk1YzNhNDZiOWY4
YmZiYjUwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E3Y2FiYzllODM1ZWQyZDA5MGY0NDVmZjljN2E4NzdjYjg0Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/U3nNZmiWySW/mBHCKUCqk3EJk0
mdm0WJkAd/BqatKnFLIJAoyRRafCr39q7+oFoPizL29dShkpUPthBimoJH0lHw88
HH2HSKAld7qxC5txQOYbpiYa0tdoRivqX1z2WxB/7/2CiRcmc5RvLx3fhEacH9u0
Hh7vhFe6llf/ov6NESG/8F1ke+AcpswWRHjszwLoA2PEZRd5rN+s6m4cC+1QTmDO
RU+5EPtwp2EpSlwAeW0utjCDRtPXHdKIkDpf9vxFZ1UrW8Mc1yjdFuY+PUqF4Ev5
oKlEITcD9ACuONL8ZzOfY1bv9mMS473J0ut7rZ5WazC2h9eLs/Lonh1+FwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNOnyryeg17S0JD0Rf+ceod8uE+VMB8GA1UdIwQY
MBaAFDj5xU8ZGT4GVIFj+JXDpGufi/u1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMt
NzI0OTQ5YjQ2MGU5LzEvMDZmS3ZKNkRYdExRa1BSRl81eDZoM3k0VDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMtNzI0OTQ5YjQ2MGU5
LzEvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQGBZDAAwMA
BcsDAwAfmAMEAD5nZzAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV
0gADBADDp0EwDQQCAAIwBwMFAyoCE4gwDQYJKoZIhvcNAQELBQADggEBAH/tXoa1
ClbIB2BhWNa/kd1lhaQ5m3XvYeFAEBIGXPZqgehunZnliuNZKmg4Vwzwp2N757ga
2WH8MmJwNJwOb83TbjTefESOSAL8dndlIjcm+v6VUHUeZh3iVBLyAijFO12C/pjV
NSIU3/uQMBE35YC7vDXA+eVnOReDc8VJGQ75sznYVm+Q57mLIl9gIz5NMteKtgEl
fM8r7vWM8NU318wZleiVuxP5CxPR1pdBsm7DfHe7JhoQGM7g2vzSUeJ93ZsN8W/s
IMG9I+m5QyjL6DGk+DhoMWDT2vh/irUPWu7TwrK7gEHungZAF6TEtVJY87kLv/Qm
ys43uyh2c6qXIRE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:59 2025 by rpki-client