Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/5lD_GKbxjgCPRQ_Z3_WLyHUiJO8.roa
File: 5lD_GKbxjgCPRQ_Z3_WLyHUiJO8.roa (raw, json)
Hash identifier: Cmbbg34EqcSBetZYCLfej8mkuPhXU2aySlgUWJj8IbQ=
Subject key identifier: E6:50:FF:18:A6:F1:8E:00:8F:45:0F:D9:DF:F5:8B:C8:75:22:24:EF
Certificate issuer: /CN=e992a035bffc5a41412c497c1285d1838234ffb0
Certificate serial: 01942368DB99BE598EFEF70E377A47B25BB4
Authority key identifier: E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/5lD_GKbxjgCPRQ_Z3_WLyHUiJO8.roa
Signing time: Wed 01 Jan 2025 19:47:42 +0000
ROA not before: Wed 01 Jan 2025 19:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16243
IP address blocks: 77.222.64.0/19 maxlen: 24
87.249.96.0/19 maxlen: 24
185.76.16.0/22 maxlen: 24
217.114.96.0/20 maxlen: 24
2001:1540::/32 maxlen: 48
2001:1541:4100::/40 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:db:99:be:59:8e:fe:f7:0e:37:7a:47:b2:5b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e992a035bffc5a41412c497c1285d1838234ffb0
Validity
Not Before: Jan 1 19:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e650ff18a6f18e008f450fd9dff58bc8752224ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6c:6d:ec:90:fb:05:40:07:e0:50:b7:be:0b:
c1:09:4d:d2:ff:6b:f4:4b:73:ed:96:7e:68:46:d3:
5a:24:20:3b:19:db:c5:ce:d3:94:5a:7a:f1:1b:4f:
74:1e:9c:92:af:5d:36:80:56:7d:ab:c3:0a:3c:a8:
cd:27:b0:18:a3:1b:81:33:6e:7b:0a:74:01:ef:16:
76:c7:c7:5b:3e:cc:ea:cd:af:66:6b:10:c9:14:b9:
cf:d2:93:12:13:a5:07:68:07:71:92:3e:65:8d:03:
55:06:4b:9f:a1:4e:fd:26:0d:e1:86:69:e6:b3:c9:
23:f2:00:55:83:70:4b:14:19:39:73:42:b5:53:3b:
60:ad:34:6d:69:4c:0c:29:cf:3a:3e:e9:9e:bd:17:
ad:82:4a:51:af:96:79:44:9d:92:63:81:79:d1:61:
ea:4e:e4:16:11:e9:74:84:c9:2a:6a:b4:44:82:0c:
e9:d6:6b:92:6f:fb:a3:41:bf:8c:52:3a:0e:f2:97:
58:78:08:66:6a:9c:80:0e:4b:18:91:72:ab:25:77:
ba:72:30:87:75:c3:7c:1e:a0:ac:4b:78:88:da:60:
56:bc:33:19:0d:cf:36:8a:00:7b:93:65:ba:37:f4:
92:85:be:e0:de:66:90:d8:13:e8:51:de:28:f2:f8:
40:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:50:FF:18:A6:F1:8E:00:8F:45:0F:D9:DF:F5:8B:C8:75:22:24:EF
X509v3 Authority Key Identifier:
keyid:E9:92:A0:35:BF:FC:5A:41:41:2C:49:7C:12:85:D1:83:82:34:FF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/5lD_GKbxjgCPRQ_Z3_WLyHUiJO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f5f6b-35e4-4391-9519-b97d336ea2f5/1/6ZKgNb_8WkFBLEl8EoXRg4I0_7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.64.0/19
87.249.96.0/19
185.76.16.0/22
217.114.96.0/20
IPv6:
2001:1540::/32
2001:1541:4100::/40
Signature Algorithm: sha256WithRSAEncryption
1e:ec:ce:0a:38:ae:a6:76:b1:5c:db:b7:bf:30:c5:b4:65:95:
37:cb:a7:e2:9e:81:31:9f:2f:d3:94:8a:fa:56:a5:12:d7:5d:
84:aa:3d:10:3e:fc:05:db:9c:4f:ba:30:69:17:b5:9a:9f:6a:
15:88:37:7d:2e:b9:89:59:fd:e1:c1:f6:d8:a2:03:2a:74:a1:
a5:fb:53:cf:e3:fa:35:6f:1f:b4:7c:1c:bd:23:e1:f1:4c:79:
80:59:25:60:43:44:2e:f6:42:57:0a:22:47:d2:cb:a3:4d:6c:
8f:27:5e:f0:1a:a8:f5:af:37:90:02:3f:1a:1c:0c:19:d7:d3:
61:e5:27:87:ba:8e:e6:0e:b0:fc:65:94:a7:67:2c:1b:3f:07:
10:62:62:41:3e:b4:0c:be:f4:3d:8d:c2:ac:ba:27:37:cf:5d:
c2:d3:ee:61:5c:58:bc:77:05:b3:4c:ee:72:e4:30:d0:cb:8d:
16:a7:ce:2c:33:ff:82:59:55:ac:38:db:32:89:d6:c2:42:40:
33:e9:b2:d0:d2:4c:d4:ec:08:24:e4:56:23:9b:86:34:85:2d:
99:d1:52:3e:68:54:e0:11:6b:0f:e6:c0:df:60:9b:f1:58:35:
99:de:0d:95:eb:70:4e:d3:d9:f8:58:3b:6d:3e:1d:55:b6:fb:
99:a8:1b:9f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQjaNuZvlmO/vcON3pHslu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OTJhMDM1YmZmYzVhNDE0MTJjNDk3YzEyODVkMTgzODIz
NGZmYjAwHhcNMjUwMTAxMTk0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUwZmYxOGE2ZjE4ZTAwOGY0NTBmZDlkZmY1OGJjODc1MjIyNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmxt7JD7BUAH4FC3vgvBCU3S/2v0
S3Ptln5oRtNaJCA7GdvFztOUWnrxG090HpySr102gFZ9q8MKPKjNJ7AYoxuBM257
CnQB7xZ2x8dbPszqza9maxDJFLnP0pMSE6UHaAdxkj5ljQNVBkufoU79Jg3hhmnm
s8kj8gBVg3BLFBk5c0K1UztgrTRtaUwMKc86PumevRetgkpRr5Z5RJ2SY4F50WHq
TuQWEel0hMkqarREggzp1muSb/ujQb+MUjoO8pdYeAhmapyADksYkXKrJXe6cjCH
dcN8HqCsS3iI2mBWvDMZDc82igB7k2W6N/SShb7g3maQ2BPoUd4o8vhA2QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOZQ/xim8Y4Aj0UP2d/1i8h1IiTvMB8GA1UdIwQY
MBaAFOmSoDW//FpBQSxJfBKF0YOCNP+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTkt
Yjk3ZDMzNmVhMmY1LzEvNWxEX0dLYnhqZ0NQUlFfWjNfV0x5SFVpSk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81ZjVmNmItMzVlNC00MzkxLTk1MTktYjk3ZDMzNmVhMmY1
LzEvNlpLZ05iXzhXa0ZCTEVsOEVvWFJnNEkwXzdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAeBAIAATAYAwQFTd5AAwQF
V/lgAwQCuUwQAwQE2XJgMBUEAgACMA8DBQAgARVAAwYAIAEVQUEwDQYJKoZIhvcN
AQELBQADggEBAB7szgo4rqZ2sVzbt78wxbRllTfLp+KegTGfL9OUivpWpRLXXYSq
PRA+/AXbnE+6MGkXtZqfahWIN30uuYlZ/eHB9tiiAyp0oaX7U8/j+jVvH7R8HL0j
4fFMeYBZJWBDRC72QlcKIkfSy6NNbI8nXvAaqPWvN5ACPxocDBnX02HlJ4e6juYO
sPxllKdnLBs/BxBiYkE+tAy+9D2Nwqy6JzfPXcLT7mFcWLx3BbNM7nLkMNDLjRan
ziwz/4JZVaw42zKJ1sJCQDPpstDSTNTsCCTkViObhjSFLZnRUj5oVOARaw/mwN9g
m/FYNZneDZXrcE7T2fhYO20+HVW2+5moG58=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:46:52 2025 by rpki-client