Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/hWi--eNkI9TK8tV0GdIuvuJQyDc.roa
File: hWi--eNkI9TK8tV0GdIuvuJQyDc.roa (raw, json)
Hash identifier: h6dcszo7jHVlG8sKlZpn1qh++xSjCv//ZGRVVxrrlrM=
Subject key identifier: 85:68:BE:F9:E3:64:23:D4:CA:F2:D5:74:19:D2:2E:BE:E2:50:C8:37
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 0196F5E78D6C1454D0D7599F141B512DB34D
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/hWi--eNkI9TK8tV0GdIuvuJQyDc.roa
Signing time: Thu 22 May 2025 02:51:54 +0000
ROA not before: Thu 22 May 2025 02:51:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/23 maxlen: 23
5.102.38.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
195.5.125.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f5:e7:8d:6c:14:54:d0:d7:59:9f:14:1b:51:2d:b3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: May 22 02:51:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8568bef9e36423d4caf2d57419d22ebee250c837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:d0:3d:42:6d:3f:6d:17:7d:4b:49:26:0e:
5c:59:a7:a1:4d:aa:c2:a8:fb:f6:c3:ce:83:cb:04:
79:11:00:79:a1:8f:77:10:7c:55:25:6c:44:9a:7a:
ce:ae:af:3b:76:dd:fb:ba:58:b6:ca:f2:b2:1b:93:
1f:ff:6f:0f:7f:7a:9b:88:2a:e4:fb:a5:b9:67:bf:
1e:7b:49:a3:d8:60:82:61:fd:93:f1:1a:01:e1:58:
e3:26:d1:da:c2:ab:db:2a:61:1b:c2:67:58:67:d9:
9e:e3:bc:7c:37:be:99:ce:54:03:4d:99:c4:82:a2:
45:60:ca:e0:00:a4:1b:ab:bb:a0:a1:6f:aa:74:79:
f4:59:27:ff:f9:df:5c:c1:52:c1:99:bc:df:be:ab:
f7:5c:63:03:a5:96:71:c6:f3:1a:d7:90:d2:60:45:
4c:a4:69:d4:9a:50:18:7a:60:76:0c:6d:32:7d:0d:
52:b8:1d:b8:4f:8d:69:5c:3b:39:72:49:e4:fb:8a:
b8:d3:08:49:0b:fc:5c:32:2e:1c:ab:c4:27:1a:d2:
0b:a8:39:63:e1:35:7a:f2:d5:7e:82:04:89:65:13:
76:75:f5:d7:b1:85:d4:22:06:bc:99:49:00:86:f4:
8c:ce:e3:95:63:dc:e0:8e:96:4a:74:8c:46:5a:ec:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:68:BE:F9:E3:64:23:D4:CA:F2:D5:74:19:D2:2E:BE:E2:50:C8:37
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/hWi--eNkI9TK8tV0GdIuvuJQyDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0-5.102.38.255
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:72:58:62:73:ac:49:65:2b:86:aa:8f:17:a9:72:fd:7e:80:
e5:b4:3e:71:e9:34:bf:4e:43:5e:7d:66:b5:d2:b7:36:3a:19:
36:30:ac:98:92:57:04:40:6c:86:71:38:97:b5:d7:5c:f8:0b:
d3:5b:90:dd:9e:89:0b:c2:40:3f:54:db:8a:13:2a:87:81:4e:
25:39:31:62:1b:b2:82:cd:9b:b8:8d:3b:ba:06:c4:03:3b:a6:
3a:5e:b4:e1:15:21:7d:2f:e1:9a:e8:e6:a5:d0:9a:2f:c0:14:
4e:4b:3c:58:71:0f:b1:c6:a0:c9:e5:46:96:61:1b:37:9e:f0:
bb:e3:79:f7:d8:59:d1:6c:0c:81:c8:1d:1c:c7:df:c8:b3:f1:
6b:07:25:3e:28:75:18:d7:22:4b:b6:80:3b:14:50:73:9a:dc:
6e:b7:a0:84:bd:b3:69:3f:ab:81:a7:6f:b1:7f:4b:9f:fb:4e:
56:a7:fb:f3:79:95:4a:3e:9f:dc:2f:75:ce:5f:d4:39:76:f0:
9f:f7:42:32:8a:c7:e9:f5:86:95:7c:36:32:93:01:18:1b:20:
9d:00:47:7d:c6:20:d1:2e:ef:e3:16:9e:14:c7:c9:70:f6:0f:
7a:04:33:a2:4f:5d:fb:83:26:f2:b7:20:08:3f:46:f3:ef:ce:
5d:58:ea:63
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZb1541sFFTQ11mfFBtRLbNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjUwNTIyMDI1MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTY4YmVmOWUzNjQyM2Q0Y2FmMmQ1NzQxOWQyMmViZWUyNTBjODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mvQPUJtP20XfUtJJg5cWaehTarC
qPv2w86DywR5EQB5oY93EHxVJWxEmnrOrq87dt37uli2yvKyG5Mf/28Pf3qbiCrk
+6W5Z78ee0mj2GCCYf2T8RoB4VjjJtHawqvbKmEbwmdYZ9me47x8N76ZzlQDTZnE
gqJFYMrgAKQbq7ugoW+qdHn0WSf/+d9cwVLBmbzfvqv3XGMDpZZxxvMa15DSYEVM
pGnUmlAYemB2DG0yfQ1SuB24T41pXDs5cknk+4q40whJC/xcMi4cq8QnGtILqDlj
4TV68tV+ggSJZRN2dfXXsYXUIga8mUkAhvSMzuOVY9zgjpZKdIxGWuwYYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIVovvnjZCPUyvLVdBnSLr7iUMg3MB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvaFdpLS1lTmtJOVRLOHRWMEdkSXV2dUpReURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAIFZiQD
BAAFZiYDBAHDBXwwDQQCAAIwBwMFAyoQDYAwDQYJKoZIhvcNAQELBQADggEBAFty
WGJzrEllK4aqjxepcv1+gOW0PnHpNL9OQ159ZrXStzY6GTYwrJiSVwRAbIZxOJe1
11z4C9NbkN2eiQvCQD9U24oTKoeBTiU5MWIbsoLNm7iNO7oGxAM7pjpetOEVIX0v
4Zro5qXQmi/AFE5LPFhxD7HGoMnlRpZhGzee8LvjeffYWdFsDIHIHRzH38iz8WsH
JT4odRjXIku2gDsUUHOa3G63oIS9s2k/q4Gnb7F/S5/7Tlan+/N5lUo+n9wvdc5f
1Dl28J/3QjKKx+n1hpV8NjKTARgbIJ0AR33GINEu7+MWnhTHyXD2D3oEM6JPXfuD
JvK3IAg/RvPvzl1Y6mM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:37:02 2025 by rpki-client