Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TDDnhsWgxkGdG7BfGlC4CIB8hXc.roa
File: TDDnhsWgxkGdG7BfGlC4CIB8hXc.roa (raw, json)
Hash identifier: mAFWPEFNFtu12Nez2hG2dDFI+Ij+KVUdoJCzsE5w8Wg=
Subject key identifier: 4C:30:E7:86:C5:A0:C6:41:9D:1B:B0:5F:1A:50:B8:08:80:7C:85:77
Certificate issuer: /CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Certificate serial: 01942827D97D461EAFA8939269E5D46CE53B
Authority key identifier: B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TDDnhsWgxkGdG7BfGlC4CIB8hXc.roa
Signing time: Thu 02 Jan 2025 17:54:47 +0000
ROA not before: Thu 02 Jan 2025 17:54:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199434
IP address blocks: 5.57.24.0/21 maxlen: 21
5.57.24.0/24 maxlen: 24
5.57.25.0/24 maxlen: 24
5.57.26.0/24 maxlen: 24
5.57.27.0/24 maxlen: 24
5.57.28.0/22 maxlen: 22
185.197.48.0/22 maxlen: 22
2a0a:6280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:d9:7d:46:1e:af:a8:93:92:69:e5:d4:6c:e5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fe63ee8a23f4916e4053531e6950db6c31e805
Validity
Not Before: Jan 2 17:54:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c30e786c5a0c6419d1bb05f1a50b808807c8577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b7:7e:e4:fa:c6:13:74:b0:42:fa:24:75:24:
41:8d:ee:98:4b:4e:c0:19:fb:d7:03:09:9c:9d:68:
18:10:ac:c1:28:d1:69:ac:bc:3b:4e:90:47:f4:56:
66:d4:82:dc:79:f8:1e:93:2c:34:06:a1:e0:2e:42:
59:a8:92:b1:1d:b5:f6:77:90:29:c7:84:f0:20:c6:
76:38:11:11:34:6e:7a:75:5b:94:38:ac:f9:7a:93:
1a:7a:b4:14:a3:05:7d:6a:d0:4f:df:55:07:46:b0:
c5:2a:d9:54:c7:fd:b2:ee:b0:99:e9:6e:5c:af:60:
41:4c:cb:fe:ab:73:87:c4:01:db:63:36:fc:00:67:
74:e2:80:77:3e:2b:97:a0:3c:9e:9e:79:53:21:bd:
d4:74:92:e9:a5:f3:3b:fd:41:01:77:de:78:6d:03:
d3:7d:4b:df:e5:d5:2c:bc:47:55:6d:98:11:e0:ee:
b8:5e:ed:53:4f:a9:61:cb:59:46:3a:92:5c:2e:f9:
52:9f:f4:f8:83:f3:65:49:07:9d:b5:dd:dc:4d:f4:
d5:45:6b:cb:6d:3a:95:a0:14:f0:ef:37:c2:de:62:
80:33:6f:f5:6b:f4:f5:3d:1a:38:7c:34:4f:ef:65:
92:45:b1:bb:06:09:48:cb:dc:28:4b:3b:0e:79:05:
d4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:30:E7:86:C5:A0:C6:41:9D:1B:B0:5F:1A:50:B8:08:80:7C:85:77
X509v3 Authority Key Identifier:
keyid:B6:FE:63:EE:8A:23:F4:91:6E:40:53:53:1E:69:50:DB:6C:31:E8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tv5j7ooj9JFuQFNTHmlQ22wx6AU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/TDDnhsWgxkGdG7BfGlC4CIB8hXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7edbcf-b90f-4707-b289-a3d377c6feef/1/tv5j7ooj9JFuQFNTHmlQ22wx6AU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.24.0/21
185.197.48.0/22
IPv6:
2a0a:6280::/29
Signature Algorithm: sha256WithRSAEncryption
4a:8a:9c:2b:b0:a9:28:3c:c0:55:5c:23:23:d5:a5:ec:2a:c1:
9c:fb:d1:59:d3:41:71:41:e5:18:4d:d7:53:c7:0e:e8:7f:c4:
d3:30:75:5b:7a:67:f9:38:e0:37:19:43:5e:17:13:58:a7:0f:
15:7c:a2:fb:75:c6:5f:56:09:3e:44:2c:b8:f1:a3:e3:6c:66:
8b:3b:93:61:9a:93:66:74:74:95:10:94:cd:78:5f:4d:6c:99:
65:bf:f3:5b:8c:c4:6b:92:9c:82:d4:47:1a:bb:b8:bf:8e:c4:
41:39:33:07:15:d6:a7:37:f2:10:58:66:92:fc:f5:ba:3d:04:
a3:0c:2f:f7:22:02:35:37:4d:68:aa:19:ca:be:2f:e5:82:fa:
b3:f9:93:92:06:c0:f3:45:77:a9:7e:92:96:fc:f2:ab:b3:a2:
8a:fa:3a:cb:a5:e8:6b:2b:5d:9f:95:fc:6f:f0:69:45:12:bb:
ab:0d:cc:74:d5:f4:6e:60:ad:be:4e:26:eb:fa:58:13:a0:97:
1e:e8:c9:82:53:71:c2:f6:9d:7e:af:14:93:2e:71:dc:72:b3:
36:5d:2c:a5:e1:28:ee:cd:27:a5:cc:3a:07:14:f4:78:6f:8c:
1a:6f:3c:63:8a:5e:3e:8e:fa:e5:e1:06:28:e5:8c:72:65:cd:
e4:60:17:4e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoJ9l9Rh6vqJOSaeXUbOU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmU2M2VlOGEyM2Y0OTE2ZTQwNTM1MzFlNjk1MGRiNmMz
MWU4MDUwHhcNMjUwMTAyMTc1NDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMwZTc4NmM1YTBjNjQxOWQxYmIwNWYxYTUwYjgwODgwN2M4NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybd+5PrGE3SwQvokdSRBje6YS07A
GfvXAwmcnWgYEKzBKNFprLw7TpBH9FZm1ILcefgekyw0BqHgLkJZqJKxHbX2d5Ap
x4TwIMZ2OBERNG56dVuUOKz5epMaerQUowV9atBP31UHRrDFKtlUx/2y7rCZ6W5c
r2BBTMv+q3OHxAHbYzb8AGd04oB3PiuXoDyennlTIb3UdJLppfM7/UEBd954bQPT
fUvf5dUsvEdVbZgR4O64Xu1TT6lhy1lGOpJcLvlSn/T4g/NlSQedtd3cTfTVRWvL
bTqVoBTw7zfC3mKAM2/1a/T1PRo4fDRP72WSRbG7BglIy9woSzsOeQXU4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEww54bFoMZBnRuwXxpQuAiAfIV3MB8GA1UdIwQY
MBaAFLb+Y+6KI/SRbkBTUx5pUNtsMegFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODkt
YTNkMzc3YzZmZWVmLzEvVEREbmhzV2d4a0dkRzdCZkdsQzRDSUI4aFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS83ZWRiY2YtYjkwZi00NzA3LWIyODktYTNkMzc3YzZmZWVm
LzEvdHY1ajdvb2o5SkZ1UUZOVEhtbFEyMnd4NkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkYAwQC
ucUwMA0EAgACMAcDBQMqCmKAMA0GCSqGSIb3DQEBCwUAA4IBAQBKipwrsKkoPMBV
XCMj1aXsKsGc+9FZ00FxQeUYTddTxw7of8TTMHVbemf5OOA3GUNeFxNYpw8VfKL7
dcZfVgk+RCy48aPjbGaLO5NhmpNmdHSVEJTNeF9NbJllv/NbjMRrkpyC1Ecau7i/
jsRBOTMHFdanN/IQWGaS/PW6PQSjDC/3IgI1N01oqhnKvi/lgvqz+ZOSBsDzRXep
fpKW/PKrs6KK+jrLpehrK12flfxv8GlFErurDcx01fRuYK2+Tibr+lgToJce6MmC
U3HC9p1+rxSTLnHccrM2XSyl4SjuzSelzDoHFPR4b4wabzxjil4+jvrl4QYo5Yxy
Zc3kYBdO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:03 2025 by rpki-client