Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fz3EIWejODwg_Gt1mdA_zDaL-c4.roa
File: fz3EIWejODwg_Gt1mdA_zDaL-c4.roa (raw, json)
Hash identifier: DZaf7P3jYMM7f57AG0PkEh5YpUu9nWfWyi+om3unA/8=
Subject key identifier: 7F:3D:C4:21:67:A3:38:3C:20:FC:6B:75:99:D0:3F:CC:36:8B:F9:CE
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 01958B013FE7D8B2C64BB086ACD0248742E0
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fz3EIWejODwg_Gt1mdA_zDaL-c4.roa
Signing time: Wed 12 Mar 2025 15:37:49 +0000
ROA not before: Wed 12 Mar 2025 15:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
103.240.146.0/24 maxlen: 24
103.240.147.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
185.144.156.0/22 maxlen: 22
193.168.172.0/24 maxlen: 24
193.168.175.0/24 maxlen: 24
2a06:c5c0:1500::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1700::/48 maxlen: 48
2a07:3b80::/48 maxlen: 48
2a07:3b80:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:01:3f:e7:d8:b2:c6:4b:b0:86:ac:d0:24:87:42:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Mar 12 15:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f3dc42167a3383c20fc6b7599d03fcc368bf9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:3a:ce:ef:75:ff:40:37:20:00:67:56:c1:3e:
dc:35:7c:ef:14:cd:21:64:8b:e3:66:a9:06:e9:56:
c0:e8:e0:70:9f:64:b5:20:b1:56:f9:6c:24:90:64:
0e:da:32:15:87:b9:71:6d:b3:92:09:ed:ca:ad:ea:
bc:8f:ed:5b:aa:61:6c:63:4b:9a:9f:94:8a:17:c7:
0e:a8:22:b3:e6:60:f9:7b:78:b7:07:ed:dc:4d:4e:
3d:8c:d4:39:95:39:e6:3b:da:34:71:d0:c3:93:6a:
35:73:a2:af:e4:9a:c0:3a:b1:e4:dd:cc:6c:5d:0c:
20:ae:c2:52:1e:d0:3e:a7:85:ff:75:f3:4b:60:d1:
c9:17:e4:55:15:54:2a:fa:b2:ae:bd:02:cd:68:07:
09:81:db:7c:fd:50:72:19:95:4c:b5:43:48:04:a3:
16:d2:07:96:d0:88:d8:db:7e:32:fa:63:b7:13:18:
42:40:b9:01:4d:a5:80:84:d9:ac:05:10:15:4b:5e:
12:56:c7:d4:b8:a5:58:8c:90:0e:45:02:e1:b9:61:
a6:ff:75:e0:25:1f:ec:14:84:d0:a2:6b:c4:bb:37:
55:92:09:01:1a:11:8f:8f:c3:99:50:e0:99:50:15:
f7:8c:3f:87:13:ff:75:f8:e1:56:5a:48:eb:e9:6e:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3D:C4:21:67:A3:38:3C:20:FC:6B:75:99:D0:3F:CC:36:8B:F9:CE
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fz3EIWejODwg_Gt1mdA_zDaL-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.45.245.0-103.45.246.255
103.240.146.0/23
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
185.144.156.0/22
193.168.172.0/24
193.168.175.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
2a07:3b80::/48
2a07:3b80:8::/48
Signature Algorithm: sha256WithRSAEncryption
95:a3:7d:d7:91:20:c2:23:a4:c8:d5:7c:e6:f6:47:d4:a2:66:
e4:bc:5f:e4:2f:20:83:68:a9:62:e7:bd:39:63:dc:f2:1d:3f:
45:a7:42:a8:6e:bd:e2:7e:ec:a7:71:18:38:db:bd:b5:5b:59:
3b:a0:ab:4f:91:62:0a:f3:c3:e8:80:a4:73:a2:8f:fa:e7:3d:
37:dc:51:ea:f3:ee:69:f8:a2:18:59:ee:ab:df:a0:57:61:9a:
2f:b7:d7:9e:9d:e1:f3:03:a7:d9:59:85:14:a1:b4:56:10:16:
73:27:17:99:12:ef:c0:e0:0f:a1:0d:d5:35:be:f9:b4:67:aa:
c5:3f:b3:de:ea:0c:37:86:8d:f9:98:87:db:1c:56:49:ca:6c:
43:11:67:c3:c3:2f:17:f6:0e:03:a4:38:1e:72:c3:67:e4:64:
40:53:63:f1:e6:c2:0e:07:c7:5c:fe:c9:8a:fa:9b:ce:9f:b8:
7e:d5:32:84:de:b9:da:3a:e1:f9:8a:b5:5c:4a:a4:ac:62:3f:
3a:b8:68:05:12:cf:c7:af:d6:a8:45:10:e8:b6:e2:38:c9:ab:
97:b3:0e:6b:da:06:c2:c2:0c:2c:f6:6d:b1:ee:aa:79:5b:7f:
85:ae:4e:53:a4:da:09:3a:03:c3:cd:fe:4a:fe:2a:5b:6b:63:
a5:28:20:8a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZWLAT/n2LLGS7CGrNAkh0LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjUwMzEyMTUzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjNkYzQyMTY3YTMzODNjMjBmYzZiNzU5OWQwM2ZjYzM2OGJmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/DrO73X/QDcgAGdWwT7cNXzvFM0h
ZIvjZqkG6VbA6OBwn2S1ILFW+WwkkGQO2jIVh7lxbbOSCe3Kreq8j+1bqmFsY0ua
n5SKF8cOqCKz5mD5e3i3B+3cTU49jNQ5lTnmO9o0cdDDk2o1c6Kv5JrAOrHk3cxs
XQwgrsJSHtA+p4X/dfNLYNHJF+RVFVQq+rKuvQLNaAcJgdt8/VByGZVMtUNIBKMW
0geW0IjY234y+mO3ExhCQLkBTaWAhNmsBRAVS14SVsfUuKVYjJAORQLhuWGm/3Xg
JR/sFITQomvEuzdVkgkBGhGPj8OZUOCZUBX3jD+HE/91+OFWWkjr6W5fQwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFH89xCFnozg8IPxrdZnQP8w2i/nOMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvZnozRUlXZWpPRHdnX0d0MW1kQV96RGFMLWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBWBAIAATBQAwQALVur
AwQAW8qqAwQAW9+pMAwDBABnLfUDBABnLfYDBAFn8JIDBAFn8UIDBAC5L6wDBAC5
NdEDBAC5i+QDBAK5kJwDBADBqKwDBADBqK8wMwQCAAIwLQMHACoGxcAVAAMHACoG
xcAWAAMHACoGxcAXAAMHACoHO4AAAAMHACoHO4AACDANBgkqhkiG9w0BAQsFAAOC
AQEAlaN915EgwiOkyNV85vZH1KJm5Lxf5C8gg2ipYue9OWPc8h0/RadCqG694n7s
p3EYONu9tVtZO6CrT5FiCvPD6ICkc6KP+uc9N9xR6vPuafiiGFnuq9+gV2GaL7fX
np3h8wOn2VmFFKG0VhAWcycXmRLvwOAPoQ3VNb75tGeqxT+z3uoMN4aN+ZiH2xxW
ScpsQxFnw8MvF/YOA6Q4HnLDZ+RkQFNj8ebCDgfHXP7Jivqbzp+4ftUyhN652jrh
+Yq1XEqkrGI/OrhoBRLPx6/WqEUQ6LbiOMmrl7MOa9oGwsIMLPZtse6qeVt/ha5O
U6TaCToDw83+Sv4qW2tjpSggig==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:04 2025 by rpki-client