Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/yWWoay0ayleQau0Xgx1nrUGIKj0.roa
File: yWWoay0ayleQau0Xgx1nrUGIKj0.roa (raw, json)
Hash identifier: 5Hs7Smq+GKOGNzQZoeccE5rQAWaXTAj4CCluIzt4Tck=
Subject key identifier: C9:65:A8:6B:2D:1A:CA:57:90:6A:ED:17:83:1D:67:AD:41:88:2A:3D
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 01971A68565E477EF9CDE93DFB4394B82366
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/yWWoay0ayleQau0Xgx1nrUGIKj0.roa
Signing time: Thu 29 May 2025 04:58:54 +0000
ROA not before: Thu 29 May 2025 04:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205585
IP address blocks: 185.143.232.0/22 maxlen: 24
185.220.226.0/24 maxlen: 24
2a0c:a7c0::/29 maxlen: 48
2a0c:a7c6::/36 maxlen: 48
2a0c:a7c6:17::/48 maxlen: 48
2a0c:a7c7::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:68:56:5e:47:7e:f9:cd:e9:3d:fb:43:94:b8:23:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: May 29 04:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c965a86b2d1aca57906aed17831d67ad41882a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:aa:04:45:e4:ea:93:ad:f6:a8:2d:1b:63:
88:e5:41:e1:4a:3f:7b:b1:37:d8:7f:a7:a3:b1:c4:
84:c2:a2:ed:ce:62:71:f2:7b:14:44:fe:32:8e:0e:
8c:e6:ad:94:85:e3:df:0d:ad:1e:35:ec:ae:96:ca:
20:bb:f8:31:ae:c6:85:e6:84:43:2c:03:da:f5:cd:
6f:ce:df:41:70:66:12:ba:a1:0b:d9:d8:49:94:4c:
65:9c:8e:23:f5:dd:84:2f:6d:fa:57:6e:ae:4a:33:
45:8b:f2:1a:3e:ab:d7:4c:ce:a2:a7:ae:a9:69:87:
57:b8:62:43:38:46:e1:69:b8:fd:42:e1:85:bd:a5:
2d:f4:ee:87:e7:7d:4d:48:15:13:22:62:f4:42:b3:
b8:02:20:17:b1:23:fb:21:48:cf:b7:b9:06:7d:ed:
c1:c1:99:70:6e:c1:75:bb:5f:6e:df:c0:e6:56:4e:
f6:ba:6f:95:42:00:b1:c9:ee:e1:27:71:2d:8b:98:
be:84:b8:59:dd:9d:56:f5:51:bb:67:f9:d9:46:6e:
b8:60:4d:fb:4a:56:e5:4e:7d:51:41:08:43:a5:90:
16:a7:e2:e4:ab:6c:cc:f2:93:a8:ae:53:0a:7b:b0:
e8:f7:2b:9e:34:85:73:7c:cb:29:f0:1b:fd:39:2f:
54:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:65:A8:6B:2D:1A:CA:57:90:6A:ED:17:83:1D:67:AD:41:88:2A:3D
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/yWWoay0ayleQau0Xgx1nrUGIKj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:a3:b1:72:2f:2b:2b:58:56:e9:79:3f:61:13:78:0d:68:ca:
47:1b:d2:91:34:db:48:a7:bf:49:2e:1e:8a:60:f3:ce:f6:be:
77:0d:32:0a:94:71:52:a4:dd:83:3e:29:3d:04:94:3d:96:c7:
ca:3f:00:a7:0d:00:40:53:ab:22:b2:fe:92:05:dc:70:fc:e2:
2a:a4:c0:b4:15:0a:76:87:fc:e0:15:69:e5:b6:dc:d5:f8:d7:
75:61:10:b0:23:ff:5d:f5:5c:10:27:c4:25:d0:ea:0e:b8:0a:
1e:7f:19:78:b1:21:ad:59:80:19:85:f2:ba:16:2c:51:33:99:
5f:77:aa:e4:c5:f5:cd:4d:51:74:99:44:61:5f:ed:aa:0d:97:
64:cb:69:cd:c1:4c:eb:ac:92:77:b3:51:98:57:bb:58:33:1c:
86:75:d2:82:c5:91:a9:83:02:8d:b9:e8:cd:31:a0:c6:39:90:
65:44:41:40:ce:50:8d:0e:cd:8e:da:f2:a0:39:2d:84:60:62:
9f:b6:10:dc:73:23:80:a4:1b:c4:60:55:c1:cc:b1:a3:58:ec:
d3:15:14:5e:93:47:7e:53:5b:0f:d9:40:b3:29:3b:ed:c1:23:
42:c1:63:2c:cb:0d:77:10:a6:b1:25:db:87:16:ac:40:7c:2a:
94:15:c9:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZcaaFZeR375zek9+0OUuCNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjUwNTI5MDQ1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY1YTg2YjJkMWFjYTU3OTA2YWVkMTc4MzFkNjdhZDQxODgyYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkCqBEXk6pOt9qgtG2OI5UHhSj97
sTfYf6ejscSEwqLtzmJx8nsURP4yjg6M5q2UhePfDa0eNeyulsogu/gxrsaF5oRD
LAPa9c1vzt9BcGYSuqEL2dhJlExlnI4j9d2EL236V26uSjNFi/IaPqvXTM6ip66p
aYdXuGJDOEbhabj9QuGFvaUt9O6H531NSBUTImL0QrO4AiAXsSP7IUjPt7kGfe3B
wZlwbsF1u19u38DmVk72um+VQgCxye7hJ3Eti5i+hLhZ3Z1W9VG7Z/nZRm64YE37
SlblTn1RQQhDpZAWp+Lkq2zM8pOorlMKe7Do9yueNIVzfMsp8Bv9OS9URwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMllqGstGspXkGrtF4MdZ61BiCo9MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEveVdXb2F5MGF5bGVRYXUwWGd4MW5yVUdJS2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuY/oAwQA
udziMA0EAgACMAcDBQMqDKfAMA0GCSqGSIb3DQEBCwUAA4IBAQAvo7FyLysrWFbp
eT9hE3gNaMpHG9KRNNtIp79JLh6KYPPO9r53DTIKlHFSpN2DPik9BJQ9lsfKPwCn
DQBAU6sisv6SBdxw/OIqpMC0FQp2h/zgFWnlttzV+Nd1YRCwI/9d9VwQJ8Ql0OoO
uAoefxl4sSGtWYAZhfK6FixRM5lfd6rkxfXNTVF0mURhX+2qDZdky2nNwUzrrJJ3
s1GYV7tYMxyGddKCxZGpgwKNuejNMaDGOZBlREFAzlCNDs2O2vKgOS2EYGKfthDc
cyOApBvEYFXBzLGjWOzTFRRek0d+U1sP2UCzKTvtwSNCwWMsyw13EKaxJduHFqxA
fCqUFclo
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:07:06 2025 by rpki-client