Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/5K6nIVbP5K11dvspcfl4G-MfJZw.roa
File: 5K6nIVbP5K11dvspcfl4G-MfJZw.roa (raw, json)
Hash identifier: 1GirTU1av48FvuHpXhFOsW26MgpLG9B9BqlLOufNX8M=
Subject key identifier: E4:AE:A7:21:56:CF:E4:AD:75:76:FB:29:71:F9:78:1B:E3:1F:25:9C
Certificate issuer: /CN=27618505d3b4c000217590f7b7b59bf61ff2f375
Certificate serial: 01941FFA2191D2CCBA6EAFD5C5E587B714EA
Authority key identifier: 27:61:85:05:D3:B4:C0:00:21:75:90:F7:B7:B5:9B:F6:1F:F2:F3:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J2GFBdO0wAAhdZD3t7Wb9h_y83U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/5K6nIVbP5K11dvspcfl4G-MfJZw.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43568
IP address blocks: 77.247.144.0/20 maxlen: 21
128.0.16.0/21 maxlen: 21
178.250.216.0/21 maxlen: 21
2a02:2470::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/J2GFBdO0wAAhdZD3t7Wb9h_y83U.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/J2GFBdO0wAAhdZD3t7Wb9h_y83U.mft
rsync://rpki.ripe.net/repository/DEFAULT/J2GFBdO0wAAhdZD3t7Wb9h_y83U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:21:91:d2:cc:ba:6e:af:d5:c5:e5:87:b7:14:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27618505d3b4c000217590f7b7b59bf61ff2f375
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4aea72156cfe4ad7576fb2971f9781be31f259c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4e:ed:4d:ca:91:50:08:76:16:9b:00:68:3a:
3a:4d:93:5b:bf:73:ee:b7:21:61:7d:5f:4f:2c:6a:
71:97:c7:7e:83:d2:ea:03:41:c1:ff:54:32:b2:d8:
28:85:c0:ec:f4:03:92:28:7f:35:5c:51:85:40:6a:
df:54:d3:d2:f2:db:8c:22:b8:67:eb:87:dc:0a:75:
cb:b9:91:3d:0f:f5:3f:a1:ef:ab:19:2e:b3:47:62:
b9:a8:38:e5:ff:0d:e2:59:a5:9e:68:d4:ce:d8:95:
b8:53:ce:10:ce:5a:e0:dc:ce:ed:b6:c0:84:04:ff:
fc:dd:64:61:fb:72:fa:66:2b:40:a0:3b:31:02:78:
e9:5a:75:ee:83:75:54:16:ff:2d:66:fa:a0:48:f7:
67:56:3b:de:48:52:8b:4d:3c:d1:b4:f4:9e:13:44:
3a:40:ca:74:ea:be:de:9e:c3:f2:77:12:a9:f1:89:
8b:e8:6d:ed:2f:7e:27:a0:61:ad:eb:66:4f:19:da:
77:2c:c9:3f:6c:ef:02:c8:ea:b3:28:06:5e:1c:f1:
75:e6:f6:2f:3e:ce:6e:52:1d:46:f8:ea:f4:dc:8b:
af:8a:6c:d2:1c:d2:21:ce:de:1f:df:4b:98:66:75:
98:fa:77:3e:fd:de:6f:57:bb:18:25:ea:9d:33:80:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AE:A7:21:56:CF:E4:AD:75:76:FB:29:71:F9:78:1B:E3:1F:25:9C
X509v3 Authority Key Identifier:
keyid:27:61:85:05:D3:B4:C0:00:21:75:90:F7:B7:B5:9B:F6:1F:F2:F3:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2GFBdO0wAAhdZD3t7Wb9h_y83U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/5K6nIVbP5K11dvspcfl4G-MfJZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7e6262-ecdd-4334-8b9f-9d5e59f76e6b/1/J2GFBdO0wAAhdZD3t7Wb9h_y83U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.144.0/20
128.0.16.0/21
178.250.216.0/21
IPv6:
2a02:2470::/29
Signature Algorithm: sha256WithRSAEncryption
21:9f:19:8d:41:cd:66:56:e1:ef:43:7d:bc:85:f8:6c:08:5e:
f9:dc:07:ae:fa:ba:72:a2:ce:0b:d8:54:c5:cf:58:7e:1a:c2:
1b:9d:50:a6:a0:de:3b:5a:fa:e2:ee:f9:21:24:00:f5:47:1d:
ac:ad:d1:9f:45:e6:f5:21:bd:22:dd:25:cf:e6:aa:6c:5b:59:
94:1b:ab:44:29:55:4a:38:aa:27:b0:1a:d6:70:a2:69:52:8c:
e2:12:0f:96:07:94:8c:e8:2e:47:d7:da:7a:19:b0:45:e1:08:
33:09:e9:d0:8a:c3:18:bb:c8:a6:13:ee:3e:e0:b4:79:d3:6c:
12:80:af:c4:d6:9f:b3:ad:a2:09:3b:0e:81:21:4a:f6:ed:2c:
a2:bf:59:2c:b6:aa:95:5a:f5:95:a8:80:b1:b7:c5:4b:30:80:
89:c4:1d:75:2c:2b:e1:e8:5b:79:b7:68:c1:d7:b4:43:b3:6b:
1f:8d:43:be:f7:94:e8:65:6d:58:97:12:c1:76:94:27:8d:cf:
a5:c6:3e:68:20:30:8f:7f:38:6c:96:9b:5d:90:6c:cc:6e:c9:
33:df:fa:86:43:4b:c8:aa:91:a4:6a:25:a4:c8:6e:ee:43:6f:
a6:76:13:7d:ef:47:c5:0d:e2:b0:43:8d:2c:0e:4c:1f:b5:ea:
b1:95:02:66
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+iGR0sy6bq/VxeWHtxTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NjE4NTA1ZDNiNGMwMDAyMTc1OTBmN2I3YjU5YmY2MWZm
MmYzNzUwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFlYTcyMTU2Y2ZlNGFkNzU3NmZiMjk3MWY5NzgxYmUzMWYyNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA007tTcqRUAh2FpsAaDo6TZNbv3Pu
tyFhfV9PLGpxl8d+g9LqA0HB/1QystgohcDs9AOSKH81XFGFQGrfVNPS8tuMIrhn
64fcCnXLuZE9D/U/oe+rGS6zR2K5qDjl/w3iWaWeaNTO2JW4U84Qzlrg3M7ttsCE
BP/83WRh+3L6ZitAoDsxAnjpWnXug3VUFv8tZvqgSPdnVjveSFKLTTzRtPSeE0Q6
QMp06r7ensPydxKp8YmL6G3tL34noGGt62ZPGdp3LMk/bO8CyOqzKAZeHPF15vYv
Ps5uUh1G+Or03IuvimzSHNIhzt4f30uYZnWY+nc+/d5vV7sYJeqdM4ARUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOSupyFWz+StdXb7KXH5eBvjHyWcMB8GA1UdIwQY
MBaAFCdhhQXTtMAAIXWQ97e1m/Yf8vN1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJHRkJkTzB3QUFoZFpEM3Q3V2I5aF95ODNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ZTYyNjItZWNkZC00MzM0LThiOWYt
OWQ1ZTU5Zjc2ZTZiLzEvNUs2bklWYlA1SzExZHZzcGNmbDRHLU1mSlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ZTYyNjItZWNkZC00MzM0LThiOWYtOWQ1ZTU5Zjc2ZTZi
LzEvSjJHRkJkTzB3QUFoZFpEM3Q3V2I5aF95ODNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETfeQAwQD
gAAQAwQDsvrYMA0EAgACMAcDBQMqAiRwMA0GCSqGSIb3DQEBCwUAA4IBAQAhnxmN
Qc1mVuHvQ328hfhsCF753Aeu+rpyos4L2FTFz1h+GsIbnVCmoN47Wvri7vkhJAD1
Rx2srdGfReb1Ib0i3SXP5qpsW1mUG6tEKVVKOKonsBrWcKJpUoziEg+WB5SM6C5H
19p6GbBF4QgzCenQisMYu8imE+4+4LR502wSgK/E1p+zraIJOw6BIUr27Syiv1ks
tqqVWvWVqICxt8VLMICJxB11LCvh6Ft5t2jB17RDs2sfjUO+95ToZW1YlxLBdpQn
jc+lxj5oIDCPfzhslptdkGzMbskz3/qGQ0vIqpGkaiWkyG7uQ2+mdhN970fFDeKw
Q40sDkwfteqxlQJm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:03 2025 by rpki-client