Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/5YbQ1lEYRu1FDVmUe9WtFEdIQq8.roa
File: 5YbQ1lEYRu1FDVmUe9WtFEdIQq8.roa (raw, json)
Hash identifier: LLdAnT3T14ZMA8Ruwq6pBGBMT1LXc953lNErRWyZvjE=
Subject key identifier: E5:86:D0:D6:51:18:46:ED:45:0D:59:94:7B:D5:AD:14:47:48:42:AF
Certificate issuer: /CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Certificate serial: 01972C70D0A533385F5D00196CD5910552C5
Authority key identifier: 6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/5YbQ1lEYRu1FDVmUe9WtFEdIQq8.roa
Signing time: Sun 01 Jun 2025 17:01:20 +0000
ROA not before: Sun 01 Jun 2025 17:01:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216235
IP address blocks: 176.10.93.0/24 maxlen: 24
2a13:f3c0::/48 maxlen: 48
2a13:f3c0:1::/48 maxlen: 48
2a13:f3c0:2::/48 maxlen: 48
2a13:f3c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/bwyaERer1S7IA2tPN4ZE-nekuKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/bwyaERer1S7IA2tPN4ZE-nekuKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2c:70:d0:a5:33:38:5f:5d:00:19:6c:d5:91:05:52:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Validity
Not Before: Jun 1 17:01:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e586d0d6511846ed450d59947bd5ad14474842af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:0e:0f:82:6f:b4:88:d9:1f:99:4a:e2:43:
64:ba:fc:47:68:d6:68:e9:f4:01:de:5f:e6:c9:60:
55:f3:e0:93:c0:d5:44:7d:09:b8:fb:1a:7b:c5:30:
a9:10:f2:c2:92:19:41:1a:b9:83:b5:24:e0:f9:88:
65:aa:98:90:53:dd:8a:87:4e:3f:ab:7e:73:90:a3:
0c:7e:6f:ea:c3:ad:fc:04:f3:e2:30:64:1c:2e:0c:
4c:11:83:0f:26:36:57:0a:4e:db:92:c5:29:e6:37:
a5:ef:1d:00:18:85:51:9f:77:b9:56:e9:ef:47:56:
04:2e:72:4d:74:50:28:fd:ed:c7:4f:bd:f8:ad:46:
9b:30:8c:38:fe:d1:3c:53:07:bb:52:b9:81:5c:64:
84:02:91:be:20:3b:52:23:2d:6d:76:e0:63:7f:4d:
49:47:4a:91:b3:8a:ff:e7:1e:05:14:0e:b4:11:7b:
4d:eb:95:b3:a5:42:56:98:b0:d4:7c:aa:64:71:2a:
cf:b8:4a:47:cc:fe:2d:59:1d:14:1b:88:96:2b:09:
0a:4d:d6:a2:02:3f:3e:54:d9:4a:e0:97:51:22:c9:
75:1b:88:33:a3:75:43:6e:52:69:fc:9c:af:c1:5d:
7d:c6:01:04:6f:50:56:10:9e:80:ca:f5:f7:78:da:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:86:D0:D6:51:18:46:ED:45:0D:59:94:7B:D5:AD:14:47:48:42:AF
X509v3 Authority Key Identifier:
keyid:6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/5YbQ1lEYRu1FDVmUe9WtFEdIQq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/bwyaERer1S7IA2tPN4ZE-nekuKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.93.0/24
IPv6:
2a13:f3c0::-2a13:f3c0:2:ffff:ffff:ffff:ffff:ffff
2a13:f3c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
65:b2:5c:1c:03:1b:77:cd:9d:e3:f4:fd:64:4a:0e:93:68:1a:
2f:b5:ca:75:c0:fb:33:f9:76:83:40:7a:d7:da:e8:86:d6:26:
fa:46:5d:8e:04:4f:0f:90:e6:92:9e:5c:66:60:41:d4:7b:1b:
59:19:ca:78:73:3e:5c:b7:95:ca:0f:57:ed:c6:23:cc:f6:f2:
c3:07:f3:27:ed:9a:28:8a:72:1c:c7:1a:fb:09:84:3e:59:0c:
e1:ec:68:15:7f:42:04:40:ee:e8:3c:70:0d:c2:b2:af:c0:39:
44:04:b3:ba:af:d9:c6:1f:92:39:21:1d:76:ea:20:38:56:0b:
fe:3c:05:3b:ba:cb:6e:8d:07:fb:b3:3f:e8:21:62:10:0e:fa:
a2:59:b8:5b:53:8f:bb:53:22:07:2d:0e:80:44:45:7c:c7:28:
35:81:e9:c5:86:29:6a:98:8a:ac:e6:59:21:a3:cd:a9:02:5b:
88:ad:7d:4f:cf:7d:af:a0:d4:35:23:ab:8e:b8:a0:1f:43:21:
3b:3b:0d:b5:0d:09:0d:9d:06:15:c7:78:45:27:ea:70:bd:5b:
02:e9:1b:2b:53:8f:c9:65:52:32:ef:fc:42:e4:72:f4:fe:86:
40:d1:cb:c7:a1:f7:0f:79:65:de:69:1f:b8:f5:54:d8:89:79:
b7:ca:b6:78
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZcscNClMzhfXQAZbNWRBVLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGM5YTExMTdhYmQ1MmVjODAzNmI0ZjM3ODY0NGZhNzdh
NGI4YTcwHhcNMjUwNjAxMTcwMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg2ZDBkNjUxMTg0NmVkNDUwZDU5OTQ3YmQ1YWQxNDQ3NDg0MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4oOD4JvtIjZH5lK4kNkuvxHaNZo
6fQB3l/myWBV8+CTwNVEfQm4+xp7xTCpEPLCkhlBGrmDtSTg+YhlqpiQU92Kh04/
q35zkKMMfm/qw638BPPiMGQcLgxMEYMPJjZXCk7bksUp5jel7x0AGIVRn3e5Vunv
R1YELnJNdFAo/e3HT734rUabMIw4/tE8Uwe7UrmBXGSEApG+IDtSIy1tduBjf01J
R0qRs4r/5x4FFA60EXtN65WzpUJWmLDUfKpkcSrPuEpHzP4tWR0UG4iWKwkKTdai
Aj8+VNlK4JdRIsl1G4gzo3VDblJp/JyvwV19xgEEb1BWEJ6AyvX3eNq9cwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOWG0NZRGEbtRQ1ZlHvVrRRHSEKvMB8GA1UdIwQY
MBaAFG8MmhEXq9UuyANrTzeGRPp3pLinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQt
NGJlMTI3ZmEzMTE4LzEvNVliUTFsRVlSdTFGRFZtVWU5V3RGRWRJUXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQtNGJlMTI3ZmEzMTE4
LzEvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAsApdMCEE
AgACMBswEAMFBioT88ADBwAqE/PAAAIDBwAqE/PAAAQwDQYJKoZIhvcNAQELBQAD
ggEBAGWyXBwDG3fNneP0/WRKDpNoGi+1ynXA+zP5doNAetfa6IbWJvpGXY4ETw+Q
5pKeXGZgQdR7G1kZynhzPly3lcoPV+3GI8z28sMH8yftmiiKchzHGvsJhD5ZDOHs
aBV/QgRA7ug8cA3Csq/AOUQEs7qv2cYfkjkhHXbqIDhWC/48BTu6y26NB/uzP+gh
YhAO+qJZuFtTj7tTIgctDoBERXzHKDWB6cWGKWqYiqzmWSGjzakCW4itfU/Pfa+g
1DUjq464oB9DITs7DbUNCQ2dBhXHeEUn6nC9WwLpGytTj8llUjLv/ELkcvT+hkDR
y8eh9w95Zd5pH7j1VNiJebfKtng=
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:08:00 2025 by rpki-client