Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SCJUcifqpEw6oX7EUdn3PHuDTlU.roa
File: SCJUcifqpEw6oX7EUdn3PHuDTlU.roa (raw, json)
Hash identifier: zxXgncFQPfT9DBtX6l7qX/nx2XTxdbQlc4H6eiPCEDs=
Subject key identifier: 48:22:54:72:27:EA:A4:4C:3A:A1:7E:C4:51:D9:F7:3C:7B:83:4E:55
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01962FFF432271A1BB35F4CEA7721D59BF09
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SCJUcifqpEw6oX7EUdn3PHuDTlU.roa
Signing time: Sun 13 Apr 2025 16:33:00 +0000
ROA not before: Sun 13 Apr 2025 16:33:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59592
IP address blocks: 5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
185.13.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2f:ff:43:22:71:a1:bb:35:f4:ce:a7:72:1d:59:bf:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 13 16:33:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4822547227eaa44c3aa17ec451d9f73c7b834e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:78:31:12:ff:30:63:24:52:39:49:69:c1:
54:e3:88:2a:ca:6a:3c:7c:7d:8f:9e:25:a1:47:76:
86:74:e0:e0:b3:cf:33:ec:b9:55:2d:90:33:1c:c7:
d8:67:6d:eb:a8:3c:d3:40:c5:2e:1d:3b:80:95:78:
f8:c5:21:ce:0d:2b:00:2b:22:7d:5d:3f:2f:0c:4d:
d2:38:af:13:fe:b6:c7:07:a6:05:5a:37:ba:9a:4e:
73:d4:98:2c:7d:fd:7a:58:61:18:99:0e:26:08:0d:
ac:bc:4a:13:b1:8b:58:19:5d:97:70:2a:42:df:06:
84:5a:bd:8d:79:88:26:f1:61:44:45:cb:89:21:53:
2b:b1:f1:fc:b4:95:15:54:1a:4b:8c:55:b2:69:b4:
d3:78:28:4f:fa:34:6e:fa:63:e6:d0:89:6d:95:4a:
46:4d:04:5e:a4:47:fb:0f:3f:59:69:36:9d:c3:e3:
85:05:3c:5d:69:c7:39:e1:ab:2b:b0:1e:56:b0:7d:
0a:96:25:b4:9c:08:9c:bf:de:29:a4:ba:9f:33:f5:
bb:f2:81:c1:55:0f:98:fb:b3:17:06:b5:2a:bf:77:
d7:66:44:07:b0:64:ed:44:32:e7:17:6b:fe:81:2c:
83:ae:fb:ec:2f:7b:77:1e:41:97:52:ec:01:46:73:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:22:54:72:27:EA:A4:4C:3A:A1:7E:C4:51:D9:F7:3C:7B:83:4E:55
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SCJUcifqpEw6oX7EUdn3PHuDTlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fd:3d:0c:35:be:76:68:53:2c:e8:97:3a:a7:fb:10:42:b0:
d6:14:7b:52:9a:28:41:e6:16:c6:86:61:7e:bd:a4:c6:fe:88:
3b:f4:29:55:93:ff:c9:c3:4c:2d:0b:1a:f8:11:1e:52:18:2e:
f3:89:d5:63:57:6b:9a:58:aa:2d:ec:c3:31:5d:bf:48:a8:23:
86:fc:b2:ff:34:fc:42:77:47:7f:bc:83:ae:c2:6d:c5:1e:d4:
db:6e:45:59:5e:21:cb:06:ed:58:cd:04:3d:b9:0a:9b:9a:18:
2d:13:f2:63:8c:d9:bf:e2:f8:80:ee:f2:a2:f4:97:ed:9c:34:
90:9b:62:99:0a:76:c8:b1:9d:14:e1:39:b0:d4:d4:eb:4b:21:
9f:95:4a:f2:a6:04:8b:b6:9a:48:2d:76:d6:f2:dd:22:ca:ce:
4a:be:12:09:e7:4f:c4:f0:14:99:e9:8e:32:a0:ff:5c:1a:f9:
96:e6:e3:b0:25:e5:b9:d5:f8:9f:3d:a3:7b:8f:e7:ab:7b:65:
9c:f2:d6:5e:fa:ab:19:37:f8:f8:b0:46:da:db:50:b2:fa:49:
46:9b:bd:ba:4d:14:9c:34:ae:97:c7:3a:0e:f7:15:39:bb:06:
96:80:41:33:37:bb:61:ad:c5:73:50:f5:17:14:7c:e6:c0:14:
e6:1a:cf:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYv/0MicaG7NfTOp3IdWb8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDEzMTYzMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODIyNTQ3MjI3ZWFhNDRjM2FhMTdlYzQ1MWQ5ZjczYzdiODM0ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk94MRL/MGMkUjlJacFU44gqymo8
fH2PniWhR3aGdODgs88z7LlVLZAzHMfYZ23rqDzTQMUuHTuAlXj4xSHODSsAKyJ9
XT8vDE3SOK8T/rbHB6YFWje6mk5z1Jgsff16WGEYmQ4mCA2svEoTsYtYGV2XcCpC
3waEWr2NeYgm8WFERcuJIVMrsfH8tJUVVBpLjFWyabTTeChP+jRu+mPm0IltlUpG
TQRepEf7Dz9ZaTadw+OFBTxdacc54asrsB5WsH0KliW0nAicv94ppLqfM/W78oHB
VQ+Y+7MXBrUqv3fXZkQHsGTtRDLnF2v+gSyDrvvsL3t3HkGXUuwBRnOuOQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEgiVHIn6qRMOqF+xFHZ9zx7g05VMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU0NKVWNpZnFwRXc2b1g3RVVkbjNQSHVEVGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABebOAwQA
BebcAwQABedXAwQABefIAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQBY/T0MNb52
aFMs6Jc6p/sQQrDWFHtSmihB5hbGhmF+vaTG/og79ClVk//Jw0wtCxr4ER5SGC7z
idVjV2uaWKot7MMxXb9IqCOG/LL/NPxCd0d/vIOuwm3FHtTbbkVZXiHLBu1YzQQ9
uQqbmhgtE/JjjNm/4viA7vKi9JftnDSQm2KZCnbIsZ0U4Tmw1NTrSyGflUrypgSL
tppILXbW8t0iys5KvhIJ50/E8BSZ6Y4yoP9cGvmW5uOwJeW51fifPaN7j+ere2Wc
8tZe+qsZN/j4sEba21Cy+klGm726TRScNK6XxzoO9xU5uwaWgEEzN7thrcVzUPUX
FHzmwBTmGs+V
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:28:09 2025 by rpki-client