Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5b4UUSMsh5HGgeVCsw9c6bIgSAg.roa
File: 5b4UUSMsh5HGgeVCsw9c6bIgSAg.roa (raw, json)
Hash identifier: V9Kzyf+cn35yB+32QV8piPHsT8bmlY2LmI6lLzmLLMM=
Subject key identifier: E5:BE:14:51:23:2C:87:91:C6:81:E5:42:B3:0F:5C:E9:B2:20:48:08
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01975F37DFA6F01DCF04C660F726592AAD7D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5b4UUSMsh5HGgeVCsw9c6bIgSAg.roa
Signing time: Wed 11 Jun 2025 13:39:46 +0000
ROA not before: Wed 11 Jun 2025 13:39:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 265770
IP address blocks: 5.253.228.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.32.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:37:df:a6:f0:1d:cf:04:c6:60:f7:26:59:2a:ad:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 11 13:39:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5be1451232c8791c681e542b30f5ce9b2204808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:eb:3b:b9:74:f9:c8:4c:cf:41:2b:b0:2c:43:
ee:47:54:1a:11:d3:93:d3:c3:c6:f7:16:ff:67:42:
7f:65:81:6c:73:19:95:0c:0f:dc:7e:02:08:9a:cc:
02:3a:f9:3c:6b:08:e0:f7:26:4d:e2:6f:49:16:68:
8a:c7:00:d7:ef:9a:cb:60:05:1c:e9:19:db:aa:18:
d5:c2:25:5d:0e:bd:9b:3b:58:f2:0d:f5:00:17:b1:
cc:85:35:68:c1:fd:66:83:71:7a:c9:66:1b:6b:d1:
15:3c:ee:7a:c1:90:f2:ee:c6:f5:6a:83:74:ea:8a:
2c:75:4f:70:b4:39:ed:f7:9a:47:88:d7:9d:44:ea:
a3:53:0e:3d:38:b3:16:c5:60:d5:af:f6:26:55:30:
c0:f2:9b:51:da:3f:93:fb:e4:2b:cc:3e:e7:ff:b0:
b8:38:1e:2e:34:7a:a2:78:47:81:17:55:58:70:51:
c3:71:e3:c1:62:df:0d:dd:e8:2f:00:1e:4c:01:e4:
66:0b:0e:63:11:12:61:87:8c:4d:9d:34:e4:95:85:
86:88:1d:f5:f9:05:bc:a5:cb:df:a7:3b:d8:9d:2f:
20:f4:29:cd:dd:5c:8f:e7:03:89:72:a5:a1:18:bd:
10:69:b1:c8:d0:db:bd:d0:f0:02:9a:30:87:37:68:
09:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BE:14:51:23:2C:87:91:C6:81:E5:42:B3:0F:5C:E9:B2:20:48:08
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5b4UUSMsh5HGgeVCsw9c6bIgSAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.228.0/22
45.15.244.0/22
45.151.196.0/22
89.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d3:55:f1:15:b1:49:da:ad:75:5e:d9:40:60:fa:2c:bf:9f:
8f:87:27:92:55:47:67:74:1a:90:1b:61:de:b1:02:f9:16:03:
8e:6c:13:fd:3a:04:fa:06:0d:70:c1:96:ac:5a:f1:ef:ac:21:
d6:7a:ca:fa:89:f3:d3:38:46:24:09:dd:24:83:d2:8f:5f:ea:
6f:77:87:57:2d:46:23:83:89:c7:21:4d:2e:af:cd:b8:3f:ed:
cf:2b:21:f3:7e:3e:21:cb:88:a0:0a:09:64:8c:84:d8:4a:49:
ec:3e:db:da:2c:56:d7:5a:91:92:8f:ab:76:59:4c:66:08:23:
7b:67:06:36:44:12:e9:fc:a8:49:e1:42:a6:d6:e9:86:43:17:
ce:41:ad:7b:f7:b6:9c:c1:49:08:50:f0:fd:4e:33:8e:de:c1:
5f:69:84:32:3a:99:e7:ea:01:a4:03:e6:61:79:35:77:e4:15:
1b:50:44:9b:21:02:b8:3c:73:19:a5:dd:22:26:4e:e4:d1:8a:
f9:09:80:e6:18:50:4a:6e:f7:f8:29:95:57:db:19:bb:ac:47:
a4:18:39:b1:f5:39:a2:40:54:c7:49:29:f5:b8:69:5b:f8:d3:
53:6c:a2:24:b7:fc:70:db:c2:68:3f:eb:11:93:a6:7e:db:59:
0a:5f:96:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdfN9+m8B3PBMZg9yZZKq19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNjExMTMzOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJlMTQ1MTIzMmM4NzkxYzY4MWU1NDJiMzBmNWNlOWIyMjA0ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOs7uXT5yEzPQSuwLEPuR1QaEdOT
08PG9xb/Z0J/ZYFscxmVDA/cfgIImswCOvk8awjg9yZN4m9JFmiKxwDX75rLYAUc
6RnbqhjVwiVdDr2bO1jyDfUAF7HMhTVowf1mg3F6yWYba9EVPO56wZDy7sb1aoN0
6oosdU9wtDnt95pHiNedROqjUw49OLMWxWDVr/YmVTDA8ptR2j+T++QrzD7n/7C4
OB4uNHqieEeBF1VYcFHDcePBYt8N3egvAB5MAeRmCw5jERJhh4xNnTTklYWGiB31
+QW8pcvfpzvYnS8g9CnN3VyP5wOJcqWhGL0QabHI0Nu90PACmjCHN2gJLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOW+FFEjLIeRxoHlQrMPXOmyIEgIMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNWI0VVVTTXNoNUhHZ2VWQ3N3OWM2YklnU0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBf3kAwQC
LQ/0AwQCLZfEAwQAWSB+MA0GCSqGSIb3DQEBCwUAA4IBAQAE01XxFbFJ2q11XtlA
YPosv5+PhyeSVUdndBqQG2HesQL5FgOObBP9OgT6Bg1wwZasWvHvrCHWesr6ifPT
OEYkCd0kg9KPX+pvd4dXLUYjg4nHIU0ur824P+3PKyHzfj4hy4igCglkjITYSkns
PtvaLFbXWpGSj6t2WUxmCCN7ZwY2RBLp/KhJ4UKm1umGQxfOQa1797acwUkIUPD9
TjOO3sFfaYQyOpnn6gGkA+ZheTV35BUbUESbIQK4PHMZpd0iJk7k0Yr5CYDmGFBK
bvf4KZVX2xm7rEekGDmx9TmiQFTHSSn1uGlb+NNTbKIkt/xw28JoP+sRk6Z+21kK
X5YP
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:46:58 2025 by rpki-client