Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5ti7bWWeuzgJf0KBwaFhK0N9KRo.roa
File: 5ti7bWWeuzgJf0KBwaFhK0N9KRo.roa (raw, json)
Hash identifier: EtFUfmsrngVXtCd/OFRb3dSYVWsGdEV54+GYkoeqeqQ=
Subject key identifier: E6:D8:BB:6D:65:9E:BB:38:09:7F:42:81:C1:A1:61:2B:43:7D:29:1A
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01965E05580403B2F093844941EE1A532E64
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5ti7bWWeuzgJf0KBwaFhK0N9KRo.roa
Signing time: Tue 22 Apr 2025 15:02:10 +0000
ROA not before: Tue 22 Apr 2025 15:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
194.238.92.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.179.80.0/22 maxlen: 24
217.179.124.0/22 maxlen: 24
217.181.80.0/21 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5e:05:58:04:03:b2:f0:93:84:49:41:ee:1a:53:2e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 22 15:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6d8bb6d659ebb38097f4281c1a1612b437d291a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3e:01:73:1f:73:97:a5:25:42:6d:b9:00:5c:
78:6d:41:e4:4b:8c:2a:d2:7c:a5:2d:ef:4b:a6:30:
14:b9:e6:cf:b1:41:20:48:11:cd:16:90:de:23:99:
a3:fc:03:3c:93:86:f8:7d:8a:4b:83:91:c0:5f:5b:
42:09:f9:48:59:43:d5:1f:3d:53:b3:7b:de:10:9d:
1c:ab:a0:f4:56:ab:49:4e:c9:6c:63:c7:9f:a9:5b:
ae:80:35:e7:a0:db:32:d3:d2:8b:ca:71:60:e4:53:
77:dc:ea:05:0c:66:36:9a:05:fb:8d:8b:73:df:ab:
82:15:5f:d9:e5:a7:9f:05:5d:4c:72:ef:18:51:0d:
18:0f:89:3f:87:ee:c5:d5:77:19:ad:f9:76:45:2d:
e3:c7:9d:42:9e:f3:0f:ac:e1:f5:65:65:5b:a2:30:
fa:0b:28:5c:4f:ab:22:00:a9:f5:5d:c9:99:cf:51:
ca:b5:9b:dd:a7:a4:2e:f6:6b:cd:37:be:2b:37:10:
55:c7:5b:fe:e0:4a:4c:a3:73:4a:e8:53:1f:56:89:
0f:d5:ec:69:94:fd:64:7e:30:f7:e2:5d:25:de:a1:
42:65:6d:17:8d:22:4b:59:f1:ad:70:c0:da:cf:6b:
eb:49:fa:9f:f3:b2:c7:81:bc:25:f8:73:a3:6b:47:
c3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D8:BB:6D:65:9E:BB:38:09:7F:42:81:C1:A1:61:2B:43:7D:29:1A
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/5ti7bWWeuzgJf0KBwaFhK0N9KRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0/20
213.18.192.0/22
213.18.216.0/22
217.179.80.0/22
217.179.124.0/22
217.181.80.0-217.181.91.255
Signature Algorithm: sha256WithRSAEncryption
7a:c8:03:07:f5:07:7e:b3:ac:d4:95:0b:07:b6:5b:c7:ef:91:
27:80:51:63:30:e8:30:2a:e0:a6:16:78:52:a5:4b:47:b5:56:
d6:40:56:41:d3:f4:b2:01:e6:42:94:f3:72:79:a9:38:d7:c5:
ed:f6:c7:da:83:cc:62:8d:e5:d9:d6:2d:c8:94:41:90:80:36:
c5:d2:ac:01:5a:59:60:e9:98:35:be:2e:a2:70:02:c0:3c:91:
c7:5b:63:21:1d:17:b4:78:fd:0c:ec:2b:c5:8d:fb:91:aa:c5:
23:51:1c:64:23:63:56:8d:fe:eb:3f:6a:7a:de:4c:7d:b9:2b:
16:67:f0:eb:ea:7f:31:59:e7:1f:aa:cc:e7:17:f8:ec:23:93:
33:fa:7f:9d:ef:67:66:c3:79:b7:6d:d0:a1:92:db:82:5e:50:
a2:d0:d6:04:77:bd:9f:d5:ea:9f:64:49:ff:08:ef:4e:1d:a1:
42:9c:b2:ea:68:5a:1d:e1:c7:bb:d5:47:97:0f:92:26:47:9a:
c1:b3:86:71:1d:2b:8d:fc:bb:b5:50:8e:fc:3f:62:d7:d2:cc:
ea:d1:77:91:a9:ee:5e:a7:ec:41:a4:42:fe:2f:f3:49:b7:de:
01:64:b0:2d:11:3b:ce:03:cf:3d:90:8c:11:79:52:80:12:15:
92:d2:6f:6b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZeBVgEA7Lwk4RJQe4aUy5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDIyMTUwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ4YmI2ZDY1OWViYjM4MDk3ZjQyODFjMWExNjEyYjQzN2QyOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT4Bcx9zl6UlQm25AFx4bUHkS4wq
0nylLe9LpjAUuebPsUEgSBHNFpDeI5mj/AM8k4b4fYpLg5HAX1tCCflIWUPVHz1T
s3veEJ0cq6D0VqtJTslsY8efqVuugDXnoNsy09KLynFg5FN33OoFDGY2mgX7jYtz
36uCFV/Z5aefBV1Mcu8YUQ0YD4k/h+7F1XcZrfl2RS3jx51CnvMPrOH1ZWVbojD6
CyhcT6siAKn1XcmZz1HKtZvdp6Qu9mvNN74rNxBVx1v+4EpMo3NK6FMfVokP1exp
lP1kfjD34l0l3qFCZW0XjSJLWfGtcMDaz2vrSfqf87LHgbwl+HOja0fDwwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFObYu21lnrs4CX9CgcGhYStDfSkaMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvNXRpN2JXV2V1emdKZjBLQndhRmhLME45S1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCwu4sAwQC
wu5IAwQEwu5QAwQC1RLAAwQC1RLYAwQC2bNQAwQC2bN8MAwDBATZtVADBALZtVgw
DQYJKoZIhvcNAQELBQADggEBAHrIAwf1B36zrNSVCwe2W8fvkSeAUWMw6DAq4KYW
eFKlS0e1VtZAVkHT9LIB5kKU83J5qTjXxe32x9qDzGKN5dnWLciUQZCANsXSrAFa
WWDpmDW+LqJwAsA8kcdbYyEdF7R4/QzsK8WN+5GqxSNRHGQjY1aN/us/anreTH25
KxZn8OvqfzFZ5x+qzOcX+OwjkzP6f53vZ2bDebdt0KGS24JeUKLQ1gR3vZ/V6p9k
Sf8I704doUKcsupoWh3hx7vVR5cPkiZHmsGzhnEdK438u7VQjvw/YtfSzOrRd5Gp
7l6n7EGkQv4v80m33gFksC0RO84Dzz2QjBF5UoASFZLSb2s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 22:16:45 2025 by rpki-client