Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5yf7kmOkJIf47QytclAVGnDQkG0.roa
File: 5yf7kmOkJIf47QytclAVGnDQkG0.roa (raw, json)
Hash identifier: jkRS+kneeyL0eT4kf9kZTFCrEEfsEGOnxXwzCopHh4E=
Subject key identifier: E7:27:FB:92:63:A4:24:87:F8:ED:0C:AD:72:50:15:1A:70:D0:90:6D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01976576DBBE3A918F22C76EC05311778978
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5yf7kmOkJIf47QytclAVGnDQkG0.roa
Signing time: Thu 12 Jun 2025 18:46:17 +0000
ROA not before: Thu 12 Jun 2025 18:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a0e:4bc0::/32 maxlen: 32
2a0e:5640::/32 maxlen: 32
2a0e:5641::/32 maxlen: 32
2a0e:5900::/32 maxlen: 32
2a0f:6fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:76:db:be:3a:91:8f:22:c7:6e:c0:53:11:77:89:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jun 12 18:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e727fb9263a42487f8ed0cad7250151a70d0906d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4a:cb:e8:40:1e:c6:38:54:10:6f:35:a7:b8:
3d:c7:f5:f3:31:2b:f1:a6:9c:c8:f5:55:c2:10:90:
61:d6:da:33:5e:5c:77:00:6e:05:73:c4:7c:a8:39:
5e:be:b3:90:6c:12:ca:eb:3d:7b:e0:e2:1b:4c:40:
0e:f0:eb:8f:1b:2d:8c:07:d2:88:6e:78:e4:59:f8:
d1:30:78:7a:e9:59:bc:26:48:88:80:9c:7f:bd:a6:
25:55:5f:fb:7e:fe:24:ab:2a:39:3f:e9:b9:bd:82:
c0:e7:29:2a:77:5d:af:3c:47:fc:51:aa:e4:af:43:
30:b3:dc:a1:d9:8c:e6:31:a1:3d:22:fc:56:36:39:
42:9c:22:51:45:04:8b:4b:af:70:a7:ea:6a:60:5f:
c3:70:fa:45:c0:42:c4:81:51:51:40:49:7c:9d:1d:
39:73:12:88:24:9d:d6:cc:02:46:16:93:dc:da:ad:
f2:5f:60:43:16:5f:4b:11:b4:1d:7d:ad:79:01:fd:
c4:52:de:a9:c5:31:74:f3:d8:4b:0f:ee:47:10:94:
f3:d8:bf:88:51:f5:ca:90:4d:15:89:cd:c5:34:ff:
be:4e:05:17:60:d9:84:a3:9c:8d:ab:51:84:03:b1:
17:b3:6e:7e:cf:41:0e:44:21:6e:3c:26:1d:91:1f:
58:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:27:FB:92:63:A4:24:87:F8:ED:0C:AD:72:50:15:1A:70:D0:90:6D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5yf7kmOkJIf47QytclAVGnDQkG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc0::/32
2a0e:5640::/31
2a0e:5900::/32
2a0f:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
56:f7:66:55:72:21:dc:ea:7f:07:d1:7a:30:e1:dc:7e:88:b2:
07:51:a1:ed:0c:82:5b:3b:4a:ee:2e:f4:29:77:ef:89:b3:04:
f4:2f:bc:d6:f2:76:5d:0f:d5:d4:24:d0:9e:1e:de:f1:85:44:
13:86:43:bf:56:aa:4a:b2:82:cd:2b:28:a3:9a:a7:99:8e:52:
2d:82:77:e9:14:94:30:24:e1:ac:32:be:6f:bb:e3:e5:bf:3d:
d7:a7:c8:23:be:f5:66:a6:44:4a:38:6f:90:0a:e3:ef:55:83:
fc:cd:1c:4e:7a:82:5a:53:ae:df:6e:5c:ce:9a:11:12:1d:5f:
77:be:e1:5b:0b:46:05:5a:47:a2:ea:d1:9f:38:57:11:3f:3a:
9c:46:fc:e4:9d:e8:80:20:c2:7d:aa:84:81:07:14:84:e3:c2:
21:1e:e2:83:5d:41:04:94:4f:7e:b1:bb:8c:30:1d:d0:00:82:
5c:43:b6:ff:ac:f8:c4:7f:6c:29:cd:98:74:ef:f0:89:16:71:
df:f3:d0:30:df:7c:91:36:20:d3:9e:df:0f:e9:16:f1:59:34:
1b:84:68:09:f9:d4:c0:5b:66:c3:84:33:47:29:34:c5:5b:20:
e7:25:43:70:af:3a:05:60:0a:32:0b:bb:36:5a:09:dd:ca:d4:
90:91:97:cc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZdldtu+OpGPIsduwFMRd4l4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwNjEyMTg0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI3ZmI5MjYzYTQyNDg3ZjhlZDBjYWQ3MjUwMTUxYTcwZDA5MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UrL6EAexjhUEG81p7g9x/XzMSvx
ppzI9VXCEJBh1tozXlx3AG4Fc8R8qDlevrOQbBLK6z174OIbTEAO8OuPGy2MB9KI
bnjkWfjRMHh66Vm8JkiIgJx/vaYlVV/7fv4kqyo5P+m5vYLA5ykqd12vPEf8Uark
r0Mws9yh2YzmMaE9IvxWNjlCnCJRRQSLS69wp+pqYF/DcPpFwELEgVFRQEl8nR05
cxKIJJ3WzAJGFpPc2q3yX2BDFl9LEbQdfa15Af3EUt6pxTF089hLD+5HEJTz2L+I
UfXKkE0Vic3FNP++TgUXYNmEo5yNq1GEA7EXs25+z0EORCFuPCYdkR9YnQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOcn+5JjpCSH+O0MrXJQFRpw0JBtMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvNXlmN2ttT2tKSWY0N1F5dGNsQVZHbkRRa0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg5LwAMF
ASoOVkADBQAqDlkAAwUAKg9vwDANBgkqhkiG9w0BAQsFAAOCAQEAVvdmVXIh3Op/
B9F6MOHcfoiyB1Gh7QyCWztK7i70KXfvibME9C+81vJ2XQ/V1CTQnh7e8YVEE4ZD
v1aqSrKCzSsoo5qnmY5SLYJ36RSUMCThrDK+b7vj5b8916fII771ZqZESjhvkArj
71WD/M0cTnqCWlOu325czpoREh1fd77hWwtGBVpHourRnzhXET86nEb85J3ogCDC
faqEgQcUhOPCIR7ig11BBJRPfrG7jDAd0ACCXEO2/6z4xH9sKc2YdO/wiRZx3/PQ
MN98kTYg057fD+kW8Vk0G4RoCfnUwFtmw4QzRyk0xVsg5yVDcK86BWAKMgu7NloJ
3crUkJGXzA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:56:21 2025 by rpki-client