Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/505QcayJo-pBwK1VqJNaBX1Q-5M.roa
File: 505QcayJo-pBwK1VqJNaBX1Q-5M.roa (raw, json)
Hash identifier: fIMbj/fl7aaDNKfopMcxB8cXpCnGq59ztvvwuTU/2xA=
Subject key identifier: E7:4E:50:71:AC:89:A3:EA:41:C0:AD:55:A8:93:5A:05:7D:50:FB:93
Certificate issuer: /CN=e4202a3fc1a8e85c9dfd2d65d319a80dd1fb917d
Certificate serial: 01966275826754789D22E00CC74BFBABD27B
Authority key identifier: E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/505QcayJo-pBwK1VqJNaBX1Q-5M.roa
Signing time: Wed 23 Apr 2025 11:43:10 +0000
ROA not before: Wed 23 Apr 2025 11:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208348
IP address blocks: 36.255.240.0/23 maxlen: 23
45.142.160.0/22 maxlen: 22
103.30.226.0/23 maxlen: 23
170.117.202.0/23 maxlen: 23
193.3.241.0/24 maxlen: 24
2a0e:f240::/29 maxlen: 29
2a0e:f240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:75:82:67:54:78:9d:22:e0:0c:c7:4b:fb:ab:d2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4202a3fc1a8e85c9dfd2d65d319a80dd1fb917d
Validity
Not Before: Apr 23 11:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e74e5071ac89a3ea41c0ad55a8935a057d50fb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:17:e5:9a:e5:54:8f:6c:8d:39:8a:56:8c:
03:e2:71:29:e0:c6:68:bc:bd:56:6f:da:4b:6a:b0:
86:43:67:f2:74:72:31:d6:37:27:cb:78:c0:e6:cb:
0d:8d:49:a9:f3:6f:55:41:6c:b7:3c:5d:cf:d3:60:
0b:b3:bf:1a:4d:d5:5d:2f:ed:83:e3:f4:b4:13:5f:
fb:f1:e4:aa:36:85:b2:3f:f9:35:ca:5d:9f:a0:4c:
b6:f8:04:6e:42:0a:82:b2:6a:b7:67:11:c2:bc:cb:
38:56:42:49:ec:f7:2b:12:b1:59:16:7d:da:db:63:
c1:ed:a0:25:4a:37:1d:b6:09:fa:d4:41:8e:b5:3b:
40:a6:be:8f:27:61:fc:02:19:10:83:1a:99:9d:ce:
b3:c2:12:19:42:a4:d9:83:e4:8c:79:1a:8c:f1:a3:
f2:6c:ec:07:b7:59:1d:49:72:bd:70:bb:b5:35:f8:
da:bf:52:87:6c:91:a1:31:c7:46:35:7d:ae:51:14:
a5:2d:0a:1e:e5:d2:eb:dd:ca:45:87:7d:16:7e:cc:
2c:1c:ed:5d:86:11:22:92:ad:38:e5:c1:a5:e8:5f:
96:70:2a:ce:1b:74:c3:d3:12:61:36:30:af:f1:83:
b0:21:59:d3:4e:17:c4:7d:53:54:41:c4:65:28:0b:
f8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4E:50:71:AC:89:A3:EA:41:C0:AD:55:A8:93:5A:05:7D:50:FB:93
X509v3 Authority Key Identifier:
keyid:E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/505QcayJo-pBwK1VqJNaBX1Q-5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.240.0/23
45.142.160.0/22
103.30.226.0/23
170.117.202.0/23
193.3.241.0/24
IPv6:
2a0e:f240::/29
Signature Algorithm: sha256WithRSAEncryption
54:13:2a:ce:d2:cc:2f:69:d7:e2:f7:de:24:dd:c6:6b:99:7c:
89:9e:8b:41:3c:84:a6:ba:54:28:05:74:d4:85:dc:06:96:85:
c8:05:eb:c5:d0:28:8c:94:3b:dc:d8:1d:ca:63:c1:ad:e6:c3:
c1:4b:9c:98:19:7b:43:60:cf:26:01:bb:ea:5f:de:8f:c9:dc:
b3:16:de:ca:21:76:e0:61:40:1e:75:5a:36:8a:4c:42:5f:aa:
52:e4:b5:73:79:f3:45:6f:02:68:c8:f1:56:2e:57:4b:79:93:
0a:a2:aa:6f:01:b3:81:40:28:57:d2:9c:23:3b:77:62:52:64:
dc:d0:ac:ee:c5:7f:be:6d:d3:fc:d6:c1:3b:03:f6:be:c4:08:
f2:75:9b:34:a5:e6:12:f4:19:e3:8c:61:bb:ae:69:68:ec:8d:
dd:dc:3e:66:06:fa:ab:2d:bc:b9:c1:9b:e8:a9:33:61:25:94:
58:82:2a:8a:9e:cc:fc:c4:6e:e4:4d:1d:e5:cc:d6:77:92:a4:
2b:9d:79:5a:aa:e5:de:66:5d:66:e7:c4:e3:ab:77:30:bf:de:
6e:a2:5b:1e:72:56:97:e1:32:86:e3:04:61:ce:9e:59:6f:d9:
58:48:5d:10:60:6d:0f:89:ff:54:46:80:07:c1:f4:a1:51:5a:
77:f3:dd:69
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZZidYJnVHidIuAMx0v7q9J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MjAyYTNmYzFhOGU4NWM5ZGZkMmQ2NWQzMTlhODBkZDFm
YjkxN2QwHhcNMjUwNDIzMTE0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRlNTA3MWFjODlhM2VhNDFjMGFkNTVhODkzNWEwNTdkNTBmYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA8X5ZrlVI9sjTmKVowD4nEp4MZo
vL1Wb9pLarCGQ2fydHIx1jcny3jA5ssNjUmp829VQWy3PF3P02ALs78aTdVdL+2D
4/S0E1/78eSqNoWyP/k1yl2foEy2+ARuQgqCsmq3ZxHCvMs4VkJJ7PcrErFZFn3a
22PB7aAlSjcdtgn61EGOtTtApr6PJ2H8AhkQgxqZnc6zwhIZQqTZg+SMeRqM8aPy
bOwHt1kdSXK9cLu1Nfjav1KHbJGhMcdGNX2uURSlLQoe5dLr3cpFh30WfswsHO1d
hhEikq045cGl6F+WcCrOG3TD0xJhNjCv8YOwIVnTThfEfVNUQcRlKAv4ywIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOdOUHGsiaPqQcCtVaiTWgV9UPuTMB8GA1UdIwQY
MBaAFOQgKj/BqOhcnf0tZdMZqA3R+5F9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUNBcVA4R282RnlkX1MxbDB4bW9EZEg3a1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8wY2Y3YjktOTM4Zi00YzE3LThlYzct
ZDE4ZDFlYTU2OGY1LzEvNTA1UWNheUpvLXBCd0sxVnFKTmFCWDFRLTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8wY2Y3YjktOTM4Zi00YzE3LThlYzctZDE4ZDFlYTU2OGY1
LzEvNUNBcVA4R282RnlkX1MxbDB4bW9EZEg3a1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBJP/wAwQC
LY6gAwQBZx7iAwQBqnXKAwQAwQPxMA0EAgACMAcDBQMqDvJAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUEyrO0swvadfi994k3cZrmXyJnotBPISmulQoBXTUhdwGloXIBevF
0CiMlDvc2B3KY8Gt5sPBS5yYGXtDYM8mAbvqX96PydyzFt7KIXbgYUAedVo2ikxC
X6pS5LVzefNFbwJoyPFWLldLeZMKoqpvAbOBQChX0pwjO3diUmTc0KzuxX++bdP8
1sE7A/a+xAjydZs0peYS9BnjjGG7rmlo7I3d3D5mBvqrLby5wZvoqTNhJZRYgiqK
nsz8xG7kTR3lzNZ3kqQrnXlaquXeZl1m58Tjq3cwv95uolseclaX4TKG4wRhzp5Z
b9lYSF0QYG0Pif9URoAHwfShUVp3891p
-----END CERTIFICATE-----
Generated at Thu May 1 06:12:23 2025 by rpki-client