Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5UmcDjsDwoDcOjKgNNJFcXQ5oi0.roa
File: 5UmcDjsDwoDcOjKgNNJFcXQ5oi0.roa (raw, json)
Hash identifier: 3CJ5eqxEPlPcjsYdOzw5Le9dsJnD/Qz17aF13eyghWA=
Subject key identifier: E5:49:9C:0E:3B:03:C2:80:DC:3A:32:A0:34:D2:45:71:74:39:A2:2D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019716D2FB25BBA04CD98C7B6631B29ACF74
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5UmcDjsDwoDcOjKgNNJFcXQ5oi0.roa
Signing time: Wed 28 May 2025 12:16:55 +0000
ROA not before: Wed 28 May 2025 12:16:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.68.238.0/24 maxlen: 24
194.71.178.0/24 maxlen: 24
194.71.179.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.132.60.0/24 maxlen: 24
2a01:280:310::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:d2:fb:25:bb:a0:4c:d9:8c:7b:66:31:b2:9a:cf:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 28 12:16:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5499c0e3b03c280dc3a32a034d245717439a22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9e:c3:4a:1e:e7:e7:22:74:cb:0a:27:e4:b8:
8c:c0:a4:61:7e:4f:85:ed:3d:30:40:0c:f9:7a:72:
2d:8f:0b:7c:4f:f8:80:42:cf:d8:00:7b:a5:fc:cb:
c6:c5:9f:8a:3f:ea:46:52:cc:ac:d3:7d:5f:c9:80:
9d:d2:8e:56:f9:a6:a2:92:0d:e2:02:77:1e:25:02:
08:92:54:88:13:68:b7:98:89:53:fa:a7:e4:0c:54:
7b:cf:1f:57:2c:10:16:02:12:d0:85:5d:50:70:b1:
00:a6:96:9e:ca:25:dc:74:da:9b:d6:a7:10:90:2c:
b9:02:26:c1:db:ec:d5:af:fe:46:9b:72:1b:e5:c8:
6b:61:9c:23:5b:95:d9:03:71:c5:65:af:e0:d1:b5:
b6:46:5b:90:45:66:2c:fc:7e:20:8e:0e:68:b4:b8:
25:d9:39:d8:64:b0:1d:ba:15:85:b9:93:8a:19:11:
0f:bb:64:76:f8:e9:93:ba:19:ee:33:5f:40:f1:04:
6c:25:70:c9:17:47:de:dc:f0:ff:00:91:fa:ef:92:
61:b7:a5:30:58:cf:5b:69:54:db:d2:f7:4a:4d:14:
04:a6:80:8f:85:a0:33:84:1d:a6:75:b3:a4:97:6b:
9f:90:a5:84:31:3f:c9:4a:9f:4e:f7:db:09:7b:f5:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:49:9C:0E:3B:03:C2:80:DC:3A:32:A0:34:D2:45:71:74:39:A2:2D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5UmcDjsDwoDcOjKgNNJFcXQ5oi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.16.0/24
193.234.87.0/24
193.234.177.0/24
194.68.238.0/24
194.71.178.0/23
194.71.248.0/21
194.103.24.0/22
194.132.60.0/24
IPv6:
2a01:280:310::/48
Signature Algorithm: sha256WithRSAEncryption
54:df:86:e9:93:40:8b:97:f6:f2:ae:26:d2:be:39:3e:d5:c3:
58:c9:77:1e:e6:38:bf:8f:4b:4e:c8:28:2d:4e:ae:52:b0:25:
6b:54:d6:b1:fb:33:0d:c5:d1:c2:43:d5:ab:b9:4c:35:f5:f1:
dc:fa:79:aa:55:b4:6c:df:d9:d7:c4:eb:2f:33:59:c1:63:2f:
36:21:b1:a3:f9:34:b1:fc:ef:b2:a7:9c:9f:0b:b6:9e:b7:f9:
f9:a8:2a:6b:f4:f4:67:a2:6e:5c:77:26:d7:b2:12:63:7e:8c:
48:39:d4:4f:d9:b0:51:bd:a8:a5:61:ef:09:6b:fb:d7:99:6c:
1d:c8:9f:ea:f1:7d:1f:67:8b:e9:9b:1a:2f:82:ac:d5:14:39:
f8:75:af:d0:2d:6c:58:29:a3:5c:7c:c4:fb:0c:cd:fe:b5:32:
ff:4e:a1:77:c4:63:19:0d:f8:85:7e:68:dc:04:e4:3b:d9:2f:
c3:ea:5b:cd:cf:d5:51:38:6d:f7:a0:42:d4:7e:7f:4f:12:b3:
d1:fb:24:14:85:cd:28:07:a5:86:94:56:c9:86:df:d9:49:86:
69:24:97:da:40:27:80:e7:9e:e8:14:e7:51:0c:c6:f8:73:23:
be:b4:ec:e5:c8:4f:d2:8a:0a:d9:15:80:2c:7b:ac:8f:c1:c8:
31:94:ab:99
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZcW0vslu6BM2Yx7ZjGyms90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNTI4MTIxNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ5OWMwZTNiMDNjMjgwZGMzYTMyYTAzNGQyNDU3MTc0MzlhMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ7DSh7n5yJ0ywon5LiMwKRhfk+F
7T0wQAz5enItjwt8T/iAQs/YAHul/MvGxZ+KP+pGUsys031fyYCd0o5W+aaikg3i
AnceJQIIklSIE2i3mIlT+qfkDFR7zx9XLBAWAhLQhV1QcLEAppaeyiXcdNqb1qcQ
kCy5AibB2+zVr/5Gm3Ib5chrYZwjW5XZA3HFZa/g0bW2RluQRWYs/H4gjg5otLgl
2TnYZLAduhWFuZOKGREPu2R2+OmTuhnuM19A8QRsJXDJF0fe3PD/AJH675Jht6Uw
WM9baVTb0vdKTRQEpoCPhaAzhB2mdbOkl2ufkKWEMT/JSp9O99sJe/WFqQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFOVJnA47A8KA3DoyoDTSRXF0OaItMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNVVtY0Rqc0R3b0RjT2pLZ05OSkZjWFE1b2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBaBAIAATBUAwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAweoQAwQAwepXAwQAweqxAwQA
wkTuAwQBwkeyAwQDwkf4AwQCwmcYAwQAwoQ8MA8EAgACMAkDBwAqAQKAAxAwDQYJ
KoZIhvcNAQELBQADggEBAFTfhumTQIuX9vKuJtK+OT7Vw1jJdx7mOL+PS07IKC1O
rlKwJWtU1rH7Mw3F0cJD1au5TDX18dz6eapVtGzf2dfE6y8zWcFjLzYhsaP5NLH8
77KnnJ8Ltp63+fmoKmv09Geiblx3JteyEmN+jEg51E/ZsFG9qKVh7wlr+9eZbB3I
n+rxfR9ni+mbGi+CrNUUOfh1r9AtbFgpo1x8xPsMzf61Mv9OoXfEYxkN+IV+aNwE
5DvZL8PqW83P1VE4bfegQtR+f08Ss9H7JBSFzSgHpYaUVsmG39lJhmkkl9pAJ4Dn
nugU51EMxvhzI7607OXIT9KKCtkVgCx7rI/ByDGUq5k=
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:34:30 2025 by rpki-client