Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/gH5Nx8BjDuFW9EStmNz8wzpaF0c.roa
File: gH5Nx8BjDuFW9EStmNz8wzpaF0c.roa (raw, json)
Hash identifier: 4+5mIuyJK0b0oNUWLYEpywekd9cxzAgZ3IGvlVb8A04=
Subject key identifier: 80:7E:4D:C7:C0:63:0E:E1:56:F4:44:AD:98:DC:FC:C3:3A:5A:17:47
Certificate issuer: /CN=290818f4df4a6bd125d5f22124145a69f5b6a34c
Certificate serial: 01975DE59A05114992A91837645C98C0355C
Authority key identifier: 29:08:18:F4:DF:4A:6B:D1:25:D5:F2:21:24:14:5A:69:F5:B6:A3:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQgY9N9Ka9El1fIhJBRaafW2o0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/gH5Nx8BjDuFW9EStmNz8wzpaF0c.roa
Signing time: Wed 11 Jun 2025 07:30:17 +0000
ROA not before: Wed 11 Jun 2025 07:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16138
IP address blocks: 185.69.192.0/22 maxlen: 22
217.74.64.0/22 maxlen: 22
217.74.68.0/22 maxlen: 22
217.74.72.0/22 maxlen: 22
217.74.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/KQgY9N9Ka9El1fIhJBRaafW2o0w.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/KQgY9N9Ka9El1fIhJBRaafW2o0w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQgY9N9Ka9El1fIhJBRaafW2o0w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:e5:9a:05:11:49:92:a9:18:37:64:5c:98:c0:35:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290818f4df4a6bd125d5f22124145a69f5b6a34c
Validity
Not Before: Jun 11 07:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=807e4dc7c0630ee156f444ad98dcfcc33a5a1747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:56:ef:6b:6b:b4:ba:c5:cc:2d:25:5d:0a:80:
c7:6b:fd:f7:54:bd:da:23:30:c4:b4:7c:eb:00:5f:
c2:c0:7b:57:b2:6e:8a:29:05:03:db:31:33:a7:53:
e0:c4:51:f0:2f:a2:a1:f0:f2:47:ef:63:26:06:4f:
16:cc:46:f5:75:ac:7a:da:fc:cd:a6:4b:7b:10:b7:
5f:84:4d:9d:5e:cd:84:08:86:83:5f:65:ad:6b:5f:
9a:6c:c0:a2:a9:da:01:7f:eb:54:53:b5:b4:a4:5b:
83:19:af:f9:01:64:f2:24:4a:e6:c5:0d:59:a3:44:
da:72:ad:29:e6:42:f0:b3:81:32:e8:01:b0:42:7a:
4a:bf:60:92:b9:0f:fa:56:47:93:cd:6b:10:e6:ce:
81:32:3a:6d:14:fd:5b:80:19:7b:fd:b8:4d:da:c9:
49:d7:57:bd:2a:46:7f:44:0a:93:d9:27:94:60:bd:
f1:aa:e4:ff:74:d0:b9:4f:e3:6f:dc:70:aa:3c:08:
af:c4:9f:3c:3a:52:12:80:2e:6b:10:40:7a:fc:9e:
31:85:8f:46:60:01:98:80:3f:c9:ce:9e:81:14:5e:
ab:f7:30:73:cb:bb:3c:f8:77:ad:7e:c9:12:41:60:
e1:71:ce:dc:d6:46:82:cb:22:3c:2a:32:db:aa:f4:
eb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7E:4D:C7:C0:63:0E:E1:56:F4:44:AD:98:DC:FC:C3:3A:5A:17:47
X509v3 Authority Key Identifier:
keyid:29:08:18:F4:DF:4A:6B:D1:25:D5:F2:21:24:14:5A:69:F5:B6:A3:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQgY9N9Ka9El1fIhJBRaafW2o0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/gH5Nx8BjDuFW9EStmNz8wzpaF0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e57efb-861b-4931-88d3-dd973da42721/1/KQgY9N9Ka9El1fIhJBRaafW2o0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.192.0/22
217.74.64.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:d5:38:d4:da:e4:d7:17:bd:bf:94:57:79:56:bf:aa:41:25:
09:87:e2:6b:ec:72:32:a8:45:9d:eb:e2:b4:f8:66:69:86:b2:
45:ef:a1:27:d3:af:22:ff:95:61:5d:14:52:b6:11:53:76:4b:
61:85:bc:a4:65:2e:48:fc:3a:18:7f:b0:fb:31:dd:e0:f3:67:
5d:43:7b:2b:56:7e:0f:18:fc:76:f1:a8:48:81:1c:27:1b:64:
a6:d7:14:f8:33:3f:5d:8f:45:92:2e:78:bc:dd:e1:7b:6d:d5:
25:e2:6f:b9:fd:9b:5d:d7:1f:4a:c4:94:95:0f:b6:fa:aa:7a:
cc:a1:24:fc:0e:a6:5b:4a:51:4e:6c:5b:2b:ac:c4:3a:40:1e:
78:22:f0:0b:26:3f:dc:ff:43:52:26:e7:88:7c:74:39:77:5d:
f8:6a:5e:7d:24:b0:57:45:d5:74:e6:71:a5:8f:04:af:30:e3:
5b:10:96:c4:44:5a:21:40:10:06:99:5d:e2:24:b8:ff:a0:8c:
b2:c9:82:23:1c:1e:0e:db:e9:e3:e5:06:c2:cb:ce:dc:3b:94:
99:6e:24:f1:60:df:71:4a:74:40:8f:56:fc:e8:0d:67:8e:05:
36:79:9b:49:e0:4a:d3:6f:1f:fa:13:71:d6:3a:70:21:56:8a:
04:e8:8f:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdd5ZoFEUmSqRg3ZFyYwDVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDgxOGY0ZGY0YTZiZDEyNWQ1ZjIyMTI0MTQ1YTY5ZjVi
NmEzNGMwHhcNMjUwNjExMDczMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdlNGRjN2MwNjMwZWUxNTZmNDQ0YWQ5OGRjZmNjMzNhNWExNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlbva2u0usXMLSVdCoDHa/33VL3a
IzDEtHzrAF/CwHtXsm6KKQUD2zEzp1PgxFHwL6Kh8PJH72MmBk8WzEb1dax62vzN
pkt7ELdfhE2dXs2ECIaDX2Wta1+abMCiqdoBf+tUU7W0pFuDGa/5AWTyJErmxQ1Z
o0Tacq0p5kLws4Ey6AGwQnpKv2CSuQ/6VkeTzWsQ5s6BMjptFP1bgBl7/bhN2slJ
11e9KkZ/RAqT2SeUYL3xquT/dNC5T+Nv3HCqPAivxJ88OlISgC5rEEB6/J4xhY9G
YAGYgD/Jzp6BFF6r9zBzy7s8+HetfskSQWDhcc7c1kaCyyI8KjLbqvTrGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIB+TcfAYw7hVvRErZjc/MM6WhdHMB8GA1UdIwQY
MBaAFCkIGPTfSmvRJdXyISQUWmn1tqNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FnWTlOOUthOUVsMWZJaEpCUmFhZlcybzB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lNTdlZmItODYxYi00OTMxLTg4ZDMt
ZGQ5NzNkYTQyNzIxLzEvZ0g1Tng4QmpEdUZXOUVTdG1Oejh3enBhRjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lNTdlZmItODYxYi00OTMxLTg4ZDMtZGQ5NzNkYTQyNzIx
LzEvS1FnWTlOOUthOUVsMWZJaEpCUmFhZlcybzB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUXAAwQE
2UpAMA0GCSqGSIb3DQEBCwUAA4IBAQCg1TjU2uTXF72/lFd5Vr+qQSUJh+Jr7HIy
qEWd6+K0+GZphrJF76En068i/5VhXRRSthFTdkthhbykZS5I/DoYf7D7Md3g82dd
Q3srVn4PGPx28ahIgRwnG2Sm1xT4Mz9dj0WSLni83eF7bdUl4m+5/Ztd1x9KxJSV
D7b6qnrMoST8DqZbSlFObFsrrMQ6QB54IvALJj/c/0NSJueIfHQ5d134al59JLBX
RdV05nGljwSvMONbEJbERFohQBAGmV3iJLj/oIyyyYIjHB4O2+nj5QbCy87cO5SZ
biTxYN9xSnRAj1b86A1njgU2eZtJ4ErTbx/6E3HWOnAhVooE6I9e
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:06:43 2025 by rpki-client