Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/5brKbRBtOvHFjh0oXn8r8X9Yoww.roa
File: 5brKbRBtOvHFjh0oXn8r8X9Yoww.roa (raw, json)
Hash identifier: ACQA/vy+zy4fT5JbE8/TavE1wLY971r5N9JADwPEgrU=
Subject key identifier: E5:BA:CA:6D:10:6D:3A:F1:C5:8E:1D:28:5E:7F:2B:F1:7F:58:A3:0C
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 01966C135D8A3C00B2246D10EB7D20F3689E
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/5brKbRBtOvHFjh0oXn8r8X9Yoww.roa
Signing time: Fri 25 Apr 2025 08:32:10 +0000
ROA not before: Fri 25 Apr 2025 08:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21433
IP address blocks: 2a02:ee80:40d4::/47 maxlen: 47
2a02:ee80:40d4::/48 maxlen: 48
2a02:ee80:40d5::/48 maxlen: 48
2a02:ee80:40d6::/47 maxlen: 47
2a02:ee80:40d6::/48 maxlen: 48
2a02:ee80:40d7::/48 maxlen: 48
2a02:ee80:4248::/47 maxlen: 47
2a02:ee80:4248::/48 maxlen: 48
2a02:ee80:4249::/48 maxlen: 48
2a02:ee80:4250::/47 maxlen: 47
2a02:ee80:4250::/48 maxlen: 48
2a02:ee80:4251::/48 maxlen: 48
2a02:ee80:436e::/47 maxlen: 47
2a02:ee80:436e::/48 maxlen: 48
2a02:ee80:436f::/48 maxlen: 48
2a02:ee80:4398::/47 maxlen: 47
2a02:ee80:4398::/48 maxlen: 48
2a02:ee80:4399::/48 maxlen: 48
2a02:ee80:439a::/47 maxlen: 47
2a02:ee80:439a::/48 maxlen: 48
2a02:ee80:439b::/48 maxlen: 48
2a02:ee80:439c::/47 maxlen: 47
2a02:ee80:439c::/48 maxlen: 48
2a02:ee80:439d::/48 maxlen: 48
2a02:ee80:439e::/47 maxlen: 47
2a02:ee80:439e::/48 maxlen: 48
2a02:ee80:439f::/48 maxlen: 48
2a02:ee80:43a0::/47 maxlen: 47
2a02:ee80:43a0::/48 maxlen: 48
2a02:ee80:43a1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:13:5d:8a:3c:00:b2:24:6d:10:eb:7d:20:f3:68:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Apr 25 08:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5baca6d106d3af1c58e1d285e7f2bf17f58a30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:28:49:4c:37:5f:78:c8:12:e3:76:c9:f9:f1:
cc:e1:e7:be:7b:bf:ab:92:20:08:3b:cb:e9:67:16:
02:c6:fa:cb:df:3f:3c:d9:0f:fa:4b:1e:8d:e4:f2:
0b:08:27:1c:0e:87:d5:64:cd:91:58:c5:41:c9:b2:
0d:33:00:29:0d:9e:de:61:77:fc:e4:b9:8c:18:27:
29:c5:05:07:ee:3b:3e:08:95:19:42:96:88:58:f5:
86:c8:73:d8:77:68:3c:4b:06:2f:55:ed:20:7c:06:
69:22:29:ec:a8:ff:85:92:36:54:81:f8:46:93:70:
20:db:3b:d8:b1:00:9b:2a:1c:ad:49:ef:7d:c7:c9:
76:b1:ab:6b:a0:92:73:d2:4b:1f:03:61:e7:73:b3:
0f:e5:c7:b7:ab:bf:53:e1:32:fa:cf:89:13:f3:93:
c4:5b:fc:06:57:f5:79:12:dd:cf:c9:3c:2b:e4:1d:
4e:f1:30:71:50:c4:fe:b1:67:79:66:79:70:bd:b3:
3b:16:e2:10:ff:38:2d:57:78:73:e4:38:af:08:60:
25:ab:d5:e2:7c:d7:dc:81:8f:ce:bf:80:cc:f3:1e:
48:74:b5:c2:03:aa:43:2e:37:52:78:62:d9:90:c6:
f0:57:83:b2:b8:9a:97:4c:c7:41:03:8f:98:76:ba:
fb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BA:CA:6D:10:6D:3A:F1:C5:8E:1D:28:5E:7F:2B:F1:7F:58:A3:0C
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/5brKbRBtOvHFjh0oXn8r8X9Yoww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ee80:40d4::/46
2a02:ee80:4248::/47
2a02:ee80:4250::/47
2a02:ee80:436e::/47
2a02:ee80:4398::-2a02:ee80:43a1:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:5a:da:f3:a3:1c:36:1e:21:7e:f2:11:29:75:6c:4f:c0:ba:
69:3e:55:e2:67:f8:94:04:25:7a:e8:48:08:2e:ad:66:65:55:
85:67:5d:f7:1e:12:32:02:77:e4:4e:25:22:55:0b:80:93:8f:
a4:90:93:22:bb:ba:e5:3b:28:4e:68:d1:88:54:e7:e4:87:e3:
21:5a:a0:d7:c8:02:9c:63:b0:ce:50:df:51:35:a6:f9:87:0d:
26:db:ef:ff:11:0f:dc:79:89:3b:3e:a1:c8:9d:a5:ef:f9:e7:
29:a5:3c:fc:cc:2f:0f:40:ee:12:b5:82:7b:28:8c:98:ee:b7:
5d:14:87:fd:c5:eb:7a:68:b2:06:28:18:fb:76:b6:40:c0:7f:
f8:cd:0d:6b:6e:e4:9a:bf:96:99:18:e5:12:05:f8:56:94:1e:
49:3a:be:34:f5:50:19:02:27:eb:6e:4d:3d:01:93:24:d6:c4:
9e:b4:4a:c6:7c:77:4e:65:9d:8d:52:17:94:1c:d1:11:b5:69:
0f:29:f1:87:7e:6e:a3:71:bb:09:c8:ba:08:56:8c:09:b8:98:
f2:1d:e9:b4:ae:ea:78:e4:a3:14:2d:10:6c:4a:ba:5e:74:47:
b3:30:c6:68:28:51:c9:80:a8:a7:3f:26:70:2e:03:b9:98:df:
d0:f7:67:a5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZsE12KPACyJG0Q630g82ieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjUwNDI1MDgzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJhY2E2ZDEwNmQzYWYxYzU4ZTFkMjg1ZTdmMmJmMTdmNThhMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnihJTDdfeMgS43bJ+fHM4ee+e7+r
kiAIO8vpZxYCxvrL3z882Q/6Sx6N5PILCCccDofVZM2RWMVBybINMwApDZ7eYXf8
5LmMGCcpxQUH7js+CJUZQpaIWPWGyHPYd2g8SwYvVe0gfAZpIinsqP+FkjZUgfhG
k3Ag2zvYsQCbKhytSe99x8l2satroJJz0ksfA2Hnc7MP5ce3q79T4TL6z4kT85PE
W/wGV/V5Et3PyTwr5B1O8TBxUMT+sWd5ZnlwvbM7FuIQ/zgtV3hz5DivCGAlq9Xi
fNfcgY/Ov4DM8x5IdLXCA6pDLjdSeGLZkMbwV4OyuJqXTMdBA4+Ydrr7xQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOW6ym0QbTrxxY4dKF5/K/F/WKMMMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvNWJyS2JSQnRPdkhGamgwb1huOHI4WDlZb3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcCKgLugEDU
AwcBKgLugEJIAwcBKgLugEJQAwcBKgLugENuMBIDBwMqAu6AQ5gDBwEqAu6AQ6Aw
DQYJKoZIhvcNAQELBQADggEBAIha2vOjHDYeIX7yESl1bE/Aumk+VeJn+JQEJXro
SAgurWZlVYVnXfceEjICd+ROJSJVC4CTj6SQkyK7uuU7KE5o0YhU5+SH4yFaoNfI
ApxjsM5Q31E1pvmHDSbb7/8RD9x5iTs+ocidpe/55ymlPPzMLw9A7hK1gnsojJju
t10Uh/3F63posgYoGPt2tkDAf/jNDWtu5Jq/lpkY5RIF+FaUHkk6vjT1UBkCJ+tu
TT0BkyTWxJ60SsZ8d05lnY1SF5Qc0RG1aQ8p8Yd+bqNxuwnIughWjAm4mPId6bSu
6njkoxQtEGxKul50R7MwxmgoUcmAqKc/JnAuA7mY39D3Z6U=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:06:43 2025 by rpki-client