Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/5q1q_7I1sJ_7Vs4jC33pCd9fPIM.roa
File: 5q1q_7I1sJ_7Vs4jC33pCd9fPIM.roa (raw, json)
Hash identifier: lVtGayB3fsKRi7Py8r7nobPgDnQD+3/eLgW8yclmCys=
Subject key identifier: E6:AD:6A:FF:B2:35:B0:9F:FB:56:CE:23:0B:7D:E9:09:DF:5F:3C:83
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 01975F4E52068AEC00622B4FC490DF83E44D
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/5q1q_7I1sJ_7Vs4jC33pCd9fPIM.roa
Signing time: Wed 11 Jun 2025 14:04:17 +0000
ROA not before: Wed 11 Jun 2025 14:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207551
IP address blocks: 89.35.53.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
194.54.146.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
203.28.15.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:4e:52:06:8a:ec:00:62:2b:4f:c4:90:df:83:e4:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Jun 11 14:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6ad6affb235b09ffb56ce230b7de909df5f3c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:44:56:86:10:51:c2:44:c4:1a:b9:8b:5c:22:
0f:84:6c:7d:80:43:ef:38:10:96:2a:b9:ed:0b:7e:
a8:6a:f0:3a:b6:03:9e:89:69:9a:a3:e9:66:0f:db:
71:98:19:6a:ed:dc:c2:49:13:28:c6:8a:cf:7d:00:
87:75:23:c2:17:2a:00:57:a6:70:32:be:00:62:d0:
7a:8e:9f:43:fd:cd:15:90:e5:6e:cf:43:38:3c:ad:
ba:25:4e:3b:dd:bd:e0:49:a2:7f:dc:80:74:9e:5e:
cb:e2:a8:b5:f9:ce:36:f3:26:53:bf:01:e2:34:7c:
dd:be:f5:60:ed:0e:58:70:48:f2:9d:19:0c:f0:df:
22:dd:c2:78:ae:e4:9f:4b:1b:f3:f2:32:c0:5b:45:
83:f4:89:e9:0d:39:77:3a:e8:57:a5:3f:12:11:b6:
70:9d:51:af:bb:8b:ad:23:c9:3c:53:d6:3d:77:00:
0e:aa:f5:16:73:64:89:27:0d:7a:72:b4:c8:56:40:
1e:d3:68:73:2c:18:06:37:d1:18:60:da:1b:99:58:
08:96:00:b9:22:3d:60:cc:94:de:90:48:70:ba:de:
44:f2:ad:e6:30:c8:48:86:46:df:0b:d3:7b:02:bf:
c8:d7:f8:a3:eb:3d:c4:99:c2:78:53:f9:7a:7b:40:
23:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AD:6A:FF:B2:35:B0:9F:FB:56:CE:23:0B:7D:E9:09:DF:5F:3C:83
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/5q1q_7I1sJ_7Vs4jC33pCd9fPIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.53.0/24
117.55.199.0/24
194.54.146.0/24
194.164.87.0/24
202.181.153.0/24
203.28.15.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
47:c2:67:f4:78:cd:c8:fc:a5:95:92:55:4f:ee:69:26:ad:03:
d5:36:71:9e:ea:3e:ec:3f:66:8e:32:b5:ba:68:38:b8:f2:d3:
58:7c:b4:48:48:5e:8f:99:d6:53:81:ed:6a:08:04:07:dd:6e:
ca:27:9d:1d:ef:74:a1:f7:25:30:f5:2e:c6:78:12:5f:36:48:
97:a3:ac:4e:c4:76:48:f7:d0:77:90:e2:4e:be:47:18:4e:ae:
4a:ed:07:7b:b3:a2:59:fd:e2:43:43:8f:e3:96:c3:3e:43:48:
5b:af:28:29:f9:ff:5b:ea:3e:81:81:f9:39:08:13:b4:a0:a1:
2a:05:a9:f1:13:a0:08:b2:5d:d3:f8:51:f2:f1:57:87:1b:46:
2f:a0:1e:3a:2b:40:66:d1:a7:d3:5f:78:c7:2d:69:bd:20:8e:
39:51:6d:26:7c:39:bb:c8:5b:13:40:d5:9c:6d:72:28:8b:c6:
82:d5:e4:c1:5c:23:5f:9c:9f:b9:ce:83:0d:b5:81:7d:98:42:
6a:f0:1f:7c:20:e8:e7:81:02:64:54:c0:92:04:d7:95:6a:03:
3b:fc:8a:96:0a:73:89:3b:0b:06:ae:c0:7c:2e:4e:63:6e:e1:
1d:1f:6a:33:01:9a:21:8e:b8:78:ce:a3:ac:1e:75:b9:bb:6c:
ae:c4:90:bb
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZdfTlIGiuwAYitPxJDfg+RNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjUwNjExMTQwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFkNmFmZmIyMzViMDlmZmI1NmNlMjMwYjdkZTkwOWRmNWYzYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0RWhhBRwkTEGrmLXCIPhGx9gEPv
OBCWKrntC36oavA6tgOeiWmao+lmD9txmBlq7dzCSRMoxorPfQCHdSPCFyoAV6Zw
Mr4AYtB6jp9D/c0VkOVuz0M4PK26JU473b3gSaJ/3IB0nl7L4qi1+c428yZTvwHi
NHzdvvVg7Q5YcEjynRkM8N8i3cJ4ruSfSxvz8jLAW0WD9InpDTl3OuhXpT8SEbZw
nVGvu4utI8k8U9Y9dwAOqvUWc2SJJw16crTIVkAe02hzLBgGN9EYYNobmVgIlgC5
Ij1gzJTekEhwut5E8q3mMMhIhkbfC9N7Ar/I1/ij6z3EmcJ4U/l6e0Aj4wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOatav+yNbCf+1bOIwt96QnfXzyDMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvNXExcV83STFzSl83VnM0akMzM3BDZDlmUElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAWSM1AwQA
dTfHAwQAwjaSAwQAwqRXAwQAyrWZAwQAyxwPAwQA1AY1MA0EAgACMAcDBQMqECCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHwmf0eM3I/KWVklVP7mkmrQPVNnGe6j7sP2aO
MrW6aDi48tNYfLRISF6PmdZTge1qCAQH3W7KJ50d73Sh9yUw9S7GeBJfNkiXo6xO
xHZI99B3kOJOvkcYTq5K7Qd7s6JZ/eJDQ4/jlsM+Q0hbrygp+f9b6j6Bgfk5CBO0
oKEqBanxE6AIsl3T+FHy8VeHG0YvoB46K0Bm0afTX3jHLWm9II45UW0mfDm7yFsT
QNWcbXIoi8aC1eTBXCNfnJ+5zoMNtYF9mEJq8B98IOjngQJkVMCSBNeVagM7/IqW
CnOJOwsGrsB8Lk5jbuEdH2ozAZohjrh4zqOsHnW5u2yuxJC7
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:16:43 2025 by rpki-client