Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5nt62Ml_BfD3sCqENG25aFRULUA.roa
File: 5nt62Ml_BfD3sCqENG25aFRULUA.roa (raw, json)
Hash identifier: shO7ZD3fWyMom1aU5Agkl1IXTdztc6qi1+eKd9LVp3s=
Subject key identifier: E6:7B:7A:D8:C9:7F:05:F0:F7:B0:2A:84:34:6D:B9:68:54:54:2D:40
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0196AA33E89FFFAEB138B676363DE3E0C452
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5nt62Ml_BfD3sCqENG25aFRULUA.roa
Signing time: Wed 07 May 2025 10:04:10 +0000
ROA not before: Wed 07 May 2025 10:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214143
IP address blocks: 5.144.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:33:e8:9f:ff:ae:b1:38:b6:76:36:3d:e3:e0:c4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: May 7 10:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e67b7ad8c97f05f0f7b02a84346db96854542d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d2:8a:45:8c:88:ff:d9:41:dd:da:28:0a:14:
58:b2:76:96:25:b0:ea:e6:a2:b1:fc:b4:50:b4:f3:
19:d5:71:ab:54:6d:3f:34:5b:07:bc:12:5a:9c:51:
e9:1c:b4:11:6d:af:8e:e3:03:6d:f2:cd:7f:fd:f8:
3d:51:42:82:dc:a3:9d:45:9a:ed:94:a9:21:23:f3:
a2:31:8e:c8:17:28:94:60:79:1b:35:eb:28:bb:38:
b2:51:09:28:01:b2:eb:a9:90:85:45:4c:33:a7:80:
56:d5:ae:d1:22:cc:19:f8:2a:97:f6:2c:97:7a:6b:
90:ac:db:74:b1:81:33:9a:2e:06:7d:d0:da:b2:b8:
8c:7c:ba:ca:69:d0:64:bd:4d:6b:8e:d3:17:8c:10:
d2:02:7e:aa:50:25:a0:4d:d1:c1:94:07:7d:1f:7f:
c1:14:01:60:9c:c3:e8:26:d5:3a:41:9d:ed:25:f7:
c9:eb:2c:bd:df:be:2a:88:4a:b5:64:5e:53:10:7e:
e8:fd:79:6f:d2:88:6a:90:28:0c:db:dd:72:02:a8:
46:6c:c1:2d:76:b6:a3:2c:bd:10:f1:b9:8d:2a:53:
46:f2:fe:0a:28:6c:f6:0a:2e:b2:43:db:23:bd:07:
fc:63:8e:ab:d9:0a:90:e0:ad:c9:24:2e:9c:53:0f:
49:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7B:7A:D8:C9:7F:05:F0:F7:B0:2A:84:34:6D:B9:68:54:54:2D:40
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/5nt62Ml_BfD3sCqENG25aFRULUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/24
Signature Algorithm: sha256WithRSAEncryption
79:e7:ab:4f:13:cb:f3:5c:cc:18:c0:43:6a:e0:47:5f:71:74:
bf:b8:85:5f:33:49:da:4b:2b:88:78:4c:a2:e1:a2:4b:a7:41:
0c:b6:d9:62:c4:7b:6a:ff:62:68:b9:f1:5f:f9:bc:ed:50:c9:
a7:98:3c:18:a3:de:f4:07:f6:85:03:55:49:08:46:1d:45:79:
17:0a:e8:f7:e0:5a:dc:40:2c:62:62:5d:37:e4:02:b2:bf:f4:
a2:8f:08:dd:4b:fc:c6:17:51:89:e3:63:26:51:b8:03:8d:51:
af:f5:d7:2f:b8:26:4e:16:cf:4d:b5:6a:ae:39:2d:72:5d:5d:
ba:6e:b6:ef:01:be:e7:70:8e:eb:b9:fa:e3:83:43:d3:bc:e4:
df:be:13:b7:4c:ff:51:43:c2:07:64:af:0b:5c:a2:ef:b4:a2:
b9:7d:ce:57:95:a5:e5:0d:79:70:f5:c8:87:66:f6:22:04:a4:
65:2d:dc:5f:a7:95:4c:99:76:fe:45:3e:17:df:c4:aa:a9:e0:
02:9e:e8:8e:2d:bd:af:2a:ac:aa:30:22:4f:1b:d7:8e:a7:31:
1f:a4:57:b3:50:2d:fe:55:0c:f2:2b:9f:ad:a2:e3:3f:c0:65:
6d:92:dd:9c:6f:b1:c4:53:41:fe:28:2c:85:1f:8e:4c:62:a6:
b9:b3:b1:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaqM+if/66xOLZ2Nj3j4MRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwNTA3MTAwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdiN2FkOGM5N2YwNWYwZjdiMDJhODQzNDZkYjk2ODU0NTQyZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNKKRYyI/9lB3dooChRYsnaWJbDq
5qKx/LRQtPMZ1XGrVG0/NFsHvBJanFHpHLQRba+O4wNt8s1//fg9UUKC3KOdRZrt
lKkhI/OiMY7IFyiUYHkbNesouziyUQkoAbLrqZCFRUwzp4BW1a7RIswZ+CqX9iyX
emuQrNt0sYEzmi4GfdDasriMfLrKadBkvU1rjtMXjBDSAn6qUCWgTdHBlAd9H3/B
FAFgnMPoJtU6QZ3tJffJ6yy9374qiEq1ZF5TEH7o/Xlv0ohqkCgM291yAqhGbMEt
drajLL0Q8bmNKlNG8v4KKGz2Ci6yQ9sjvQf8Y46r2QqQ4K3JJC6cUw9JqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ7etjJfwXw97AqhDRtuWhUVC1AMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvNW50NjJNbF9CZkQzc0NxRU5HMjVhRlJVTFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCaMA0G
CSqGSIb3DQEBCwUAA4IBAQB556tPE8vzXMwYwENq4EdfcXS/uIVfM0naSyuIeEyi
4aJLp0EMttlixHtq/2JoufFf+bztUMmnmDwYo970B/aFA1VJCEYdRXkXCuj34Frc
QCxiYl035AKyv/SijwjdS/zGF1GJ42MmUbgDjVGv9dcvuCZOFs9NtWquOS1yXV26
brbvAb7ncI7rufrjg0PTvOTfvhO3TP9RQ8IHZK8LXKLvtKK5fc5XlaXlDXlw9ciH
ZvYiBKRlLdxfp5VMmXb+RT4X38SqqeACnuiOLb2vKqyqMCJPG9eOpzEfpFezUC3+
VQzyK5+touM/wGVtkt2cb7HEU0H+KCyFH45MYqa5s7Es
-----END CERTIFICATE-----
Generated at Sun May 11 23:22:06 2025 by rpki-client