Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/5S2zrcgN0zQdJ3QFaE7FBSw-HeM.roa
File: 5S2zrcgN0zQdJ3QFaE7FBSw-HeM.roa (raw, json)
Hash identifier: 7N2IUSxTtbeaCv9JQjKs/+AdqXjpbHadcRJYtmTUOLU=
Subject key identifier: E5:2D:B3:AD:C8:0D:D3:34:1D:27:74:05:68:4E:C5:05:2C:3E:1D:E3
Certificate issuer: /CN=d681fa66be2cea34b5883c21c6f83f3464e2eee1
Certificate serial: 0196910DEA63083BF26C2896110DF214A062
Authority key identifier: D6:81:FA:66:BE:2C:EA:34:B5:88:3C:21:C6:F8:3F:34:64:E2:EE:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/5S2zrcgN0zQdJ3QFaE7FBSw-HeM.roa
Signing time: Fri 02 May 2025 12:52:10 +0000
ROA not before: Fri 02 May 2025 12:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64442
IP address blocks: 185.161.100.0/22 maxlen: 22
2a07:c180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:0d:ea:63:08:3b:f2:6c:28:96:11:0d:f2:14:a0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d681fa66be2cea34b5883c21c6f83f3464e2eee1
Validity
Not Before: May 2 12:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e52db3adc80dd3341d277405684ec5052c3e1de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a0:7a:eb:d6:37:f6:e5:54:87:b3:2d:72:4f:
d6:b0:91:c9:7c:7f:b6:d6:0b:36:2d:e9:97:41:ea:
48:76:0a:ff:14:bf:09:d4:8a:08:e0:1d:17:bf:4e:
62:ca:f5:39:fd:d0:c1:b0:a6:0f:4a:95:2c:20:15:
6a:82:4d:1c:dc:98:e9:da:47:4b:14:24:3d:25:a8:
d1:82:ee:b4:32:d2:5b:cf:06:85:0c:b7:15:1f:d4:
27:2d:88:10:15:81:a0:f1:3b:7b:b4:fd:b4:8d:eb:
73:f5:99:cf:3d:a0:94:d8:78:2a:88:05:b0:97:1c:
16:0d:50:c1:f6:34:f6:70:60:1e:69:4c:89:98:7a:
ef:88:f5:7b:03:7b:1b:0e:9c:47:64:ae:5b:ba:33:
b2:ed:59:0a:d0:b1:07:57:e5:2a:8d:8e:88:06:fa:
cc:2d:13:63:28:44:23:4b:73:dc:a7:b2:9a:8a:fa:
cb:9f:52:9e:e2:a7:c3:c9:6d:57:4a:7d:9e:6a:12:
5f:7a:be:e2:5d:61:e0:d7:b7:b3:72:9a:b8:d9:cf:
be:59:0f:00:29:f0:b7:0c:d2:b3:ba:80:9f:bd:cc:
01:48:3f:16:8e:7b:01:04:f6:fe:30:a9:88:6d:83:
c9:3a:34:f6:43:47:6b:7d:8d:18:f8:c9:25:40:49:
b3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2D:B3:AD:C8:0D:D3:34:1D:27:74:05:68:4E:C5:05:2C:3E:1D:E3
X509v3 Authority Key Identifier:
keyid:D6:81:FA:66:BE:2C:EA:34:B5:88:3C:21:C6:F8:3F:34:64:E2:EE:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/5S2zrcgN0zQdJ3QFaE7FBSw-HeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/240165-d974-429b-a1c1-a3ef0a4a3119/1/1oH6Zr4s6jS1iDwhxvg_NGTi7uE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.100.0/22
IPv6:
2a07:c180::/29
Signature Algorithm: sha256WithRSAEncryption
8d:e3:34:55:95:ab:32:8d:26:4a:a2:0b:8c:26:3a:8d:fd:aa:
74:02:ca:e7:f4:44:eb:7a:8a:92:14:7f:2b:63:17:bc:5a:44:
65:c5:bb:bf:e4:a2:fd:7f:f8:fe:06:7b:a0:82:29:8f:a1:b0:
77:40:c5:57:20:02:9e:69:05:40:cb:99:f6:ec:b4:74:d0:9e:
cb:2c:15:e5:63:c4:76:44:b8:8d:88:0e:e4:6b:4c:98:21:c4:
8b:db:68:74:42:e1:80:a1:0d:5f:a7:c1:b9:e9:06:ed:49:57:
31:be:58:cd:6b:c5:94:ed:c4:4d:fb:a4:f3:6c:04:b8:6a:e9:
89:c3:5b:98:55:ef:0e:e6:3f:6d:7e:be:42:61:eb:0e:c9:05:
80:38:48:38:8e:d9:28:a0:d9:8e:43:0b:34:9b:b6:bd:64:4e:
60:f1:54:9a:b0:b2:26:fa:1e:b4:85:b9:65:9b:58:45:db:df:
de:c0:76:f1:53:4e:61:36:16:dc:b3:92:61:88:ec:19:4f:03:
9a:87:5c:77:53:ea:e7:d3:75:14:11:6d:59:75:8f:ac:3d:fd:
2b:e5:b4:39:5e:63:71:9f:c1:90:d8:e4:b2:99:5a:f0:3f:65:
a9:0c:8f:86:52:fe:c0:b1:7d:bd:ee:e6:f5:44:61:d7:c7:ce:
62:2b:54:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaRDepjCDvybCiWEQ3yFKBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODFmYTY2YmUyY2VhMzRiNTg4M2MyMWM2ZjgzZjM0NjRl
MmVlZTEwHhcNMjUwNTAyMTI1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTJkYjNhZGM4MGRkMzM0MWQyNzc0MDU2ODRlYzUwNTJjM2UxZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06B669Y39uVUh7Mtck/WsJHJfH+2
1gs2LemXQepIdgr/FL8J1IoI4B0Xv05iyvU5/dDBsKYPSpUsIBVqgk0c3Jjp2kdL
FCQ9JajRgu60MtJbzwaFDLcVH9QnLYgQFYGg8Tt7tP20jetz9ZnPPaCU2HgqiAWw
lxwWDVDB9jT2cGAeaUyJmHrviPV7A3sbDpxHZK5bujOy7VkK0LEHV+UqjY6IBvrM
LRNjKEQjS3Pcp7KaivrLn1Ke4qfDyW1XSn2eahJfer7iXWHg17ezcpq42c++WQ8A
KfC3DNKzuoCfvcwBSD8WjnsBBPb+MKmIbYPJOjT2Q0drfY0Y+MklQEmzkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOUts63IDdM0HSd0BWhOxQUsPh3jMB8GA1UdIwQY
MBaAFNaB+ma+LOo0tYg8Icb4PzRk4u7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9INlpyNHM2alMxaUR3aHh2Z19OR1RpN3VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNDAxNjUtZDk3NC00MjliLWExYzEt
YTNlZjBhNGEzMTE5LzEvNVMyenJjZ04welFkSjNRRmFFN0ZCU3ctSGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNDAxNjUtZDk3NC00MjliLWExYzEtYTNlZjBhNGEzMTE5
LzEvMW9INlpyNHM2alMxaUR3aHh2Z19OR1RpN3VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaFkMA0E
AgACMAcDBQMqB8GAMA0GCSqGSIb3DQEBCwUAA4IBAQCN4zRVlasyjSZKoguMJjqN
/ap0Asrn9ETreoqSFH8rYxe8WkRlxbu/5KL9f/j+BnuggimPobB3QMVXIAKeaQVA
y5n27LR00J7LLBXlY8R2RLiNiA7ka0yYIcSL22h0QuGAoQ1fp8G56QbtSVcxvljN
a8WU7cRN+6TzbAS4aumJw1uYVe8O5j9tfr5CYesOyQWAOEg4jtkooNmOQws0m7a9
ZE5g8VSasLIm+h60hbllm1hF29/ewHbxU05hNhbcs5JhiOwZTwOah1x3U+rn03UU
EW1ZdY+sPf0r5bQ5XmNxn8GQ2OSymVrwP2WpDI+GUv7AsX297ub1RGHXx85iK1SB
-----END CERTIFICATE-----
Generated at Mon May 12 02:15:55 2025 by rpki-client