Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/j5bcFG5c4KmOceuKLu6HxYbEuMg.roa
File: j5bcFG5c4KmOceuKLu6HxYbEuMg.roa (raw, json)
Hash identifier: Yx/J47Jj1glopIZwoXLtjg3zlOcbgMBjIbp+6AtvIM8=
Subject key identifier: 8F:96:DC:14:6E:5C:E0:A9:8E:71:EB:8A:2E:EE:87:C5:86:C4:B8:C8
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 0196A55E1C4B1E22892AA65E5C6D0FDFBE77
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/j5bcFG5c4KmOceuKLu6HxYbEuMg.roa
Signing time: Tue 06 May 2025 11:32:10 +0000
ROA not before: Tue 06 May 2025 11:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 141.63.0.0/16 maxlen: 16
2a02:11f8:60::/48 maxlen: 48
2a02:11f8:61::/48 maxlen: 48
2a02:11f8:62::/48 maxlen: 48
2a02:11f8:63::/48 maxlen: 48
2a02:11f8:64::/48 maxlen: 48
2a02:11f8:65::/48 maxlen: 48
2a02:11f8:81::/48 maxlen: 48
2a02:11f8:100::/48 maxlen: 48
2a02:11f8:101::/48 maxlen: 48
2a02:11f8:102::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:5e:1c:4b:1e:22:89:2a:a6:5e:5c:6d:0f:df:be:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: May 6 11:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f96dc146e5ce0a98e71eb8a2eee87c586c4b8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:5e:e7:cc:43:dd:03:4e:58:6d:c4:20:cb:
77:2a:a6:e3:9c:3c:e8:89:89:4b:3d:83:3e:61:c4:
3f:36:16:3d:fa:51:68:8f:05:32:60:86:db:2a:10:
5b:a3:24:74:80:70:b3:1f:f9:aa:ca:7d:4c:46:b0:
3b:83:00:af:9e:d9:9a:d4:d3:9c:c5:3a:3a:c2:d8:
8e:bb:09:e4:8a:ac:e6:d5:97:17:ef:a7:ae:1a:95:
2e:10:92:02:f0:1f:3c:4f:59:32:74:24:9f:a4:cc:
c3:5d:7a:22:68:38:55:ee:7e:c7:cd:fb:2e:5f:d6:
5c:f5:ae:9b:a3:d8:7e:09:80:ce:f7:54:d0:c8:81:
a1:cc:09:e9:8f:b8:e9:9e:86:dc:66:3a:aa:b3:c4:
49:9f:f6:02:23:53:62:20:a2:17:9c:72:f2:cf:17:
2f:f7:c0:ad:dc:65:4e:40:b8:2a:b3:82:45:92:8f:
04:78:c2:7d:4d:5a:83:32:8b:0f:19:2c:13:de:a6:
e9:2d:22:d1:b7:71:a0:59:25:4b:63:35:5a:14:33:
d1:58:ba:9a:9c:44:8e:cc:93:a5:90:da:ec:b9:bc:
25:c1:8b:0d:01:d1:a1:d7:f6:3f:6f:3a:ec:55:cc:
03:54:36:34:c6:70:60:45:d7:0f:71:6e:d3:07:06:
0f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:96:DC:14:6E:5C:E0:A9:8E:71:EB:8A:2E:EE:87:C5:86:C4:B8:C8
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/j5bcFG5c4KmOceuKLu6HxYbEuMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.63.0.0/16
IPv6:
2a02:11f8:60::-2a02:11f8:65:ffff:ffff:ffff:ffff:ffff
2a02:11f8:81::/48
2a02:11f8:100::-2a02:11f8:102:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:20:ef:20:20:38:d1:55:e3:bb:c8:2a:2e:65:7a:3e:ae:0d:
c1:cc:96:ed:bb:59:df:30:a0:73:9d:cb:2d:52:da:0d:1f:9c:
e2:23:b8:56:dc:c8:9c:a1:49:9f:66:00:13:f5:fb:0a:46:90:
e3:db:5a:b1:46:f7:59:79:f3:60:d3:62:6c:99:7d:de:04:5b:
06:d8:20:01:ab:10:c9:ae:63:e0:a3:3a:b9:d0:10:5a:62:1f:
41:0f:31:de:47:e6:40:5f:2c:32:a3:0b:d7:af:85:a1:81:3a:
e2:02:48:04:47:88:ae:f0:a8:4f:e9:e7:c4:61:ab:c5:72:d3:
4e:26:c1:19:36:13:44:18:fc:c8:e5:1b:9e:31:8c:b0:72:f0:
a8:c1:88:1b:24:f4:56:ea:f1:a4:5f:3a:8c:82:49:24:c4:79:
fc:7f:f2:b6:c7:6a:8c:0e:3f:d9:a0:7d:ee:2a:3c:8e:c4:7d:
a0:e9:71:06:81:e4:5d:7a:e8:4d:dc:9a:95:c1:4c:6d:3c:f3:
26:26:25:9b:bc:13:3b:77:58:39:1b:13:ef:7b:d5:ac:00:35:
64:2c:68:67:ee:9b:82:5a:29:cd:af:b5:0c:54:fc:73:94:eb:
ba:95:2d:39:ca:34:c3:b5:66:3f:07:a6:0f:c7:7d:89:b7:dc:
a2:1b:b3:b4
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZalXhxLHiKJKqZeXG0P3753MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwNTA2MTEzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk2ZGMxNDZlNWNlMGE5OGU3MWViOGEyZWVlODdjNTg2YzRiOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJZe58xD3QNOWG3EIMt3KqbjnDzo
iYlLPYM+YcQ/NhY9+lFojwUyYIbbKhBboyR0gHCzH/mqyn1MRrA7gwCvntma1NOc
xTo6wtiOuwnkiqzm1ZcX76euGpUuEJIC8B88T1kydCSfpMzDXXoiaDhV7n7Hzfsu
X9Zc9a6bo9h+CYDO91TQyIGhzAnpj7jpnobcZjqqs8RJn/YCI1NiIKIXnHLyzxcv
98Ct3GVOQLgqs4JFko8EeMJ9TVqDMosPGSwT3qbpLSLRt3GgWSVLYzVaFDPRWLqa
nESOzJOlkNrsubwlwYsNAdGh1/Y/bzrsVcwDVDY0xnBgRdcPcW7TBwYPCQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFI+W3BRuXOCpjnHrii7uh8WGxLjIMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvajViY0ZHNWM0S21PY2V1S0x1Nkh4WWJFdU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTALBAIAATAFAwMAjT8wNgQC
AAIwMDASAwcFKgIR+ABgAwcBKgIR+ABkAwcAKgIR+ACBMBEDBgAqAhH4AQMHACoC
EfgBAjANBgkqhkiG9w0BAQsFAAOCAQEAkSDvICA40VXju8gqLmV6Pq4NwcyW7btZ
3zCgc53LLVLaDR+c4iO4VtzInKFJn2YAE/X7CkaQ49tasUb3WXnzYNNibJl93gRb
BtggAasQya5j4KM6udAQWmIfQQ8x3kfmQF8sMqML16+FoYE64gJIBEeIrvCoT+nn
xGGrxXLTTibBGTYTRBj8yOUbnjGMsHLwqMGIGyT0VurxpF86jIJJJMR5/H/ytsdq
jA4/2aB97io8jsR9oOlxBoHkXXroTdyalcFMbTzzJiYlm7wTO3dYORsT73vVrAA1
ZCxoZ+6bglopza+1DFT8c5TrupUtOco0w7VmPwemD8d9ibfcohuztA==
-----END CERTIFICATE-----
Generated at Sun May 11 14:38:53 2025 by rpki-client