Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5u8coXS2L7jFRThHfB77uIc4NNI.roa
File: 5u8coXS2L7jFRThHfB77uIc4NNI.roa (raw, json)
Hash identifier: 7eehYagAlN3yFJLLgyiJoH0sdJb5Ul8pcLa6KTeR8yo=
Subject key identifier: E6:EF:1C:A1:74:B6:2F:B8:C5:45:38:47:7C:1E:FB:B8:87:38:34:D2
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 0196887B67002DEAE7C4F5B3C5FF4D1D2EDD
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5u8coXS2L7jFRThHfB77uIc4NNI.roa
Signing time: Wed 30 Apr 2025 20:55:10 +0000
ROA not before: Wed 30 Apr 2025 20:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.48.0/24 maxlen: 32
91.241.49.0/24 maxlen: 32
91.241.50.0/24 maxlen: 32
91.241.51.0/24 maxlen: 32
194.5.236.0/24 maxlen: 32
194.5.237.0/24 maxlen: 32
2a00:7544::/32 maxlen: 32
2a00:7545::/32 maxlen: 32
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
2a0c:8dc0::/32 maxlen: 32
2a0c:8dc1::/32 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 17 May 2025 18:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:7b:67:00:2d:ea:e7:c4:f5:b3:c5:ff:4d:1d:2e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Apr 30 20:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6ef1ca174b62fb8c54538477c1efbb8873834d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:26:99:fa:8a:47:32:8d:a3:6c:f9:08:d8:54:
7a:7d:b0:05:4a:16:4f:fb:56:a5:29:56:58:79:9d:
da:a3:84:42:ee:ea:f2:57:4c:ee:b1:63:df:5a:e7:
34:2a:47:16:ac:4a:73:28:63:d4:db:11:52:f4:7c:
7c:4a:f7:0f:72:d7:51:b4:af:86:c6:e3:b3:cf:a4:
33:3a:6b:d2:4f:5a:7f:59:80:d2:5f:72:34:ee:53:
63:ce:81:8b:6c:21:63:88:b4:1d:3c:ee:5e:9f:26:
ab:85:a0:0d:dc:bc:6b:9d:a0:7c:b9:54:5b:20:b4:
29:8e:be:08:34:d8:68:b6:19:86:56:14:22:2a:4c:
84:82:d7:9e:ec:ba:f4:f4:2b:ae:5f:93:f2:21:c2:
3f:a0:7f:e0:5c:6e:0c:37:41:00:2e:eb:1f:46:4e:
d7:04:41:2d:d5:5e:51:ab:62:92:f4:80:77:bd:03:
e2:b2:f2:ac:58:42:a7:e9:4a:08:23:ad:55:26:25:
79:5b:a8:e4:0d:fc:ab:b3:56:a8:9a:d8:dc:1f:43:
c6:cb:09:55:8b:9c:f9:bf:88:30:7b:ca:8e:51:19:
a8:80:e5:76:14:84:88:ef:24:61:2f:ba:27:3e:e0:
55:89:1a:b6:24:a8:fb:67:9b:0a:3c:f3:fc:3b:8c:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EF:1C:A1:74:B6:2F:B8:C5:45:38:47:7C:1E:FB:B8:87:38:34:D2
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/5u8coXS2L7jFRThHfB77uIc4NNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/22
194.5.236.0/23
IPv6:
2a00:7544::/31
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:d6:99:6e:c5:1a:00:29:32:0d:8a:0b:f8:20:0a:fb:d2:e0:
19:c1:6f:c1:f4:3e:e3:3e:43:ec:48:76:98:0e:ea:6d:13:47:
28:d5:78:8d:11:98:92:a8:82:91:c9:43:2a:7d:46:ca:f3:82:
e5:3e:9c:58:90:cd:56:53:f6:0e:4f:5c:eb:6a:60:34:88:35:
bb:ce:ae:12:18:ef:6a:6c:e9:17:20:8e:61:3e:e8:7b:0b:33:
5a:eb:cb:4b:5c:52:7c:d8:b2:09:ab:c1:12:45:d5:20:fd:4c:
dc:fe:f8:fb:54:64:b5:c6:04:fd:98:99:7e:48:63:4e:bc:c5:
e6:57:70:38:68:c9:42:b2:db:dd:32:0b:0f:9d:87:66:8e:f0:
4c:fd:16:ca:24:64:cf:24:f0:b7:02:11:d0:4e:08:ee:26:64:
91:72:47:10:74:47:f1:64:ed:f0:ea:68:8a:ce:2c:ed:52:59:
01:83:97:51:9d:6c:96:e3:66:7c:1f:4a:ae:61:95:a8:f3:fc:
05:45:21:28:7c:a9:c0:02:48:e6:d3:4f:25:5e:cb:79:d7:44:
bb:93:bd:70:cf:a4:81:f5:1e:5e:b9:3c:ff:71:17:b9:1a:6b:
c9:40:c8:b5:7a:f3:bf:a7:0d:3d:bb:47:97:0f:e7:1f:d7:17:
c1:d1:2c:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZaIe2cALernxPWzxf9NHS7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjUwNDMwMjA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmVmMWNhMTc0YjYyZmI4YzU0NTM4NDc3YzFlZmJiODg3MzgzNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SaZ+opHMo2jbPkI2FR6fbAFShZP
+1alKVZYeZ3ao4RC7uryV0zusWPfWuc0KkcWrEpzKGPU2xFS9Hx8SvcPctdRtK+G
xuOzz6QzOmvST1p/WYDSX3I07lNjzoGLbCFjiLQdPO5enyarhaAN3LxrnaB8uVRb
ILQpjr4INNhothmGVhQiKkyEgtee7Lr09CuuX5PyIcI/oH/gXG4MN0EALusfRk7X
BEEt1V5Rq2KS9IB3vQPisvKsWEKn6UoII61VJiV5W6jkDfyrs1aomtjcH0PGywlV
i5z5v4gwe8qOURmogOV2FISI7yRhL7onPuBViRq2JKj7Z5sKPPP8O4yBBwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFObvHKF0ti+4xUU4R3we+7iHODTSMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvNXU4Y29YUzJMN2pGUlRoSGZCNzd1SWM0Tk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW/EwAwQB
wgXsMBQEAgACMA4DBQEqAHVEAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAYNaZ
bsUaACkyDYoL+CAK+9LgGcFvwfQ+4z5D7Eh2mA7qbRNHKNV4jRGYkqiCkclDKn1G
yvOC5T6cWJDNVlP2Dk9c62pgNIg1u86uEhjvamzpFyCOYT7oewszWuvLS1xSfNiy
CavBEkXVIP1M3P74+1RktcYE/ZiZfkhjTrzF5ldwOGjJQrLb3TILD52HZo7wTP0W
yiRkzyTwtwIR0E4I7iZkkXJHEHRH8WTt8Opois4s7VJZAYOXUZ1sluNmfB9KrmGV
qPP8BUUhKHypwAJI5tNPJV7LeddEu5O9cM+kgfUeXrk8/3EXuRpryUDItXrzv6cN
PbtHlw/nH9cXwdEsog==
-----END CERTIFICATE-----
Generated at Sat May 17 04:00:45 2025 by rpki-client