Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/afCUdciEL8e1tl5gYWrtb0HNTsk.roa
File: afCUdciEL8e1tl5gYWrtb0HNTsk.roa (raw, json)
Hash identifier: 5NoCDBuBZUGC39cg06n8OGy1uzMRcXZWmjT1H17s8qs=
Subject key identifier: 69:F0:94:75:C8:84:2F:C7:B5:B6:5E:60:61:6A:ED:6F:41:CD:4E:C9
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 019690331B3E09399A463C33A3B117F7E2D5
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/afCUdciEL8e1tl5gYWrtb0HNTsk.roa
Signing time: Fri 02 May 2025 08:53:10 +0000
ROA not before: Fri 02 May 2025 08:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15785
IP address blocks: 5.1.2.0/24 maxlen: 24
5.1.3.0/24 maxlen: 24
31.128.65.0/24 maxlen: 24
88.81.244.0/23 maxlen: 23
88.81.250.0/24 maxlen: 24
188.0.68.0/24 maxlen: 24
188.0.69.0/24 maxlen: 24
188.0.70.0/24 maxlen: 24
188.0.71.0/24 maxlen: 24
188.0.72.0/24 maxlen: 24
188.0.73.0/24 maxlen: 24
188.0.74.0/24 maxlen: 24
188.0.75.0/24 maxlen: 24
188.0.76.0/24 maxlen: 24
194.110.79.0/24 maxlen: 24
194.146.199.0/24 maxlen: 24
2a01:758::/48 maxlen: 48
2a01:758:8300::/48 maxlen: 48
2a01:758:8301::/48 maxlen: 48
2a01:758:8302::/48 maxlen: 48
2a01:758:8303::/48 maxlen: 48
2a01:758:8304::/48 maxlen: 48
2a01:758:8305::/48 maxlen: 48
2a01:758:8306::/48 maxlen: 48
2a01:758:8307::/48 maxlen: 48
2a01:758:8308::/48 maxlen: 48
2a01:758:8309::/48 maxlen: 48
2a01:758:830a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:33:1b:3e:09:39:9a:46:3c:33:a3:b1:17:f7:e2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: May 2 08:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69f09475c8842fc7b5b65e60616aed6f41cd4ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:af:4e:22:a5:b2:f9:47:3e:34:32:0b:43:c1:
e2:cf:42:4c:e7:18:a1:2c:83:21:c9:a0:b5:8b:03:
82:43:21:da:1b:39:98:ef:5a:81:e1:8d:da:12:46:
d6:ad:94:c9:38:e2:ae:86:c0:ee:3f:b8:b6:59:30:
d2:b5:37:55:52:33:76:b6:25:34:cc:b9:8f:f6:86:
0e:f7:43:06:a8:48:d8:7c:27:d6:d0:97:8b:b4:cb:
bd:0f:d6:fb:05:9e:d6:ab:70:94:5e:f5:b7:54:d4:
a3:1a:a4:38:91:f9:d4:cb:a9:98:bc:eb:b2:0f:c1:
a6:48:91:2e:e1:c2:70:4d:12:43:44:fa:41:3b:c5:
35:37:04:f7:69:57:43:ac:91:ec:ee:65:a1:ef:12:
19:27:4f:45:dc:d1:25:1a:cb:50:ee:dd:bf:2f:b0:
4a:eb:e8:e6:4c:3b:53:33:91:51:e3:a0:75:1b:83:
c0:67:8d:5a:69:1d:39:05:d4:b8:a5:24:31:47:33:
ef:c8:f4:9b:99:34:00:fe:8d:96:fa:30:76:f3:d3:
c6:94:a9:3f:ac:b5:ae:6d:0a:96:56:a5:ce:d0:2b:
b3:50:01:2e:da:ff:54:41:80:44:39:1f:2b:17:0a:
fb:3b:c9:f3:ff:c2:5d:cd:0b:c8:b0:b4:c9:c1:b7:
92:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F0:94:75:C8:84:2F:C7:B5:B6:5E:60:61:6A:ED:6F:41:CD:4E:C9
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/afCUdciEL8e1tl5gYWrtb0HNTsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.2.0/23
31.128.65.0/24
88.81.244.0/23
88.81.250.0/24
188.0.68.0-188.0.76.255
194.110.79.0/24
194.146.199.0/24
IPv6:
2a01:758::/48
2a01:758:8300::-2a01:758:830a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:51:43:02:11:5a:36:e2:b9:a5:65:70:a9:7d:86:6b:90:56:
e8:0d:d9:da:28:07:26:8e:ad:72:7b:64:43:5a:8f:b0:67:ef:
81:e5:e2:2b:fd:24:e0:df:5e:61:a0:83:18:83:2d:d6:66:f3:
06:9f:b9:71:95:ec:f8:fa:ca:65:b5:93:5d:03:ed:26:9c:4e:
69:73:bd:7f:1d:ca:a9:ee:22:18:8d:b1:20:3f:2c:06:7b:32:
0d:47:23:a9:26:33:b0:45:8e:03:e1:49:86:b8:eb:ef:d1:fe:
07:8b:bc:37:aa:68:e3:e9:40:49:c9:15:a3:8b:98:e9:9c:da:
f8:a5:e9:d3:52:86:57:ca:95:4d:af:90:fd:4e:50:b7:82:ec:
3d:03:06:fc:cd:fa:72:a7:b7:b7:52:da:8d:e1:b9:8b:49:4f:
58:a4:7c:8f:35:2c:72:2d:d5:ec:09:a0:d9:c3:3e:d5:91:4e:
11:ac:bf:be:6e:e6:db:0f:c7:ef:30:4d:e8:83:32:93:59:39:
92:e2:07:f2:50:e4:1a:16:c8:bc:6a:4b:b6:aa:ce:0d:87:48:
04:f7:d6:57:6d:41:c1:a8:59:e8:63:a5:a9:bb:7d:7e:72:50:
2f:21:e1:b6:c5:18:8b:2b:78:70:7a:c4:1a:30:e3:1d:76:ed:
b7:13:14:51
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZaQMxs+CTmaRjwzo7EX9+LVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjUwNTAyMDg1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYwOTQ3NWM4ODQyZmM3YjViNjVlNjA2MTZhZWQ2ZjQxY2Q0ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa9OIqWy+Uc+NDILQ8Hiz0JM5xih
LIMhyaC1iwOCQyHaGzmY71qB4Y3aEkbWrZTJOOKuhsDuP7i2WTDStTdVUjN2tiU0
zLmP9oYO90MGqEjYfCfW0JeLtMu9D9b7BZ7Wq3CUXvW3VNSjGqQ4kfnUy6mYvOuy
D8GmSJEu4cJwTRJDRPpBO8U1NwT3aVdDrJHs7mWh7xIZJ09F3NElGstQ7t2/L7BK
6+jmTDtTM5FR46B1G4PAZ41aaR05BdS4pSQxRzPvyPSbmTQA/o2W+jB289PGlKk/
rLWubQqWVqXO0CuzUAEu2v9UQYBEOR8rFwr7O8nz/8JdzQvIsLTJwbeS7wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGnwlHXIhC/HtbZeYGFq7W9BzU7JMB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvYWZDVWRjaUVMOGUxdGw1Z1lXcnRiMEhOVHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjA4BAIAATAyAwQBBQECAwQA
H4BBAwQBWFH0AwQAWFH6MAwDBAK8AEQDBAC8AEwDBADCbk8DBADCkscwIgQCAAIw
HAMHACoBB1gAADARAwYAKgEHWIMDBwAqAQdYgwowDQYJKoZIhvcNAQELBQADggEB
AKhRQwIRWjbiuaVlcKl9hmuQVugN2dooByaOrXJ7ZENaj7Bn74Hl4iv9JODfXmGg
gxiDLdZm8wafuXGV7Pj6ymW1k10D7SacTmlzvX8dyqnuIhiNsSA/LAZ7Mg1HI6km
M7BFjgPhSYa46+/R/geLvDeqaOPpQEnJFaOLmOmc2vil6dNShlfKlU2vkP1OULeC
7D0DBvzN+nKnt7dS2o3huYtJT1ikfI81LHIt1ewJoNnDPtWRThGsv75u5tsPx+8w
TeiDMpNZOZLiB/JQ5BoWyLxqS7aqzg2HSAT31ldtQcGoWehjpam7fX5yUC8h4bbF
GIsreHB6xBow4x127bcTFFE=
-----END CERTIFICATE-----
Generated at Tue May 13 00:10:40 2025 by rpki-client