Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/5RbGQ0BCfW_3OFRyzlMT484pj6g.roa
File: 5RbGQ0BCfW_3OFRyzlMT484pj6g.roa (raw, json)
Hash identifier: E3IdLXFl+5U0rHhrvj2vrlOrBKc1aKve+L5tQDS6rZ4=
Subject key identifier: E5:16:C6:43:40:42:7D:6F:F7:38:54:72:CE:53:13:E3:CE:29:8F:A8
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 01969082C18B07B52E571D2547D6268B8706
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/5RbGQ0BCfW_3OFRyzlMT484pj6g.roa
Signing time: Fri 02 May 2025 10:20:10 +0000
ROA not before: Fri 02 May 2025 10:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211507
IP address blocks: 2a14:c380::/29 maxlen: 29
2a14:c380::/44 maxlen: 44
2a14:c380:10::/44 maxlen: 44
2a14:c380:20::/44 maxlen: 44
2a14:c380:30::/44 maxlen: 44
2a14:c380:40::/44 maxlen: 44
2a14:c380:50::/44 maxlen: 44
2a14:c380:60::/44 maxlen: 44
2a14:c380:70::/44 maxlen: 44
2a14:c380:80::/44 maxlen: 44
2a14:c380:90::/44 maxlen: 44
2a14:c380:100::/44 maxlen: 44
2a14:c380:110::/44 maxlen: 44
2a14:c380:120::/44 maxlen: 44
2a14:c380:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:82:c1:8b:07:b5:2e:57:1d:25:47:d6:26:8b:87:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: May 2 10:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e516c64340427d6ff7385472ce5313e3ce298fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:22:4d:88:73:a8:a2:db:e1:89:23:f9:e2:0c:
5d:54:89:bb:c1:2e:01:84:7a:95:b5:1f:99:3b:fc:
16:1d:4a:de:03:1f:a4:44:39:8c:ab:1b:9e:02:7a:
6c:6e:ee:35:4f:4d:12:9b:0b:0c:b8:c8:02:94:37:
6c:83:75:ac:ae:63:1a:7f:e2:a0:00:94:f3:4f:4d:
cb:6e:49:68:11:4c:2d:e8:fe:65:62:fd:aa:44:0b:
c1:0c:8b:a3:87:5b:04:e9:ec:d6:5c:9a:a2:23:61:
35:2c:a9:30:85:52:41:f2:20:08:14:56:a6:f1:f8:
3b:62:82:ce:62:c9:6e:1d:30:cb:91:14:93:e9:47:
3a:63:21:3b:4f:4f:ea:3b:21:a3:2e:26:32:84:9e:
61:b4:db:e8:e4:0b:f1:80:49:5d:db:94:81:2d:2b:
15:52:4a:f7:4f:99:04:d7:72:f6:1f:63:ac:6f:48:
0a:5d:f4:ce:ae:e1:b8:65:0e:22:e9:43:3f:5f:f6:
a2:a6:e1:49:99:8b:47:c7:68:a1:ac:63:2c:43:3c:
af:c2:fa:2f:f3:af:7e:71:96:cb:07:a3:26:7e:cb:
8c:32:ee:03:06:c6:3f:0b:9e:cd:17:b7:61:b4:9a:
b6:ad:6d:2d:87:a9:4f:b7:d3:60:47:7d:76:d5:94:
4d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:16:C6:43:40:42:7D:6F:F7:38:54:72:CE:53:13:E3:CE:29:8F:A8
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/5RbGQ0BCfW_3OFRyzlMT484pj6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380::/29
Signature Algorithm: sha256WithRSAEncryption
43:11:28:f5:a1:91:81:56:1e:df:86:bb:82:6c:89:b0:4b:b3:
dc:79:22:85:0d:f8:17:eb:5a:dc:e0:34:cc:be:1b:d9:0e:c7:
c6:84:12:ce:fb:eb:c8:1b:97:1f:de:cf:d9:2d:94:7f:29:30:
53:db:3e:0b:da:0e:4a:28:62:77:bb:02:eb:e7:7b:e3:dd:d5:
fb:29:93:b1:98:1d:8f:4e:33:66:ba:f8:61:94:e4:50:e5:8b:
b9:ee:08:88:56:a8:92:ad:15:41:f2:19:1c:86:6d:87:c8:fa:
54:7f:b4:d0:e7:56:1c:80:54:24:e5:2f:9d:1f:f4:40:ad:48:
8f:79:a7:3a:e1:7b:5d:a5:48:da:9c:f9:c5:ee:9c:71:b7:99:
43:be:9c:da:a1:df:ee:d9:56:a6:a8:67:4a:ec:12:5a:dc:0b:
9a:ae:d0:3b:e6:23:d7:e3:fb:10:3e:bf:dc:10:52:22:bb:47:
c6:b9:cd:67:57:34:a7:d7:35:0c:6e:35:f6:b4:4e:3c:5a:77:
32:c6:92:8b:e3:3d:bb:9b:a3:0f:fb:d8:ad:ea:3c:64:ea:e7:
87:d6:54:14:2d:92:22:d6:24:cc:d3:18:17:b4:71:6b:94:f1:
4c:a7:5f:a0:55:91:7d:6c:36:1c:0c:4d:0d:b0:cb:43:1a:c3:
b1:91:68:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaQgsGLB7UuVx0lR9Ymi4cGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwNTAyMTAyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTE2YzY0MzQwNDI3ZDZmZjczODU0NzJjZTUzMTNlM2NlMjk4ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yJNiHOootvhiSP54gxdVIm7wS4B
hHqVtR+ZO/wWHUreAx+kRDmMqxueAnpsbu41T00SmwsMuMgClDdsg3WsrmMaf+Kg
AJTzT03LbkloEUwt6P5lYv2qRAvBDIujh1sE6ezWXJqiI2E1LKkwhVJB8iAIFFam
8fg7YoLOYsluHTDLkRST6Uc6YyE7T0/qOyGjLiYyhJ5htNvo5AvxgEld25SBLSsV
Ukr3T5kE13L2H2Osb0gKXfTOruG4ZQ4i6UM/X/aipuFJmYtHx2ihrGMsQzyvwvov
869+cZbLB6MmfsuMMu4DBsY/C57NF7dhtJq2rW0th6lPt9NgR3121ZRN+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOUWxkNAQn1v9zhUcs5TE+POKY+oMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvNVJiR1EwQkNmV18zT0ZSeXpsTVQ0ODRwajZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhTDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAQxEo9aGRgVYe34a7gmyJsEuz3HkihQ34F+ta3OA0
zL4b2Q7HxoQSzvvryBuXH97P2S2UfykwU9s+C9oOSihid7sC6+d7493V+ymTsZgd
j04zZrr4YZTkUOWLue4IiFaokq0VQfIZHIZth8j6VH+00OdWHIBUJOUvnR/0QK1I
j3mnOuF7XaVI2pz5xe6ccbeZQ76c2qHf7tlWpqhnSuwSWtwLmq7QO+Yj1+P7ED6/
3BBSIrtHxrnNZ1c0p9c1DG419rROPFp3MsaSi+M9u5ujD/vYreo8ZOrnh9ZUFC2S
ItYkzNMYF7Rxa5TxTKdfoFWRfWw2HAxNDbDLQxrDsZFosg==
-----END CERTIFICATE-----
Generated at Sun May 11 22:47:54 2025 by rpki-client