Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/5z7umG_zBrgbe3GYmxGKIJqOjM4.roa
File: 5z7umG_zBrgbe3GYmxGKIJqOjM4.roa (raw, json)
Hash identifier: T62gr2UGr68OuXzoBc51fpjhb+WTXZXR9z/BlT9xYrw=
Subject key identifier: E7:3E:EE:98:6F:F3:06:B8:1B:7B:71:98:9B:11:8A:20:9A:8E:8C:CE
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0196AC30064D96BC2FAB771F8FC9F1284348
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/5z7umG_zBrgbe3GYmxGKIJqOjM4.roa
Signing time: Wed 07 May 2025 19:19:10 +0000
ROA not before: Wed 07 May 2025 19:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.176.94.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 10:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:30:06:4d:96:bc:2f:ab:77:1f:8f:c9:f1:28:43:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 7 19:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e73eee986ff306b81b7b71989b118a209a8e8cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d4:56:04:54:88:14:79:18:cd:68:91:32:7f:
90:6d:4a:3b:d2:ae:e2:46:af:0e:5e:be:83:ca:00:
fc:6c:d3:62:f5:c5:58:ce:04:ba:a0:46:81:27:0d:
cb:e8:da:d0:e9:dc:0a:d9:f6:82:e0:18:e4:a1:2b:
5a:af:d4:92:42:c6:31:01:d6:0c:ac:ca:81:1f:cb:
ec:6a:3c:d1:a8:02:ae:25:3c:1b:7a:c2:3d:bc:b4:
3e:49:a4:c0:03:09:83:5b:bb:1b:c6:53:0e:48:42:
db:ee:d4:9b:41:17:32:24:4d:2a:c3:27:48:77:ea:
41:fb:32:75:ca:8d:70:51:1c:85:a2:cf:b7:34:f7:
98:2e:48:31:14:c3:00:49:7e:14:c1:3d:9e:fa:7a:
73:44:c9:96:b7:cf:dd:cc:1e:92:a9:1e:fc:ee:92:
c4:cd:4a:7a:37:8a:9a:0e:34:c5:55:66:20:48:fe:
a4:4b:46:06:52:01:52:42:ae:21:c0:03:27:6f:68:
49:0d:fa:d3:07:4d:75:41:39:25:69:66:df:97:e5:
2d:fe:4a:18:5a:34:15:af:53:69:c8:53:37:c9:f2:
01:32:0d:e5:10:2d:80:48:0b:fb:6f:d4:3e:19:f1:
37:d2:a3:e6:30:6e:e9:04:a0:6e:c5:94:be:41:4c:
d3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3E:EE:98:6F:F3:06:B8:1B:7B:71:98:9B:11:8A:20:9A:8E:8C:CE
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/5z7umG_zBrgbe3GYmxGKIJqOjM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.176.94.0/24
185.216.104.0/22
193.23.196.0/24
Signature Algorithm: sha256WithRSAEncryption
87:10:6a:1f:cb:6a:d7:ad:41:24:a8:08:1d:63:f5:61:4f:a5:
3b:51:99:b9:ad:4a:bf:c4:5e:64:6f:35:79:ce:f6:18:3b:f0:
46:fd:61:fd:37:ba:41:84:29:77:28:83:88:40:17:ba:06:98:
1f:92:9d:94:9c:f3:c4:27:b8:77:0b:97:e2:3c:de:f8:af:66:
d9:64:0e:94:1b:8d:60:5d:9e:ff:d4:04:0c:3d:5b:d0:8e:46:
be:14:77:ca:cc:d7:07:a4:49:d2:55:50:31:b2:ec:76:0b:d2:
8f:07:a3:83:94:c7:4b:a9:95:dc:c3:fc:da:49:a9:60:0b:39:
a8:58:ed:ac:fa:42:52:aa:79:3b:28:b1:e4:63:79:14:38:44:
6e:e6:c3:86:4b:80:42:3a:61:ef:74:60:aa:80:1c:0d:f7:39:
be:3f:ac:25:c9:b4:8a:d5:43:90:42:78:51:81:91:36:f0:25:
82:2b:c7:e8:95:f6:aa:18:55:c1:6c:a4:1e:b5:00:dc:18:24:
d8:43:c4:0e:03:d3:1a:02:ef:34:f7:2a:a7:8d:b4:b8:0d:07:
da:c2:d7:59:ce:53:0e:5a:87:25:9a:fc:73:06:b3:1b:88:4e:
9f:19:87:0c:69:15:82:f0:56:a6:c0:2b:69:b7:f8:51:39:8b:
f3:eb:7e:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZasMAZNlrwvq3cfj8nxKENIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTA3MTkxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNlZWU5ODZmZjMwNmI4MWI3YjcxOTg5YjExOGEyMDlhOGU4Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79RWBFSIFHkYzWiRMn+QbUo70q7i
Rq8OXr6DygD8bNNi9cVYzgS6oEaBJw3L6NrQ6dwK2faC4BjkoStar9SSQsYxAdYM
rMqBH8vsajzRqAKuJTwbesI9vLQ+SaTAAwmDW7sbxlMOSELb7tSbQRcyJE0qwydI
d+pB+zJ1yo1wURyFos+3NPeYLkgxFMMASX4UwT2e+npzRMmWt8/dzB6SqR787pLE
zUp6N4qaDjTFVWYgSP6kS0YGUgFSQq4hwAMnb2hJDfrTB011QTklaWbfl+Ut/koY
WjQVr1NpyFM3yfIBMg3lEC2ASAv7b9Q+GfE30qPmMG7pBKBuxZS+QUzTpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOc+7phv8wa4G3txmJsRiiCajozOMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNXo3dW1HX3pCcmdiZTNHWW14R0tJSnFPak00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLx8AwQA
ubBeAwQCudhoAwQAwRfEMA0GCSqGSIb3DQEBCwUAA4IBAQCHEGofy2rXrUEkqAgd
Y/VhT6U7UZm5rUq/xF5kbzV5zvYYO/BG/WH9N7pBhCl3KIOIQBe6Bpgfkp2UnPPE
J7h3C5fiPN74r2bZZA6UG41gXZ7/1AQMPVvQjka+FHfKzNcHpEnSVVAxsux2C9KP
B6ODlMdLqZXcw/zaSalgCzmoWO2s+kJSqnk7KLHkY3kUOERu5sOGS4BCOmHvdGCq
gBwN9zm+P6wlybSK1UOQQnhRgZE28CWCK8folfaqGFXBbKQetQDcGCTYQ8QOA9Ma
Au809yqnjbS4DQfawtdZzlMOWoclmvxzBrMbiE6fGYcMaRWC8FamwCtpt/hROYvz
6352
-----END CERTIFICATE-----
Generated at Tue May 13 17:32:29 2025 by rpki-client