Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/5TmF660osVLf2yedLZYIouqKzCQ.roa
File: 5TmF660osVLf2yedLZYIouqKzCQ.roa (raw, json)
Hash identifier: svEuw+A3XrP85kyKwdSMhC87V3nCBDwlLWE+iKrkH+s=
Subject key identifier: E5:39:85:EB:AD:28:B1:52:DF:DB:27:9D:2D:96:08:A2:EA:8A:CC:24
Certificate issuer: /CN=2050df51f0e5bc81db4b05f449f74308d7fcfa2e
Certificate serial: 01978345C7E5476516A665510A43039217E1
Authority key identifier: 20:50:DF:51:F0:E5:BC:81:DB:4B:05:F4:49:F7:43:08:D7:FC:FA:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IFDfUfDlvIHbSwX0SfdDCNf8-i4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/5TmF660osVLf2yedLZYIouqKzCQ.roa
Signing time: Wed 18 Jun 2025 13:41:17 +0000
ROA not before: Wed 18 Jun 2025 13:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 212.101.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/IFDfUfDlvIHbSwX0SfdDCNf8-i4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/IFDfUfDlvIHbSwX0SfdDCNf8-i4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IFDfUfDlvIHbSwX0SfdDCNf8-i4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 13:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:45:c7:e5:47:65:16:a6:65:51:0a:43:03:92:17:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2050df51f0e5bc81db4b05f449f74308d7fcfa2e
Validity
Not Before: Jun 18 13:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e53985ebad28b152dfdb279d2d9608a2ea8acc24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:08:df:31:98:c0:a1:3c:88:5e:5b:ab:7e:
50:4f:bb:f4:56:01:d3:e7:12:ab:7f:ce:f9:fb:54:
4d:97:b8:5d:cb:1a:42:26:d6:83:7e:c1:bc:86:08:
b1:c1:1b:48:db:5d:aa:20:e4:ba:f4:ba:a1:1c:22:
74:ad:6a:fe:23:bc:5a:dd:f5:5b:64:5d:0b:15:ec:
6d:f9:52:6e:31:c0:fb:0a:0e:cc:28:51:eb:ce:73:
fc:cc:42:b9:16:73:be:13:ad:71:f3:d5:7b:d1:8d:
3b:ef:c2:d3:3e:ce:2f:4f:82:d5:b4:a7:75:59:cc:
b7:8b:2d:2c:91:26:f5:ff:93:0d:48:9b:29:e1:c7:
03:9a:d0:d2:a6:3b:06:5f:90:4f:4f:59:66:dc:f0:
a5:9d:70:3c:38:49:14:19:27:56:e1:0d:15:34:06:
ab:c1:a5:dd:86:41:3b:6d:16:83:f5:9e:62:73:d8:
d9:12:c4:24:fe:ab:9a:37:de:cb:55:39:d9:f6:93:
82:f7:95:93:83:7e:90:25:6c:b2:53:d2:f5:7a:41:
54:a9:b8:cf:7f:86:ef:8b:fc:09:98:61:6f:f6:3e:
26:dd:ab:49:75:2a:36:94:5d:45:03:ed:c6:92:1a:
53:f3:55:8d:3f:1c:4a:b0:91:80:24:20:a7:fe:ce:
ec:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:39:85:EB:AD:28:B1:52:DF:DB:27:9D:2D:96:08:A2:EA:8A:CC:24
X509v3 Authority Key Identifier:
keyid:20:50:DF:51:F0:E5:BC:81:DB:4B:05:F4:49:F7:43:08:D7:FC:FA:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IFDfUfDlvIHbSwX0SfdDCNf8-i4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/5TmF660osVLf2yedLZYIouqKzCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/60e376-993c-4baf-b590-6e6481e5765c/1/IFDfUfDlvIHbSwX0SfdDCNf8-i4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
28:d9:fa:4f:b9:85:e0:b1:a4:3d:d2:f6:45:b8:09:e5:88:c1:
e0:7b:65:d9:90:01:68:d1:98:ce:22:a5:1c:59:59:c4:76:65:
60:ff:59:d6:b2:fc:c7:28:03:7e:d0:df:73:f0:ff:c4:ce:70:
70:42:13:9c:d1:c7:ac:bc:c1:74:92:70:58:d0:f2:dc:27:21:
85:1d:ed:2d:b5:4f:85:43:53:9b:ce:bc:12:9f:4d:6f:9e:fe:
86:b8:0f:5c:95:9b:2a:24:e8:93:a6:a1:f5:55:6b:5e:f7:ee:
f1:a4:c6:74:4d:83:f4:d2:3d:27:f7:58:dd:5f:4c:91:14:12:
d1:40:e9:56:ff:36:44:f1:f9:86:04:17:5b:40:49:3f:22:85:
eb:17:70:ad:4b:d5:a5:d4:6c:06:09:37:82:cf:b0:41:df:06:
e0:ad:90:55:ae:05:11:61:a9:f7:e5:29:6d:bc:55:f6:11:12:
3b:bc:f9:95:14:8f:22:46:d5:37:75:e7:1b:c9:af:a7:e4:f6:
a1:4d:ee:9a:72:91:81:38:b8:81:ea:6b:66:29:5f:63:e2:7b:
60:55:3f:ab:8a:0d:1b:1f:db:7a:74:03:13:49:cf:43:ef:93:
2c:39:8a:f0:d9:b3:35:8b:9b:de:97:93:b4:c6:be:87:5b:8f:
2f:9c:01:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeDRcflR2UWpmVRCkMDkhfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNTBkZjUxZjBlNWJjODFkYjRiMDVmNDQ5Zjc0MzA4ZDdm
Y2ZhMmUwHhcNMjUwNjE4MTM0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTM5ODVlYmFkMjhiMTUyZGZkYjI3OWQyZDk2MDhhMmVhOGFjYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprII3zGYwKE8iF5bq35QT7v0VgHT
5xKrf875+1RNl7hdyxpCJtaDfsG8hgixwRtI212qIOS69LqhHCJ0rWr+I7xa3fVb
ZF0LFext+VJuMcD7Cg7MKFHrznP8zEK5FnO+E61x89V70Y0778LTPs4vT4LVtKd1
Wcy3iy0skSb1/5MNSJsp4ccDmtDSpjsGX5BPT1lm3PClnXA8OEkUGSdW4Q0VNAar
waXdhkE7bRaD9Z5ic9jZEsQk/quaN97LVTnZ9pOC95WTg36QJWyyU9L1ekFUqbjP
f4bvi/wJmGFv9j4m3atJdSo2lF1FA+3GkhpT81WNPxxKsJGAJCCn/s7sfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOU5heutKLFS39snnS2WCKLqiswkMB8GA1UdIwQY
MBaAFCBQ31Hw5byB20sF9En3QwjX/PouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUZEZlVmRGx2SUhiU3dYMFNmZERDTmY4LWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82MGUzNzYtOTkzYy00YmFmLWI1OTAt
NmU2NDgxZTU3NjVjLzEvNVRtRjY2MG9zVkxmMnllZExaWUlvdXFLekNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82MGUzNzYtOTkzYy00YmFmLWI1OTAtNmU2NDgxZTU3NjVj
LzEvSUZEZlVmRGx2SUhiU3dYMFNmZERDTmY4LWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1GVgMA0G
CSqGSIb3DQEBCwUAA4IBAQAo2fpPuYXgsaQ90vZFuAnliMHge2XZkAFo0ZjOIqUc
WVnEdmVg/1nWsvzHKAN+0N9z8P/EznBwQhOc0cesvMF0knBY0PLcJyGFHe0ttU+F
Q1ObzrwSn01vnv6GuA9clZsqJOiTpqH1VWte9+7xpMZ0TYP00j0n91jdX0yRFBLR
QOlW/zZE8fmGBBdbQEk/IoXrF3CtS9Wl1GwGCTeCz7BB3wbgrZBVrgURYan35Slt
vFX2ERI7vPmVFI8iRtU3decbya+n5PahTe6acpGBOLiB6mtmKV9j4ntgVT+rig0b
H9t6dAMTSc9D75MsOYrw2bM1i5vel5O0xr6HW48vnAF8
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:30:21 2025 by rpki-client