Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/j5-XW5coEbjIakLbav-a-xkoxss.roa
File: j5-XW5coEbjIakLbav-a-xkoxss.roa (raw, json)
Hash identifier: 3PeUPnbjaNU5eTMyl99skfbBuUv7EoDvaqaX+1+rQl4=
Subject key identifier: 8F:9F:97:5B:97:28:11:B8:C8:6A:42:DB:6A:FF:9A:FB:19:28:C6:CB
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 019685DC505E57B5ECF648F87C92BC5C0CA4
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/j5-XW5coEbjIakLbav-a-xkoxss.roa
Signing time: Wed 30 Apr 2025 08:42:10 +0000
ROA not before: Wed 30 Apr 2025 08:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205624
IP address blocks: 185.234.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:dc:50:5e:57:b5:ec:f6:48:f8:7c:92:bc:5c:0c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Apr 30 08:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f9f975b972811b8c86a42db6aff9afb1928c6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:71:27:9f:f1:b1:ef:cb:e4:9a:f3:45:b7:
d6:26:6b:ab:93:61:f5:06:06:c6:6e:25:39:99:6a:
0f:b8:ed:eb:4f:99:98:c7:4e:ea:20:bc:17:e6:e9:
c9:0d:b2:3f:68:95:b7:4a:e0:ba:8d:02:92:b2:ca:
9a:f9:f9:09:78:04:d9:5a:fe:26:90:af:d6:22:ab:
fa:f0:77:34:a0:9d:2f:f6:e2:86:c5:25:fe:c9:e5:
1b:83:4d:e9:9a:53:b3:b6:92:a4:be:6a:f8:f8:42:
d1:7a:d5:b5:3f:c6:2e:d3:cc:3e:f3:fb:66:3b:5a:
25:9f:49:21:92:c3:52:eb:5c:02:48:e1:5f:79:f6:
50:f0:3e:57:2a:27:78:62:0b:61:a0:72:5c:80:f7:
ee:c3:63:23:a5:cf:e5:ff:c6:89:b9:d1:2e:b2:6a:
f5:06:d5:40:3a:51:1f:52:1f:b9:9e:13:04:05:f6:
4a:41:87:ea:f0:3a:74:43:e3:75:ee:08:31:43:fb:
77:a9:ac:1d:5e:97:a0:2e:91:43:40:43:d3:a3:98:
4f:a5:a6:3b:94:b3:fb:d9:91:fd:9d:27:fa:cd:69:
19:12:fe:ff:71:da:03:77:ea:b8:db:28:07:4e:24:
1b:35:38:40:10:1b:d0:24:4a:57:cc:1e:24:53:ad:
c7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9F:97:5B:97:28:11:B8:C8:6A:42:DB:6A:FF:9A:FB:19:28:C6:CB
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/j5-XW5coEbjIakLbav-a-xkoxss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.156.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:1f:80:d8:6e:fc:12:6f:2d:d5:ad:47:c0:6c:89:a0:48:45:
a9:bd:f4:46:f7:bd:bc:95:6d:d4:70:c7:8c:f2:51:1f:04:76:
93:6c:44:0d:a6:40:46:51:3e:d1:75:4e:ac:49:9d:98:8f:f2:
7d:e0:0a:63:e3:de:a9:fe:8b:c1:58:e4:1c:82:23:83:f4:41:
c2:8e:13:d7:db:78:0a:22:5c:5c:1e:28:85:b8:17:0d:3c:77:
3a:1e:54:f3:80:96:73:7d:c8:9f:a5:e7:22:2b:83:04:d9:cf:
b8:e4:3b:ea:88:46:90:8a:40:7d:60:35:c1:0a:ee:4d:eb:87:
5b:ce:80:86:9c:7f:d7:70:0b:28:1f:33:2a:d0:23:72:7a:c4:
be:d9:d8:c4:aa:51:ba:1f:ab:55:76:c9:19:9d:57:0c:bf:d1:
f5:b4:d7:d1:4d:c6:d2:98:41:75:0d:74:6b:f8:41:5e:b4:b7:
62:e2:1c:79:72:0d:25:22:02:cb:1d:aa:c8:0f:dd:b5:9f:60:
2e:21:eb:16:62:cc:aa:7f:25:47:9a:8f:c6:c6:01:f1:a0:fc:
da:2a:a9:75:c1:fc:d4:e9:a7:dd:1f:42:28:02:fe:86:f4:b6:
d6:01:23:5c:53:20:38:56:c6:9f:f4:c9:52:19:f0:da:a1:04:
80:fb:09:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaF3FBeV7Xs9kj4fJK8XAykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwNDMwMDg0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjlmOTc1Yjk3MjgxMWI4Yzg2YTQyZGI2YWZmOWFmYjE5MjhjNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDBxJ5/xse/L5JrzRbfWJmurk2H1
BgbGbiU5mWoPuO3rT5mYx07qILwX5unJDbI/aJW3SuC6jQKSssqa+fkJeATZWv4m
kK/WIqv68Hc0oJ0v9uKGxSX+yeUbg03pmlOztpKkvmr4+ELRetW1P8Yu08w+8/tm
O1oln0khksNS61wCSOFfefZQ8D5XKid4YgthoHJcgPfuw2Mjpc/l/8aJudEusmr1
BtVAOlEfUh+5nhMEBfZKQYfq8Dp0Q+N17ggxQ/t3qawdXpegLpFDQEPTo5hPpaY7
lLP72ZH9nSf6zWkZEv7/cdoDd+q42ygHTiQbNThAEBvQJEpXzB4kU63H2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+fl1uXKBG4yGpC22r/mvsZKMbLMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvajUtWFc1Y29FYmpJYWtMYmF2LWEteGtveHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueqcMA0G
CSqGSIb3DQEBCwUAA4IBAQCfH4DYbvwSby3VrUfAbImgSEWpvfRG9728lW3UcMeM
8lEfBHaTbEQNpkBGUT7RdU6sSZ2Yj/J94Apj496p/ovBWOQcgiOD9EHCjhPX23gK
IlxcHiiFuBcNPHc6HlTzgJZzfcifpeciK4ME2c+45DvqiEaQikB9YDXBCu5N64db
zoCGnH/XcAsoHzMq0CNyesS+2djEqlG6H6tVdskZnVcMv9H1tNfRTcbSmEF1DXRr
+EFetLdi4hx5cg0lIgLLHarID921n2AuIesWYsyqfyVHmo/GxgHxoPzaKql1wfzU
6afdH0IoAv6G9LbWASNcUyA4Vsaf9MlSGfDaoQSA+wmR
-----END CERTIFICATE-----
Generated at Thu May 8 15:49:12 2025 by rpki-client