Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/5gG_Zi7UzMpPtarM4YgRPE41P0Y.roa
File: 5gG_Zi7UzMpPtarM4YgRPE41P0Y.roa (raw, json)
Hash identifier: h4U+fDKpUfUkNJ413pa9utTlvK0hGY5RmFrs2JwFVFY=
Subject key identifier: E6:01:BF:66:2E:D4:CC:CA:4F:B5:AA:CC:E1:88:11:3C:4E:35:3F:46
Certificate issuer: /CN=deb046b6e309e9a866522c2a40c66ffc42fbb843
Certificate serial: 0197B082A965382E073C7AF3257757E67131
Authority key identifier: DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/5gG_Zi7UzMpPtarM4YgRPE41P0Y.roa
Signing time: Fri 27 Jun 2025 08:30:42 +0000
ROA not before: Fri 27 Jun 2025 08:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24713
IP address blocks: 80.248.160.0/20 maxlen: 20
81.22.160.0/20 maxlen: 20
185.134.88.0/22 maxlen: 22
2a03:d640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 02:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:82:a9:65:38:2e:07:3c:7a:f3:25:77:57:e6:71:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=deb046b6e309e9a866522c2a40c66ffc42fbb843
Validity
Not Before: Jun 27 08:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e601bf662ed4ccca4fb5aacce188113c4e353f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5e:48:7c:54:00:f2:a9:b2:12:00:5c:13:94:
5b:05:f6:b1:65:af:84:36:9a:35:23:1c:7b:a3:8d:
a8:e7:5b:c8:1b:9e:b5:93:c8:a3:d8:6b:9d:2d:59:
1d:c9:33:c9:eb:f8:3a:6e:28:8c:58:c9:58:a4:b5:
fa:da:cb:4f:ef:3d:86:30:85:cc:29:69:0c:70:93:
cd:fd:a0:74:7b:b5:fa:cf:b5:ef:45:2b:72:c6:ed:
a9:41:17:29:df:66:1f:a9:d3:d6:79:f4:66:12:5b:
1d:e4:0e:cf:3c:2f:b5:8b:c2:f3:67:50:45:f6:a6:
3f:f4:48:0f:c6:7b:d0:3b:b9:22:d3:ec:7e:f4:20:
23:5c:1d:3b:36:2f:fb:6c:7d:80:68:be:a5:a2:d3:
e6:ae:02:ac:63:44:53:5f:c2:17:e4:f7:f0:3a:29:
55:d9:ff:de:f2:c2:32:3f:81:49:50:8e:6b:28:05:
64:cc:de:6a:54:4b:1b:b0:28:0c:5e:2a:e7:23:87:
c3:30:ba:ce:60:65:0d:40:c6:39:e9:7b:28:33:4a:
fd:5b:a9:e7:be:73:ad:53:41:ec:6f:d8:db:1f:22:
18:4d:1d:ea:a0:de:5e:83:cf:bf:4e:95:68:5f:eb:
f8:30:83:d8:7c:37:2a:f6:93:b3:75:bd:53:7f:2d:
e5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:01:BF:66:2E:D4:CC:CA:4F:B5:AA:CC:E1:88:11:3C:4E:35:3F:46
X509v3 Authority Key Identifier:
keyid:DE:B0:46:B6:E3:09:E9:A8:66:52:2C:2A:40:C6:6F:FC:42:FB:B8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/5gG_Zi7UzMpPtarM4YgRPE41P0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d24bc2-42f3-46d9-bdd9-1c9492245cab/1/3rBGtuMJ6ahmUiwqQMZv_EL7uEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.160.0/20
81.22.160.0/20
185.134.88.0/22
IPv6:
2a03:d640::/32
Signature Algorithm: sha256WithRSAEncryption
4b:50:9c:4d:1b:74:2f:fb:82:cc:7a:f9:a7:c9:62:6b:a3:7c:
ea:f3:df:9b:ea:2a:63:44:e7:40:bf:01:9b:37:bc:88:ca:d8:
e7:24:19:a8:fa:63:bf:2b:75:90:5f:47:0d:a8:ad:b5:e5:06:
d2:1b:95:15:06:cd:01:02:bf:78:59:22:69:60:83:5a:0a:70:
09:35:a6:e9:5f:4c:39:21:c6:dd:39:6b:48:0c:08:74:16:be:
f2:58:89:f3:b8:ba:2e:22:be:6e:88:1f:ff:08:e4:e7:54:91:
99:27:a8:11:e0:19:25:cf:82:b3:1c:5f:f3:f0:31:4b:96:6b:
03:ba:81:80:4a:b8:c9:5b:86:57:11:9e:04:01:e2:cb:11:25:
88:1e:96:95:5c:f5:17:98:7a:8e:d8:e0:26:b1:06:dc:b9:b6:
7b:72:9b:cd:68:60:c9:30:56:5a:0e:7f:f9:23:97:db:06:bd:
74:45:0a:a5:41:7b:60:a1:18:e4:5a:3c:bb:9b:94:3a:8c:71:
3f:a3:67:89:2f:77:32:1d:92:3a:f1:e2:f0:a6:6a:27:22:ac:
bd:d3:f1:15:40:81:da:0e:d1:da:7e:98:31:b4:35:25:45:cd:
33:11:ad:e3:1c:38:a1:4d:80:69:db:92:e9:56:76:41:60:e4:
e5:90:76:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZewgqllOC4HPHrzJXdX5nExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYjA0NmI2ZTMwOWU5YTg2NjUyMmMyYTQwYzY2ZmZjNDJm
YmI4NDMwHhcNMjUwNjI3MDgzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjAxYmY2NjJlZDRjY2NhNGZiNWFhY2NlMTg4MTEzYzRlMzUzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1l5IfFQA8qmyEgBcE5RbBfaxZa+E
Npo1Ixx7o42o51vIG561k8ij2GudLVkdyTPJ6/g6biiMWMlYpLX62stP7z2GMIXM
KWkMcJPN/aB0e7X6z7XvRStyxu2pQRcp32YfqdPWefRmElsd5A7PPC+1i8LzZ1BF
9qY/9EgPxnvQO7ki0+x+9CAjXB07Ni/7bH2AaL6lotPmrgKsY0RTX8IX5PfwOilV
2f/e8sIyP4FJUI5rKAVkzN5qVEsbsCgMXirnI4fDMLrOYGUNQMY56XsoM0r9W6nn
vnOtU0Hsb9jbHyIYTR3qoN5eg8+/TpVoX+v4MIPYfDcq9pOzdb1Tfy3l5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOYBv2Yu1MzKT7WqzOGIETxONT9GMB8GA1UdIwQY
MBaAFN6wRrbjCemoZlIsKkDGb/xC+7hDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3JCR3R1TUo2YWhtVWl3cVFNWnZfRUw3dUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kMjRiYzItNDJmMy00NmQ5LWJkZDkt
MWM5NDkyMjQ1Y2FiLzEvNWdHX1ppN1V6TXBQdGFyTTRZZ1JQRTQxUDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kMjRiYzItNDJmMy00NmQ5LWJkZDktMWM5NDkyMjQ1Y2Fi
LzEvM3JCR3R1TUo2YWhtVWl3cVFNWnZfRUw3dUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPigAwQE
URagAwQCuYZYMA0EAgACMAcDBQAqA9ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBLUJxN
G3Qv+4LMevmnyWJro3zq89+b6ipjROdAvwGbN7yIytjnJBmo+mO/K3WQX0cNqK21
5QbSG5UVBs0BAr94WSJpYINaCnAJNabpX0w5IcbdOWtIDAh0Fr7yWInzuLouIr5u
iB//COTnVJGZJ6gR4Bklz4KzHF/z8DFLlmsDuoGASrjJW4ZXEZ4EAeLLESWIHpaV
XPUXmHqO2OAmsQbcubZ7cpvNaGDJMFZaDn/5I5fbBr10RQqlQXtgoRjkWjy7m5Q6
jHE/o2eJL3cyHZI68eLwpmonIqy90/EVQIHaDtHafpgxtDUlRc0zEa3jHDihTYBp
25LpVnZBYOTlkHa/
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:01:36 2025 by rpki-client