Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-dP3jRJeHN6U2KkXmOEvbQD_nEQ.roa
File: 1-dP3jRJeHN6U2KkXmOEvbQD_nEQ.roa (raw, json)
Hash identifier: akeIuoaB5gq6yBhp0xztAGRAsatQEM3LbCgXQYF6zP8=
Subject key identifier: F9:D3:F7:8D:12:5E:1C:DE:94:D8:A9:17:98:E1:2F:6D:00:FF:9C:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019661C3E63DFA0ECDBAD472EB3B39C6FF57
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-dP3jRJeHN6U2KkXmOEvbQD_nEQ.roa
Signing time: Wed 23 Apr 2025 08:29:10 +0000
ROA not before: Wed 23 Apr 2025 08:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 192.124.175.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:61:c3:e6:3d:fa:0e:cd:ba:d4:72:eb:3b:39:c6:ff:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 23 08:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9d3f78d125e1cde94d8a91798e12f6d00ff9c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9c:79:07:5a:83:97:7e:74:15:f8:e7:3f:40:
50:1f:28:07:66:f4:b0:fa:7d:e9:68:13:dd:cf:40:
50:a9:b8:18:72:d3:d3:23:e3:21:7f:49:ef:ea:13:
20:c7:94:96:c2:7f:74:4a:75:2f:a3:bb:15:f0:84:
8d:a8:5f:1a:6a:17:a8:38:3c:53:91:ca:05:0f:80:
19:8e:5c:b4:95:93:e2:2c:12:0b:f1:80:45:fd:5f:
62:9f:41:ac:53:c6:51:59:d1:de:71:cf:80:d1:f8:
b5:f2:1d:55:f1:2e:09:85:db:53:93:2a:9f:db:90:
80:d9:66:0e:5b:7e:0c:f8:91:be:aa:7e:ea:85:b4:
d1:bc:fa:e8:65:a5:b3:fc:08:24:22:85:86:1b:c4:
c3:27:1b:86:27:0e:d2:97:24:67:51:b6:f3:bd:ed:
32:7f:60:f4:4c:b0:0e:30:df:29:98:c3:ce:e2:03:
1f:72:b6:78:0a:14:c8:4d:82:04:37:9f:01:3e:b4:
f9:48:33:f0:67:06:45:3e:cf:76:5f:1d:2f:4f:bc:
de:8e:7a:02:34:20:0e:8e:0a:df:46:f2:a8:cd:b3:
09:d5:fa:ae:17:0a:a6:14:59:d5:84:49:5c:01:7d:
b7:22:98:1a:0e:33:ab:09:bf:fc:33:21:a1:c2:a0:
ec:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D3:F7:8D:12:5E:1C:DE:94:D8:A9:17:98:E1:2F:6D:00:FF:9C:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-dP3jRJeHN6U2KkXmOEvbQD_nEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.175.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.8.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
18:7a:d0:5a:00:1f:7a:ef:e2:8e:6d:64:8b:50:02:7d:f6:a2:
02:d9:12:e6:fc:ad:d8:6c:db:00:d9:0c:dc:1d:f3:ca:66:f8:
25:ef:13:1f:13:e5:6f:97:42:a1:e4:f8:13:26:7f:84:a5:6e:
01:ea:1c:49:20:49:ad:fa:07:b4:76:5d:5b:0a:57:76:a2:91:
60:40:84:e5:af:21:3c:63:7a:fc:54:2e:03:ee:03:9e:fd:49:
22:ce:eb:89:29:ed:49:b2:02:80:f3:50:a3:a7:7e:c3:56:80:
cb:63:35:71:7b:10:b6:48:42:a5:c1:68:98:8a:bb:e9:b4:fd:
2e:57:d5:3c:91:fe:bb:d6:ed:0c:a1:14:6b:70:34:d3:2a:80:
11:2c:56:95:c2:ea:6e:a4:b3:02:cc:ee:e5:f7:2d:19:54:34:
72:ef:b2:10:3d:e5:69:ba:70:be:03:af:75:15:71:8a:f1:f6:
24:7f:af:47:28:3f:ec:26:fc:1f:e2:34:7f:27:2a:a9:5d:48:
99:8b:01:99:f3:69:1c:ef:e7:a8:8a:b4:4f:33:ef:71:26:8d:
e2:13:f3:19:c6:25:2f:e8:26:e9:3a:1b:6e:ee:5e:71:87:1e:
4c:5e:83:26:ca:2b:e0:2c:23:b2:f0:6a:fc:c2:d4:ec:ed:b2:
f5:de:84:25
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZZhw+Y9+g7NutRy6zs5xv9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDIzMDgyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQzZjc4ZDEyNWUxY2RlOTRkOGE5MTc5OGUxMmY2ZDAwZmY5YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5x5B1qDl350FfjnP0BQHygHZvSw
+n3paBPdz0BQqbgYctPTI+Mhf0nv6hMgx5SWwn90SnUvo7sV8ISNqF8aaheoODxT
kcoFD4AZjly0lZPiLBIL8YBF/V9in0GsU8ZRWdHecc+A0fi18h1V8S4JhdtTkyqf
25CA2WYOW34M+JG+qn7qhbTRvProZaWz/AgkIoWGG8TDJxuGJw7SlyRnUbbzve0y
f2D0TLAOMN8pmMPO4gMfcrZ4ChTITYIEN58BPrT5SDPwZwZFPs92Xx0vT7zejnoC
NCAOjgrfRvKozbMJ1fquFwqmFFnVhElcAX23IpgaDjOrCb/8MyGhwqDsRwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFPnT940SXhzelNipF5jhL20A/5xEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS1kUDNqUkplSE42VTJLa1htT0V2YlFEX25FUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBowYIKwYBBQUHAQcBAf8EgZMwgZAweAQCAAEwcgMEAMB8
rwMEAMF8BwMEAMF8LAMEAMI6JAMEAMI6mwMEAMI63wMEAMJXNQMEAMJXdwMEAMJX
fgMEAMJXqQMEAMJXswMEAMOFCQMEAcOFGAMEAcOFKAMEAcOFMgMEAcOFXAMEANTA
8QMEANTBCAMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM/0AwDQYJKoZIhvcNAQEL
BQADggEBABh60FoAH3rv4o5tZItQAn32ogLZEub8rdhs2wDZDNwd88pm+CXvEx8T
5W+XQqHk+BMmf4SlbgHqHEkgSa36B7R2XVsKV3aikWBAhOWvITxjevxULgPuA579
SSLO64kp7UmyAoDzUKOnfsNWgMtjNXF7ELZIQqXBaJiKu+m0/S5X1TyR/rvW7Qyh
FGtwNNMqgBEsVpXC6m6kswLM7uX3LRlUNHLvshA95Wm6cL4Dr3UVcYrx9iR/r0co
P+wm/B/iNH8nKqldSJmLAZnzaRzv56iKtE8z73EmjeIT8xnGJS/oJuk6G27uXnGH
HkxegybKK+AsI7LwavzC1OztsvXehCU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:56:23 2025 by rpki-client