Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J4KWVcNrvDsXAb3UqU_3rL2ucV8.roa
File: J4KWVcNrvDsXAb3UqU_3rL2ucV8.roa (raw, json)
Hash identifier: lgdVCejFN9QsnOrpJw5AuoG9uWznCrOMtN5Ht5BHMEM=
Subject key identifier: 27:82:96:55:C3:6B:BC:3B:17:01:BD:D4:A9:4F:F7:AC:BD:AE:71:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01966BDF305682E362B546B298E9DB623BE8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J4KWVcNrvDsXAb3UqU_3rL2ucV8.roa
Signing time: Fri 25 Apr 2025 07:35:11 +0000
ROA not before: Fri 25 Apr 2025 07:35:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:df:30:56:82:e3:62:b5:46:b2:98:e9:db:62:3b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 25 07:35:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27829655c36bbc3b1701bdd4a94ff7acbdae715f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cd:1e:e9:01:81:9f:e9:10:94:fe:ec:60:30:
9a:b2:25:a1:00:d4:c0:35:9b:62:eb:3c:bc:e4:5c:
7c:58:a0:68:39:95:4d:d4:91:7e:c7:da:61:92:16:
d7:cb:e2:81:6c:ab:31:da:53:4a:85:bc:93:d0:a1:
75:e2:0f:de:82:0b:ce:1e:a4:90:1f:db:b4:fe:c8:
33:0e:24:20:bb:ca:8e:da:69:b4:70:d0:98:0c:7b:
2b:98:f0:70:38:c0:f5:09:02:b4:34:e3:28:4b:69:
aa:a1:71:88:10:c7:f3:b8:b4:90:3c:14:74:74:83:
5e:eb:75:8f:d6:a3:96:ae:01:4c:0f:91:ad:0a:6b:
97:e7:1a:2d:e4:6b:cf:51:93:58:b9:22:18:bd:ca:
c2:d9:6c:ae:6e:b5:0f:da:31:94:8a:f0:ed:47:a0:
66:ba:61:ff:4f:7c:a8:00:fc:79:ff:89:c4:e5:6f:
3f:07:d8:03:5e:29:65:0f:75:66:ab:6a:86:5e:68:
8a:02:67:1e:0b:8e:bc:6a:da:b5:87:cd:71:70:a2:
6f:15:89:64:1a:67:7a:11:60:98:b1:e1:33:17:71:
4e:c2:74:53:82:d6:62:a9:61:3e:e4:cc:e2:d8:57:
00:bd:6a:07:dd:d2:24:1c:3b:a3:25:4c:68:5e:d8:
03:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:82:96:55:C3:6B:BC:3B:17:01:BD:D4:A9:4F:F7:AC:BD:AE:71:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/J4KWVcNrvDsXAb3UqU_3rL2ucV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
56:69:44:dd:6e:61:f9:8d:69:6d:a2:bd:03:89:57:cd:ab:a5:
e5:5f:c0:fb:8f:09:e1:7b:13:63:58:45:f3:b8:ec:16:39:50:
d5:eb:0a:ae:a2:e6:ea:1e:62:79:b5:ee:3a:f5:e2:eb:9e:c5:
62:99:58:72:07:90:3c:22:96:d0:57:a3:b9:e6:0f:2b:1f:5f:
ca:38:83:84:55:70:e1:b2:50:a2:7a:31:ca:cd:86:ee:f7:c3:
73:ef:03:7e:7f:b4:e7:be:a8:de:61:49:f9:b1:c1:7b:a7:05:
03:e7:8f:3f:21:ae:81:a3:2c:15:d0:1a:75:94:db:b3:0f:9e:
b7:15:b7:3d:26:29:89:01:23:e8:24:43:ba:32:3b:08:96:c3:
dc:db:b2:19:3d:88:4a:cb:82:59:63:a8:3c:e1:fd:68:8f:79:
af:bb:88:02:fd:d3:d2:c1:30:7d:d1:1e:0f:29:91:41:76:66:
83:56:b5:e4:14:f6:4b:58:5c:16:5a:8b:58:2c:5a:84:93:24:
c3:2a:37:53:b7:1d:a6:ca:13:d2:95:47:0a:91:ba:6d:45:00:
c3:ed:d3:0f:df:17:a6:48:ee:14:91:8e:67:3c:30:1c:e0:48:
61:38:48:98:b0:2d:84:6b:0e:03:84:a5:f1:13:f3:1f:5f:df:
f3:ab:95:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZr3zBWguNitUaymOnbYjvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDI1MDczNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgyOTY1NWMzNmJiYzNiMTcwMWJkZDRhOTRmZjdhY2JkYWU3MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc0e6QGBn+kQlP7sYDCasiWhANTA
NZti6zy85Fx8WKBoOZVN1JF+x9phkhbXy+KBbKsx2lNKhbyT0KF14g/eggvOHqSQ
H9u0/sgzDiQgu8qO2mm0cNCYDHsrmPBwOMD1CQK0NOMoS2mqoXGIEMfzuLSQPBR0
dINe63WP1qOWrgFMD5GtCmuX5xot5GvPUZNYuSIYvcrC2WyubrUP2jGUivDtR6Bm
umH/T3yoAPx5/4nE5W8/B9gDXillD3Vmq2qGXmiKAmceC468atq1h81xcKJvFYlk
Gmd6EWCYseEzF3FOwnRTgtZiqWE+5Mzi2FcAvWoH3dIkHDujJUxoXtgD4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCeCllXDa7w7FwG91KlP96y9rnFfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSjRLV1ZjTnJ2RHNYQWIzVXFVXzNyTDJ1Y1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAU9thAwQA
V3lWAwQAV3ndAwQAjWIGAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUA
A4IBAQBWaUTdbmH5jWltor0DiVfNq6XlX8D7jwnhexNjWEXzuOwWOVDV6wquoubq
HmJ5te469eLrnsVimVhyB5A8IpbQV6O55g8rH1/KOIOEVXDhslCiejHKzYbu98Nz
7wN+f7TnvqjeYUn5scF7pwUD548/Ia6BoywV0Bp1lNuzD563Fbc9JimJASPoJEO6
MjsIlsPc27IZPYhKy4JZY6g84f1oj3mvu4gC/dPSwTB90R4PKZFBdmaDVrXkFPZL
WFwWWotYLFqEkyTDKjdTtx2myhPSlUcKkbptRQDD7dMP3xemSO4UkY5nPDAc4Ehh
OEiYsC2Eaw4DhKXxE/MfX9/zq5X2
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:08:30 2025 by rpki-client