Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lNXxNjswzmH15i_JXb2KnjJe8os.roa
File: lNXxNjswzmH15i_JXb2KnjJe8os.roa (raw, json)
Hash identifier: S5EYWhZ/78Ja8O3D8dha4QBWm30TO0RSOaGgwXr7W3w=
Subject key identifier: 94:D5:F1:36:3B:30:CE:61:F5:E6:2F:C9:5D:BD:8A:9E:32:5E:F2:8B
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019753B285DA4158051AF2FD348AC39BAE37
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lNXxNjswzmH15i_JXb2KnjJe8os.roa
Signing time: Mon 09 Jun 2025 07:58:17 +0000
ROA not before: Mon 09 Jun 2025 07:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62387
IP address blocks: 79.132.64.0/19 maxlen: 19
79.132.64.0/22 maxlen: 22
79.132.68.0/22 maxlen: 22
79.132.76.0/22 maxlen: 22
79.132.80.0/22 maxlen: 22
79.132.84.0/22 maxlen: 22
79.132.88.0/22 maxlen: 22
79.132.92.0/22 maxlen: 22
79.135.136.0/22 maxlen: 22
85.234.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 13:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:b2:85:da:41:58:05:1a:f2:fd:34:8a:c3:9b:ae:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 9 07:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94d5f1363b30ce61f5e62fc95dbd8a9e325ef28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:26:a6:e0:30:1c:54:12:59:99:85:f7:20:68:
50:d6:51:d1:fd:87:14:93:cc:60:c4:2e:10:9d:7c:
5c:2a:51:91:ce:5d:11:02:12:d1:c2:d7:e3:86:fa:
14:69:1f:f5:2e:fd:6b:c8:6d:36:ea:7d:80:cb:d8:
72:e7:a6:52:76:cc:b2:3f:e3:5c:9a:07:58:9d:05:
15:74:50:dd:70:74:e6:a7:62:f8:6c:e6:5a:42:28:
80:7a:34:ae:1b:86:02:df:18:63:5b:af:ac:e6:d9:
a7:67:77:6f:c1:97:4d:b7:8e:4c:04:2e:70:0c:4e:
4b:7b:5a:2d:01:d7:54:e6:61:71:8c:9b:4f:d3:4c:
23:77:b0:1a:12:d9:5f:25:33:46:2d:46:ae:24:e7:
13:68:82:1c:cc:c5:4b:96:af:6e:d0:da:66:19:f2:
d8:2c:3f:19:27:fb:ad:47:a7:88:50:43:61:a4:19:
97:f4:f7:99:5f:cb:7e:1d:39:2c:93:cd:9b:d0:0b:
0e:12:d1:b0:f4:8f:8c:52:38:67:95:d3:1d:a9:b6:
89:c0:40:12:37:70:78:0d:37:ea:cd:11:2b:5c:7c:
ea:cc:31:86:1a:2b:15:9a:7c:6b:12:02:fd:67:ee:
2d:e0:7f:f9:ac:88:f9:fa:36:31:d8:ab:e1:4a:0d:
43:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D5:F1:36:3B:30:CE:61:F5:E6:2F:C9:5D:BD:8A:9E:32:5E:F2:8B
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/lNXxNjswzmH15i_JXb2KnjJe8os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.64.0/19
79.135.136.0/22
85.234.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:71:49:36:a3:01:d4:96:82:6d:54:29:91:36:dc:a7:a5:aa:
70:fb:a3:15:d3:e2:06:a3:89:a6:a0:73:84:30:3a:df:0a:7e:
b9:d5:23:1b:76:24:22:31:d5:36:1e:3e:d0:2a:ae:8c:76:a3:
60:f4:36:9f:89:a7:3a:22:33:3e:17:06:e9:23:08:06:9f:d6:
4c:d0:60:18:fc:d0:6d:d3:bd:e4:11:68:01:81:1d:6b:3f:81:
14:f4:82:db:e5:fe:e6:c5:18:9c:4c:9d:20:14:80:73:f9:2a:
7b:dd:02:90:68:56:6c:55:21:39:f7:50:f8:11:fa:50:d0:31:
13:70:3e:35:db:1e:af:24:21:1b:6d:60:5d:ce:ad:3c:a7:86:
26:23:b9:5a:8a:a7:90:d4:56:10:23:1a:57:f1:36:ed:69:e2:
af:6d:27:df:d1:6a:2c:c6:02:b7:28:9a:6b:3a:8f:db:1d:2b:
de:75:db:08:4f:24:0b:5b:a2:3a:c9:ff:8d:9f:90:4c:36:b8:
48:22:a2:e3:22:40:9b:90:43:c6:b7:b9:6f:9e:1f:30:34:26:
73:13:57:15:30:32:10:37:c2:47:b2:fc:68:36:aa:b7:27:54:
92:71:1b:16:72:78:de:70:b6:fa:55:d8:4a:19:b1:f8:cd:e0:
be:43:80:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdTsoXaQVgFGvL9NIrDm643MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNjA5MDc1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ1ZjEzNjNiMzBjZTYxZjVlNjJmYzk1ZGJkOGE5ZTMyNWVmMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiam4DAcVBJZmYX3IGhQ1lHR/YcU
k8xgxC4QnXxcKlGRzl0RAhLRwtfjhvoUaR/1Lv1ryG026n2Ay9hy56ZSdsyyP+Nc
mgdYnQUVdFDdcHTmp2L4bOZaQiiAejSuG4YC3xhjW6+s5tmnZ3dvwZdNt45MBC5w
DE5Le1otAddU5mFxjJtP00wjd7AaEtlfJTNGLUauJOcTaIIczMVLlq9u0NpmGfLY
LD8ZJ/utR6eIUENhpBmX9PeZX8t+HTksk82b0AsOEtGw9I+MUjhnldMdqbaJwEAS
N3B4DTfqzRErXHzqzDGGGisVmnxrEgL9Z+4t4H/5rIj5+jYx2KvhSg1DjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJTV8TY7MM5h9eYvyV29ip4yXvKLMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbE5YeE5qc3d6bUgxNWlfSlhiMktuakplOG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFT4RAAwQC
T4eIAwQFVeqgMA0GCSqGSIb3DQEBCwUAA4IBAQCxcUk2owHUloJtVCmRNtynpapw
+6MV0+IGo4mmoHOEMDrfCn651SMbdiQiMdU2Hj7QKq6MdqNg9Dafiac6IjM+Fwbp
IwgGn9ZM0GAY/NBt073kEWgBgR1rP4EU9ILb5f7mxRicTJ0gFIBz+Sp73QKQaFZs
VSE591D4EfpQ0DETcD412x6vJCEbbWBdzq08p4YmI7laiqeQ1FYQIxpX8TbtaeKv
bSff0WosxgK3KJprOo/bHSveddsITyQLW6I6yf+Nn5BMNrhIIqLjIkCbkEPGt7lv
nh8wNCZzE1cVMDIQN8JHsvxoNqq3J1SScRsWcnjecLb6VdhKGbH4zeC+Q4Dh
-----END CERTIFICATE-----
Generated at Tue Jun 17 21:46:10 2025 by rpki-client