Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3dDw4FD01cHN9mDNIOv6f1BEx58.roa
File: 3dDw4FD01cHN9mDNIOv6f1BEx58.roa (raw, json)
Hash identifier: WdDcN4Xjrk4GRb1M63UMzZ1R3ows0uST31GzqqZtviM=
Subject key identifier: DD:D0:F0:E0:50:F4:D5:C1:CD:F6:60:CD:20:EB:FA:7F:50:44:C7:9F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01976CA27ED9E8AFE2DDA33CA1F32067065A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3dDw4FD01cHN9mDNIOv6f1BEx58.roa
Signing time: Sat 14 Jun 2025 04:11:18 +0000
ROA not before: Sat 14 Jun 2025 04:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.231.30.0/24 maxlen: 24
5.231.94.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.233.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 12:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:a2:7e:d9:e8:af:e2:dd:a3:3c:a1:f3:20:67:06:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 14 04:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd0f0e050f4d5c1cdf660cd20ebfa7f5044c79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d5:bc:e6:af:80:fb:0f:22:25:da:8c:8f:b8:
5e:1f:cc:c2:1c:5e:3f:57:5a:be:de:32:dd:c2:6a:
d0:af:26:a3:8d:8f:ce:4d:a7:a0:ba:bc:07:bb:e8:
f7:5f:47:da:74:09:bf:47:43:00:d4:49:f9:76:b8:
41:48:4b:2c:b2:3f:20:16:2c:ec:98:2d:33:eb:44:
b5:59:98:a1:17:0b:c1:9b:03:6d:57:89:ec:31:24:
cc:51:d1:c5:74:28:e0:d3:fb:26:d4:b5:ee:13:d1:
8b:05:15:5d:ae:d2:9d:11:0c:8b:13:a1:1d:37:14:
ab:75:fc:46:66:6b:72:10:34:29:1e:9f:be:ed:fb:
9e:83:5e:1c:aa:15:91:5b:31:be:b2:55:4c:7b:aa:
f0:24:d9:a0:0f:53:c7:e4:83:87:b2:23:54:91:f1:
14:83:ef:03:24:4e:d5:ce:1f:58:11:55:2a:ef:90:
68:a1:8a:fa:c7:f8:ec:52:93:5d:fd:f5:c9:db:0a:
00:3f:de:87:28:20:8e:6c:0a:cc:96:54:97:73:00:
1b:d2:01:44:b9:a9:4b:8f:a6:1f:d0:c1:b9:05:58:
45:c1:0b:43:db:a5:29:25:95:68:f6:3d:33:29:a1:
07:8e:09:6c:1a:f8:0d:6d:0e:58:30:87:cd:57:a4:
9a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D0:F0:E0:50:F4:D5:C1:CD:F6:60:CD:20:EB:FA:7F:50:44:C7:9F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3dDw4FD01cHN9mDNIOv6f1BEx58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.231.30.0/24
5.231.94.0/24
77.90.54.0/24
87.239.131.0/24
94.249.233.0/24
95.215.34.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:06:b8:4b:e1:34:a3:dd:b1:89:e8:53:79:a3:0f:5a:5c:35:
75:4b:07:cb:02:5e:76:99:63:aa:f6:e5:13:9f:e3:b3:91:0c:
a1:ef:be:de:71:01:02:7f:9a:ec:c8:8a:93:f3:76:6d:2d:35:
bb:98:ad:90:7e:64:6f:e2:67:97:58:5e:ab:45:6d:31:64:f3:
48:68:f7:9f:8e:e9:85:ea:45:a0:3a:1e:9c:3d:71:61:d7:ec:
a1:4d:20:17:93:7d:1c:94:fa:4e:21:b1:af:7e:fa:01:1b:26:
22:24:71:ba:94:08:12:64:7a:e1:b0:7a:ee:fa:e2:c6:0f:6d:
2b:57:81:21:ba:e1:8a:41:74:0d:fc:e6:23:44:d5:3a:67:7c:
78:af:78:c3:e7:f7:2b:71:4e:ef:b5:2a:a0:93:44:ac:f6:81:
7d:da:56:15:65:56:f6:d6:56:e4:6a:70:d6:06:20:3c:c9:ce:
ef:b1:51:13:55:52:b9:12:ba:32:f1:07:2d:1c:89:f6:2f:75:
55:7d:26:c5:ee:4d:fc:3a:47:13:2b:c7:f3:50:c7:98:98:00:
cb:cc:d1:26:61:18:46:e4:49:7e:f5:88:58:73:bc:ab:08:d3:
f7:ce:b4:36:05:f2:30:27:6a:75:14:df:02:f2:9d:49:57:04:
42:2b:76:07
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZdson7Z6K/i3aM8ofMgZwZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjE0MDQxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQwZjBlMDUwZjRkNWMxY2RmNjYwY2QyMGViZmE3ZjUwNDRjNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtW85q+A+w8iJdqMj7heH8zCHF4/
V1q+3jLdwmrQryajjY/OTaegurwHu+j3X0fadAm/R0MA1En5drhBSEsssj8gFizs
mC0z60S1WZihFwvBmwNtV4nsMSTMUdHFdCjg0/sm1LXuE9GLBRVdrtKdEQyLE6Ed
NxSrdfxGZmtyEDQpHp++7fueg14cqhWRWzG+slVMe6rwJNmgD1PH5IOHsiNUkfEU
g+8DJE7Vzh9YEVUq75BooYr6x/jsUpNd/fXJ2woAP96HKCCObArMllSXcwAb0gFE
ualLj6Yf0MG5BVhFwQtD26UpJZVo9j0zKaEHjglsGvgNbQ5YMIfNV6SazQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN3Q8OBQ9NXBzfZgzSDr+n9QRMefMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvM2REdzRGRDAxY0hOOW1ETklPdjZmMUJFeDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABVOBAwQA
BeceAwQABedeAwQATVo2AwQAV++DAwQAXvnpAwQAX9ciAwQA2UWmMA0GCSqGSIb3
DQEBCwUAA4IBAQDGBrhL4TSj3bGJ6FN5ow9aXDV1SwfLAl52mWOq9uUTn+OzkQyh
777ecQECf5rsyIqT83ZtLTW7mK2QfmRv4meXWF6rRW0xZPNIaPefjumF6kWgOh6c
PXFh1+yhTSAXk30clPpOIbGvfvoBGyYiJHG6lAgSZHrhsHru+uLGD20rV4EhuuGK
QXQN/OYjRNU6Z3x4r3jD5/crcU7vtSqgk0Ss9oF92lYVZVb21lbkanDWBiA8yc7v
sVETVVK5Eroy8QctHIn2L3VVfSbF7k38OkcTK8fzUMeYmADLzNEmYRhG5El+9YhY
c7yrCNP3zrQ2BfIwJ2p1FN8C8p1JVwRCK3YH
-----END CERTIFICATE-----
Generated at Sun Jun 15 21:18:41 2025 by rpki-client