Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oMq37hF6jS3jxF8w2kcE7Bx80Gk.roa
File: oMq37hF6jS3jxF8w2kcE7Bx80Gk.roa (raw, json)
Hash identifier: C4kO4TcTtTUNWAHRAEDxB15MHyeNZxsQvU7DpBhdHzw=
Subject key identifier: A0:CA:B7:EE:11:7A:8D:2D:E3:C4:5F:30:DA:47:04:EC:1C:7C:D0:69
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01975E10A2FDE9E9A71840123DC20EDD4508
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oMq37hF6jS3jxF8w2kcE7Bx80Gk.roa
Signing time: Wed 11 Jun 2025 08:17:18 +0000
ROA not before: Wed 11 Jun 2025 08:17:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 31.170.55.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.173.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:10:a2:fd:e9:e9:a7:18:40:12:3d:c2:0e:dd:45:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jun 11 08:17:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0cab7ee117a8d2de3c45f30da4704ec1c7cd069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:db:f0:7f:85:b1:dc:d6:5e:bb:33:ce:01:
d0:44:bd:4a:77:a5:0c:a4:08:aa:5c:77:0e:37:02:
25:f7:02:2a:47:27:7c:fe:f4:c6:48:a4:9b:d4:ac:
18:46:c7:57:f6:bf:69:bd:ae:7f:7a:ee:4a:dc:34:
a8:eb:8b:9c:4c:b5:be:e7:d7:21:53:20:4c:88:4a:
59:e1:f3:cb:e4:4c:7e:6c:e6:73:a3:e1:e3:68:18:
90:99:99:ef:2b:c1:ce:b3:8c:86:6b:13:c6:cc:a1:
fd:6e:ae:ca:ca:5d:21:0c:08:89:e8:14:88:98:6c:
af:87:de:75:90:f3:dd:67:91:36:44:12:99:07:c0:
29:25:a8:3d:9f:07:90:59:40:9e:42:76:3e:c9:98:
83:db:11:e4:2c:69:85:79:6f:d3:da:d5:91:41:93:
dd:bc:7d:bc:77:1f:cb:2a:f4:53:07:39:c3:4d:c2:
a1:dc:1c:18:d0:4c:63:44:b9:c8:83:51:4b:2c:bc:
8e:a6:dd:6a:0e:1c:46:f1:ad:bd:d6:28:7a:65:b9:
59:cb:5f:ab:7f:d4:2a:9a:f3:6c:a9:59:55:e1:33:
7a:fe:67:d9:c4:63:25:d6:85:19:2d:79:f0:48:6e:
f1:eb:1e:c7:b3:1c:29:f3:2d:25:67:1f:4b:9c:a8:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CA:B7:EE:11:7A:8D:2D:E3:C4:5F:30:DA:47:04:EC:1C:7C:D0:69
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oMq37hF6jS3jxF8w2kcE7Bx80Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.147.0/24
94.74.152.0/22
94.74.173.0/24
109.203.161.0/24
109.203.166.0/24
109.203.168.0/21
109.203.184.0/21
176.46.129.0-176.46.130.255
176.46.133.0-176.46.135.255
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
10:18:ad:ce:6b:13:86:9f:7b:c6:ff:d5:9c:9e:3b:8a:bc:0e:
6a:32:f7:7b:d5:ec:38:50:dd:3b:9e:9a:97:c8:7e:59:d6:d5:
08:ee:77:a7:ab:96:6c:ea:09:00:7e:42:19:4b:b9:49:0f:15:
d2:45:0f:48:a0:56:2e:e8:10:47:50:5a:c7:a9:81:2c:8b:f2:
da:8e:4f:09:4c:eb:6c:59:7f:95:bc:c3:c6:d1:1b:38:3d:d9:
57:7e:bd:ef:f9:a9:37:be:57:3e:ca:05:6d:b2:69:23:d9:a7:
13:91:21:f2:c7:8f:02:c7:a7:40:97:d4:b4:b4:25:c5:ba:f9:
87:26:45:92:65:b9:50:0a:8a:f4:f6:0c:3d:71:f5:08:63:47:
b4:73:46:2e:c2:2d:68:e4:c3:aa:96:b6:9e:bb:b2:2c:d0:a9:
c7:bb:8b:d5:f1:da:21:53:e5:bc:75:5e:6c:c7:24:d0:42:be:
d5:62:26:47:26:d3:c1:ea:c0:39:cb:c9:1b:ba:09:77:f7:49:
af:48:fe:32:af:f3:80:ed:6c:a5:8e:18:07:9d:e1:76:1b:ef:
6b:8f:a5:20:97:1c:34:6b:d4:5a:14:be:01:02:72:7e:59:c0:
5a:e9:5a:a9:ba:c1:a9:2d:6c:ad:b6:a0:92:d9:03:59:f1:0d:
aa:bb:38:c7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZdeEKL96emnGEASPcIO3UUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNjExMDgxNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNhYjdlZTExN2E4ZDJkZTNjNDVmMzBkYTQ3MDRlYzFjN2NkMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDTb8H+FsdzWXrszzgHQRL1Kd6UM
pAiqXHcONwIl9wIqRyd8/vTGSKSb1KwYRsdX9r9pva5/eu5K3DSo64ucTLW+59ch
UyBMiEpZ4fPL5Ex+bOZzo+HjaBiQmZnvK8HOs4yGaxPGzKH9bq7Kyl0hDAiJ6BSI
mGyvh951kPPdZ5E2RBKZB8ApJag9nweQWUCeQnY+yZiD2xHkLGmFeW/T2tWRQZPd
vH28dx/LKvRTBznDTcKh3BwY0ExjRLnIg1FLLLyOpt1qDhxG8a291ih6ZblZy1+r
f9QqmvNsqVlV4TN6/mfZxGMl1oUZLXnwSG7x6x7Hsxwp8y0lZx9LnKgLGQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFKDKt+4Reo0t48RfMNpHBOwcfNBpMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvb01xMzdoRjZqUzNqeEY4dzJrY0U3Qng4MEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAH6o3AwQA
JTGQAwQAJTGTAwQCXkqYAwQAXkqtAwQAbcuhAwQAbcumAwQDbcuoAwQDbcu4MAwD
BACwLoEDBACwLoIwDAMEALAuhQMEA7AugAMEALAukzANBgkqhkiG9w0BAQsFAAOC
AQEAEBitzmsThp97xv/VnJ47irwOajL3e9XsOFDdO56al8h+WdbVCO53p6uWbOoJ
AH5CGUu5SQ8V0kUPSKBWLugQR1Bax6mBLIvy2o5PCUzrbFl/lbzDxtEbOD3ZV369
7/mpN75XPsoFbbJpI9mnE5Eh8sePAsenQJfUtLQlxbr5hyZFkmW5UAqK9PYMPXH1
CGNHtHNGLsItaOTDqpa2nruyLNCpx7uL1fHaIVPlvHVebMck0EK+1WImRybTwerA
OcvJG7oJd/dJr0j+Mq/zgO1spY4YB53hdhvva4+lIJccNGvUWhS+AQJyflnAWula
qbrBqS1srbagktkDWfENqrs4xw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 07:02:07 2025 by rpki-client