Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/r2_uEzNLhBHjD8nrsm_28O-I61I.roa
File: r2_uEzNLhBHjD8nrsm_28O-I61I.roa (raw, json)
Hash identifier: MQGSyx9ipk0r/WYHwP9ZlzljWRWQN1rdWtX2fCTKqeI=
Subject key identifier: AF:6F:EE:13:33:4B:84:11:E3:0F:C9:EB:B2:6F:F6:F0:EF:88:EB:52
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 0196E733231CC67648FC009D251F051F503D
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/r2_uEzNLhBHjD8nrsm_28O-I61I.roa
Signing time: Mon 19 May 2025 06:20:10 +0000
ROA not before: Mon 19 May 2025 06:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6667
IP address blocks: 192.136.73.0/24 maxlen: 24
192.136.74.0/24 maxlen: 24
213.192.184.0/21 maxlen: 21
2001:670::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:33:23:1c:c6:76:48:fc:00:9d:25:1f:05:1f:50:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: May 19 06:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af6fee13334b8411e30fc9ebb26ff6f0ef88eb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c8:2e:f2:dc:fc:81:ef:0f:3e:85:1f:aa:0c:
8a:ae:9b:ce:dd:a9:a6:17:90:1d:eb:1c:12:5d:e5:
99:b7:39:f9:f1:b5:ae:a7:21:e4:2c:c4:80:af:12:
f6:65:26:72:68:aa:d6:e4:f4:30:31:88:e2:6e:78:
8c:ef:61:4d:22:22:1e:d0:9b:c9:c7:69:ff:07:16:
86:fd:a8:db:39:72:f9:02:0b:ff:35:35:7b:b2:c4:
94:1f:e6:05:80:71:15:e3:d5:e4:50:dd:0f:87:30:
46:3f:d4:cf:76:13:5f:30:52:7d:3e:c4:cb:05:a3:
61:9e:07:1a:56:38:31:b0:fa:80:df:45:ed:0e:45:
9e:21:38:e8:16:79:7b:c6:61:ec:46:70:a6:f8:ab:
a9:43:4d:79:b6:57:61:c7:21:71:f2:86:d7:3a:98:
38:d2:30:ef:3f:05:fb:88:d5:29:53:44:21:da:61:
ba:61:7e:c1:0e:93:53:78:71:3c:21:c0:78:72:3c:
74:6e:d0:ad:23:21:b7:78:85:4f:25:67:9c:6c:33:
79:a5:de:32:f6:86:17:e4:37:3f:03:75:06:c0:95:
69:a6:97:4d:72:ae:8e:d9:23:a2:cc:a9:3a:16:ab:
21:cb:fb:36:5f:76:1e:f8:a3:81:77:d5:31:26:55:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6F:EE:13:33:4B:84:11:E3:0F:C9:EB:B2:6F:F6:F0:EF:88:EB:52
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/r2_uEzNLhBHjD8nrsm_28O-I61I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.136.73.0-192.136.74.255
213.192.184.0/21
IPv6:
2001:670::/32
Signature Algorithm: sha256WithRSAEncryption
5c:a2:7f:e3:30:8e:ce:8f:f4:3c:dd:9f:de:9a:cc:98:f6:76:
40:a2:ba:02:c4:d8:a8:92:92:ac:ac:6c:5c:2f:6d:34:50:50:
33:89:84:5b:56:40:04:7d:19:d1:ba:2d:ce:e4:41:e3:58:1b:
cb:3e:f7:71:b0:32:11:30:0e:02:a8:f0:26:f3:cf:a2:b3:5b:
38:75:6c:39:fd:88:fd:3f:51:80:b7:bc:5d:35:c4:9c:03:4d:
04:b9:a0:92:ee:58:fa:b2:d3:0a:30:aa:5e:e8:7a:cd:e9:dc:
7a:79:c9:4d:57:32:c7:09:c8:b3:9f:79:6f:b3:66:c7:d9:da:
b1:a6:ad:8f:47:e4:dc:55:6d:68:d7:58:49:e0:9d:bc:80:d4:
a1:31:83:bb:76:c1:82:33:3e:8f:cd:1f:24:49:0f:5b:52:57:
ab:cb:a8:c4:d4:95:47:2f:8f:bf:38:86:aa:79:d6:8a:d5:ca:
c4:e8:4f:4a:03:46:e3:19:ec:dd:a4:43:fa:2b:df:c1:bf:b8:
c7:a5:6a:37:75:19:15:12:ed:1b:6a:84:80:f5:3a:e3:69:eb:
41:b1:dc:78:a6:22:c8:72:a0:2f:ab:2f:05:67:ff:b7:19:6d:
6b:5c:ea:fb:50:42:8e:cb:23:08:3b:3a:11:92:0c:f0:0a:89:
fe:71:e2:3b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbnMyMcxnZI/ACdJR8FH1A9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwNTE5MDYyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZmZWUxMzMzNGI4NDExZTMwZmM5ZWJiMjZmZjZmMGVmODhlYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcgu8tz8ge8PPoUfqgyKrpvO3amm
F5Ad6xwSXeWZtzn58bWupyHkLMSArxL2ZSZyaKrW5PQwMYjibniM72FNIiIe0JvJ
x2n/BxaG/ajbOXL5Agv/NTV7ssSUH+YFgHEV49XkUN0PhzBGP9TPdhNfMFJ9PsTL
BaNhngcaVjgxsPqA30XtDkWeITjoFnl7xmHsRnCm+KupQ015tldhxyFx8obXOpg4
0jDvPwX7iNUpU0Qh2mG6YX7BDpNTeHE8IcB4cjx0btCtIyG3eIVPJWecbDN5pd4y
9oYX5Dc/A3UGwJVpppdNcq6O2SOizKk6Fqshy/s2X3Ye+KOBd9UxJlWqiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFK9v7hMzS4QR4w/J67Jv9vDviOtSMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvcjJfdUV6TkxoQkhqRDhucnNtXzI4Ty1JNjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBADAiEkD
BADAiEoDBAPVwLgwDQQCAAIwBwMFACABBnAwDQYJKoZIhvcNAQELBQADggEBAFyi
f+Mwjs6P9Dzdn96azJj2dkCiugLE2KiSkqysbFwvbTRQUDOJhFtWQAR9GdG6Lc7k
QeNYG8s+93GwMhEwDgKo8Cbzz6KzWzh1bDn9iP0/UYC3vF01xJwDTQS5oJLuWPqy
0wowql7oes3p3Hp5yU1XMscJyLOfeW+zZsfZ2rGmrY9H5NxVbWjXWEngnbyA1KEx
g7t2wYIzPo/NHyRJD1tSV6vLqMTUlUcvj784hqp51orVysToT0oDRuMZ7N2kQ/or
38G/uMelajd1GRUS7RtqhID1OuNp60Gx3HimIshyoC+rLwVn/7cZbWtc6vtQQo7L
Iwg7OhGSDPAKif5x4js=
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:10:06 2025 by rpki-client