Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Rfet6sCDGn2gahsPH5d6fl9rJE.roa
File: 0Rfet6sCDGn2gahsPH5d6fl9rJE.roa (raw, json)
Hash identifier: gf/P2D91byV61hrdxwWt0GF/z0Fve7kLbaQRSY+RKdE=
Subject key identifier: D1:17:DE:B7:AB:02:0C:69:F6:81:A8:6C:3C:7E:5D:E9:F9:7D:AC:91
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0197215FCAD42358BBF38CE92B4C0F45AB07
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Rfet6sCDGn2gahsPH5d6fl9rJE.roa
Signing time: Fri 30 May 2025 13:26:55 +0000
ROA not before: Fri 30 May 2025 13:26:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207676
IP address blocks: 31.148.0.0/24 maxlen: 24
92.253.218.0/23 maxlen: 24
92.253.235.0/24 maxlen: 24
146.120.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:5f:ca:d4:23:58:bb:f3:8c:e9:2b:4c:0f:45:ab:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 30 13:26:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d117deb7ab020c69f681a86c3c7e5de9f97dac91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:20:ea:ca:e4:f6:3a:b6:36:df:27:a7:5c:
4a:46:d9:a9:84:25:35:c4:11:e8:73:54:07:2c:37:
e8:5a:d0:b5:22:59:6d:a4:ce:b3:43:38:30:79:20:
49:41:fe:0e:c7:05:c3:17:be:02:ea:b7:f2:07:90:
b1:a3:49:7a:fc:3d:1a:4a:ac:93:92:cd:f6:cd:01:
b6:59:72:0a:b2:61:6e:52:eb:d1:20:d5:e9:3f:8f:
3c:20:ec:51:24:15:0e:81:70:54:35:fa:e4:63:64:
5e:f2:8b:5f:04:0f:ed:f2:a4:00:e9:0f:2f:de:95:
96:c9:34:7d:b0:32:ba:30:fb:ec:5f:b3:22:c0:67:
20:58:db:9a:db:eb:ea:b9:80:22:09:80:e3:87:60:
48:11:35:d8:4a:de:af:ef:90:66:9d:42:70:3b:64:
6c:3a:7a:e4:97:81:6d:3b:b3:b9:5a:cb:6d:ff:c5:
ac:fb:33:47:b5:d4:36:8f:e2:24:76:1e:7a:55:77:
86:1c:44:8b:11:b6:e5:de:48:4f:60:10:0b:86:c2:
6e:90:f7:91:34:b5:f7:db:1b:26:db:69:b7:d8:b1:
48:89:cc:72:7c:be:88:b8:0c:63:ad:fe:61:a3:a7:
73:03:48:8f:32:b3:39:02:c1:d7:fa:7f:23:4c:5c:
84:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:17:DE:B7:AB:02:0C:69:F6:81:A8:6C:3C:7E:5D:E9:F9:7D:AC:91
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0Rfet6sCDGn2gahsPH5d6fl9rJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.0.0/24
92.253.218.0/23
92.253.235.0/24
146.120.110.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ce:dd:38:f3:e3:fe:18:f1:06:55:c8:97:87:ce:44:dc:84:
0e:be:73:e1:18:12:53:00:46:5d:df:5d:a9:10:ac:3d:d3:5d:
37:5c:fa:0f:87:d3:1d:6b:a9:95:84:f0:a5:33:c1:e9:d3:fb:
a6:39:49:ad:a2:e3:4b:0f:2d:97:5d:e1:6c:81:8a:5b:a3:fe:
8b:27:df:dc:fb:12:92:7d:f1:3a:61:ee:0f:ef:1c:e2:90:a9:
bc:26:ac:01:e4:b9:6a:71:db:1c:fe:3d:58:0e:29:99:e7:81:
30:e8:38:f0:a1:c1:61:97:14:3a:47:bc:b6:3d:4c:27:cb:73:
15:e2:41:df:fd:ac:a4:31:4b:0f:60:81:d7:9e:f3:81:5a:62:
6f:46:99:15:b8:f6:0c:8f:7b:76:70:20:c8:3c:3b:51:09:93:
aa:f5:f4:d0:e9:6e:5d:33:42:a5:65:15:41:8b:4b:dc:8d:77:
03:c4:2d:39:51:55:56:fa:81:bf:e9:f9:44:66:52:f7:20:f7:
8e:be:f0:af:79:df:e7:a4:d5:46:95:f6:9b:9c:4b:e2:42:5f:
c0:3e:4f:dd:d6:23:8d:d5:0b:a6:42:ef:16:b3:56:d2:64:a6:
77:3e:75:05:a7:5e:bc:4f:61:c9:39:39:09:6b:65:7a:95:08:
e3:d4:74:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZchX8rUI1i784zpK0wPRasHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNTMwMTMyNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTE3ZGViN2FiMDIwYzY5ZjY4MWE4NmMzYzdlNWRlOWY5N2RhYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp70g6srk9jq2Nt8np1xKRtmphCU1
xBHoc1QHLDfoWtC1IlltpM6zQzgweSBJQf4OxwXDF74C6rfyB5Cxo0l6/D0aSqyT
ks32zQG2WXIKsmFuUuvRINXpP488IOxRJBUOgXBUNfrkY2Re8otfBA/t8qQA6Q8v
3pWWyTR9sDK6MPvsX7MiwGcgWNua2+vquYAiCYDjh2BIETXYSt6v75BmnUJwO2Rs
Onrkl4FtO7O5Wstt/8Ws+zNHtdQ2j+Ikdh56VXeGHESLEbbl3khPYBALhsJukPeR
NLX32xsm22m32LFIicxyfL6IuAxjrf5ho6dzA0iPMrM5AsHX+n8jTFyEGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNEX3rerAgxp9oGobDx+Xen5fayRMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMFJmZXQ2c0NER24yZ2Foc1BINWQ2Zmw5ckpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH5QAAwQB
XP3aAwQAXP3rAwQAknhuMA0GCSqGSIb3DQEBCwUAA4IBAQBdzt048+P+GPEGVciX
h85E3IQOvnPhGBJTAEZd312pEKw90103XPoPh9Mda6mVhPClM8Hp0/umOUmtouNL
Dy2XXeFsgYpbo/6LJ9/c+xKSffE6Ye4P7xzikKm8JqwB5Llqcdsc/j1YDimZ54Ew
6DjwocFhlxQ6R7y2PUwny3MV4kHf/aykMUsPYIHXnvOBWmJvRpkVuPYMj3t2cCDI
PDtRCZOq9fTQ6W5dM0KlZRVBi0vcjXcDxC05UVVW+oG/6flEZlL3IPeOvvCved/n
pNVGlfabnEviQl/APk/d1iON1QumQu8Ws1bSZKZ3PnUFp168T2HJOTkJa2V6lQjj
1HTQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:42:17 2025 by rpki-client