Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AdVUhSP0numShS99MUQPkCZotv0.roa
File: AdVUhSP0numShS99MUQPkCZotv0.roa (raw, json)
Hash identifier: VPckaDf98KhBGJLG1RV+oJhapon3yvz2vkgMvMbnY3Y=
Subject key identifier: 01:D5:54:85:23:F4:9E:E9:92:85:2F:7D:31:44:0F:90:26:68:B6:FD
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0197585D4AC72D75020BDCFB6C8A42E13CAB
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AdVUhSP0numShS99MUQPkCZotv0.roa
Signing time: Tue 10 Jun 2025 05:43:18 +0000
ROA not before: Tue 10 Jun 2025 05:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39838
IP address blocks: 89.42.112.0/23 maxlen: 23
141.136.56.0/21 maxlen: 21
217.26.188.0/22 maxlen: 22
217.76.247.0/24 maxlen: 24
2a0a:e9c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:5d:4a:c7:2d:75:02:0b:dc:fb:6c:8a:42:e1:3c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 10 05:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01d5548523f49ee992852f7d31440f902668b6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:32:a5:7a:d2:9f:31:b2:13:e5:f1:83:f9:
65:02:45:48:94:42:76:16:88:94:7a:87:47:56:08:
ce:b3:a2:2a:a9:7c:4a:63:c7:80:ad:74:79:17:f3:
a2:f7:27:25:a7:ef:5b:52:5b:7e:c5:ad:23:dc:bf:
e0:88:22:56:74:86:f7:f5:26:8e:20:19:71:4e:82:
b0:f0:b3:e7:92:d2:4b:db:ba:43:85:9a:33:f8:d2:
c1:c3:1e:a8:7b:19:a9:bd:92:27:26:9d:c7:8b:95:
55:ba:81:ef:13:f5:76:f9:f3:8e:21:d1:64:1c:26:
7c:f6:c2:23:37:89:27:ce:62:fd:8b:58:66:94:c5:
58:68:e5:2b:2d:5d:60:0d:5c:fd:54:1d:5a:de:c8:
b0:87:55:41:89:b5:3c:95:95:cd:9f:38:a0:0f:2a:
28:6c:06:a8:75:59:0a:6a:b8:e6:25:d8:47:63:e5:
01:7b:49:6b:af:cb:99:d5:3c:95:5b:ad:ea:6c:87:
14:1d:05:e6:da:16:ac:c0:e4:1e:71:d1:1f:16:c9:
76:36:15:63:c1:f8:d2:a3:1b:a0:1d:7b:30:f8:83:
f7:42:fd:e8:08:3e:4a:68:5e:92:c7:2d:c0:ab:93:
53:94:f0:12:44:9c:90:5f:c0:58:bb:81:8a:5e:ac:
1a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D5:54:85:23:F4:9E:E9:92:85:2F:7D:31:44:0F:90:26:68:B6:FD
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AdVUhSP0numShS99MUQPkCZotv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.112.0/23
141.136.56.0/21
217.26.188.0/22
217.76.247.0/24
IPv6:
2a0a:e9c3::/32
Signature Algorithm: sha256WithRSAEncryption
36:8a:7d:84:ff:97:4e:a5:3a:c7:01:81:27:96:a6:b4:46:35:
30:2d:a4:e5:ff:6d:a2:ff:c6:49:10:5e:e9:17:29:95:53:79:
05:bd:2b:7b:03:96:b3:c7:98:4e:4a:a7:d4:aa:1b:79:64:ca:
f1:09:a9:34:db:1c:36:b8:5b:f6:0b:49:67:1e:05:87:59:a9:
88:a7:f7:a9:69:0e:0e:34:44:53:d2:3f:6a:48:32:10:bf:e2:
07:bd:fb:d3:77:aa:35:ce:5d:89:88:e7:ad:d1:6b:c7:1a:24:
58:bc:ed:a7:89:34:03:88:97:25:9f:1f:32:f5:db:cd:3e:f6:
f5:36:f6:d8:b7:36:a7:0c:d4:f8:f4:c2:32:65:42:42:61:45:
a8:4d:6f:9e:97:d1:e6:1c:2f:ff:bb:1e:a7:2e:49:00:ea:f0:
c2:0d:99:25:18:ca:6c:77:04:c2:88:bc:b9:6a:d3:54:20:b7:
fa:7e:69:f8:e1:14:ce:4f:43:5f:e1:e5:ea:3a:70:cb:3a:b0:
b5:6a:67:39:47:57:c2:95:54:8a:2c:e4:cf:14:bc:c0:53:c4:
7a:4d:6e:13:08:bc:e4:35:bc:a1:42:08:51:b7:4c:51:07:36:
a3:ba:0a:6d:3e:e3:fa:76:ad:a5:26:b2:d9:a1:61:d9:df:ee:
ae:73:bf:6e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZdYXUrHLXUCC9z7bIpC4TyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNjEwMDU0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ1NTQ4NTIzZjQ5ZWU5OTI4NTJmN2QzMTQ0MGY5MDI2NjhiNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMsypXrSnzGyE+Xxg/llAkVIlEJ2
FoiUeodHVgjOs6IqqXxKY8eArXR5F/Oi9yclp+9bUlt+xa0j3L/giCJWdIb39SaO
IBlxToKw8LPnktJL27pDhZoz+NLBwx6oexmpvZInJp3Hi5VVuoHvE/V2+fOOIdFk
HCZ89sIjN4knzmL9i1hmlMVYaOUrLV1gDVz9VB1a3siwh1VBibU8lZXNnzigDyoo
bAaodVkKarjmJdhHY+UBe0lrr8uZ1TyVW63qbIcUHQXm2haswOQecdEfFsl2NhVj
wfjSoxugHXsw+IP3Qv3oCD5KaF6Sxy3Aq5NTlPASRJyQX8BYu4GKXqwakQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAHVVIUj9J7pkoUvfTFED5AmaLb9MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQWRWVWhTUDBudW1TaFM5OU1VUVBrQ1pvdHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBWSpwAwQD
jYg4AwQC2Rq8AwQA2Uz3MA0EAgACMAcDBQAqCunDMA0GCSqGSIb3DQEBCwUAA4IB
AQA2in2E/5dOpTrHAYEnlqa0RjUwLaTl/22i/8ZJEF7pFymVU3kFvSt7A5azx5hO
SqfUqht5ZMrxCak02xw2uFv2C0lnHgWHWamIp/epaQ4ONERT0j9qSDIQv+IHvfvT
d6o1zl2JiOet0WvHGiRYvO2niTQDiJclnx8y9dvNPvb1NvbYtzanDNT49MIyZUJC
YUWoTW+el9HmHC//ux6nLkkA6vDCDZklGMpsdwTCiLy5atNUILf6fmn44RTOT0Nf
4eXqOnDLOrC1amc5R1fClVSKLOTPFLzAU8R6TW4TCLzkNbyhQghRt0xRBzajugpt
PuP6dq2lJrLZoWHZ3+6uc79u
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:16:30 2025 by rpki-client