Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/2RgeE-CiFeO0yD1luB5ALfjqVZk.roa
File: 2RgeE-CiFeO0yD1luB5ALfjqVZk.roa (raw, json)
Hash identifier: bnZFWPaplzNOm5e9VKQO1aAQiDznKpeZc43AmwLJOpI=
Subject key identifier: D9:18:1E:13:E0:A2:15:E3:B4:C8:3D:65:B8:1E:40:2D:F8:EA:55:99
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 01975E554D221D51F1D7B3B50D91F6DC0283
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/2RgeE-CiFeO0yD1luB5ALfjqVZk.roa
Signing time: Wed 11 Jun 2025 09:32:17 +0000
ROA not before: Wed 11 Jun 2025 09:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
2a03:5d67::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:55:4d:22:1d:51:f1:d7:b3:b5:0d:91:f6:dc:02:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jun 11 09:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9181e13e0a215e3b4c83d65b81e402df8ea5599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:65:1d:0e:3f:bf:f8:9f:ba:19:bb:60:ac:b8:
34:86:d2:27:b5:f3:de:90:05:c5:94:7a:46:27:b4:
2d:4d:13:40:69:ce:16:80:fc:d4:a2:53:31:03:a4:
f6:0d:60:29:92:35:56:6c:9e:4f:47:be:a2:80:c5:
56:d2:69:77:ee:f5:b2:fa:63:f7:ab:4e:de:06:75:
41:56:b3:c6:e9:e9:9e:59:76:e2:05:e2:30:d2:0c:
ed:e1:86:3a:76:9a:cb:bc:78:af:67:2b:4c:b1:51:
cc:5c:3e:e2:ae:05:f6:e7:43:ae:bb:12:1c:50:2e:
82:19:20:60:c2:9b:fa:bd:94:ad:a1:9f:14:e1:a6:
3c:ad:4b:ab:97:c1:00:1c:13:c0:3a:54:4f:24:bb:
5e:fe:ed:bd:d5:67:b6:bc:6c:8f:79:99:9f:a4:24:
e5:34:c0:df:ae:8c:3b:34:20:bb:ca:c7:30:ce:61:
6c:43:d4:66:d9:9b:bf:7b:a1:1f:c8:a8:15:13:44:
9b:4f:4d:da:8b:38:ea:30:2c:38:31:69:6b:b4:24:
11:7e:ea:09:b2:88:e3:21:6a:13:e5:95:e2:c7:f8:
be:8f:24:58:6a:67:a0:12:d3:c8:1c:d3:6f:13:97:
8e:7d:e7:68:ec:b3:77:d6:4f:ae:a8:e5:33:74:34:
9b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:18:1E:13:E0:A2:15:E3:B4:C8:3D:65:B8:1E:40:2D:F8:EA:55:99
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/2RgeE-CiFeO0yD1luB5ALfjqVZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0/18
IPv6:
2a03:5d67::/32
Signature Algorithm: sha256WithRSAEncryption
52:fa:cb:b6:70:c6:01:65:16:97:12:55:1f:f8:9a:5e:bb:94:
c1:62:53:9b:ee:cf:da:b1:0e:5e:c3:34:4f:17:81:ab:ee:88:
0f:1c:41:d6:f6:66:96:28:85:d1:55:66:b6:8f:c3:71:f6:90:
ff:f0:dc:0e:40:6e:df:44:0c:54:c0:08:fe:d4:8a:c1:e2:cc:
7e:39:bc:eb:1e:c6:05:47:e7:74:b5:a0:df:f2:ae:2e:dd:80:
dc:44:38:55:a1:3a:dc:53:da:0b:ab:34:df:bf:61:e8:3b:26:
79:03:13:ce:b1:30:a3:4b:01:4c:84:78:a6:8c:07:80:0c:c4:
ef:d0:79:e5:86:5f:06:55:78:9b:c6:5b:92:c8:fe:07:26:98:
3e:39:b3:9e:96:0d:01:6d:1c:dd:f2:e4:8f:b0:f7:c0:1b:32:
8f:a5:2f:4f:79:ae:8b:f4:08:1f:db:5b:f1:76:71:f1:e7:4b:
c8:a7:53:9e:2b:8c:3d:02:cf:d5:d2:a8:c3:9c:a6:35:fc:66:
c3:f7:d0:09:99:29:ed:cd:d6:1b:cb:52:89:2e:e5:73:1e:9b:
c1:2c:c9:be:37:4f:87:39:47:ba:e4:82:9f:86:68:6c:4f:6c:
ea:04:2d:44:c3:34:91:cb:75:c3:71:53:8f:cf:65:6c:69:ad:
29:1f:0e:e8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZdeVU0iHVHx17O1DZH23AKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjUwNjExMDkzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE4MWUxM2UwYTIxNWUzYjRjODNkNjViODFlNDAyZGY4ZWE1NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WUdDj+/+J+6GbtgrLg0htIntfPe
kAXFlHpGJ7QtTRNAac4WgPzUolMxA6T2DWApkjVWbJ5PR76igMVW0ml37vWy+mP3
q07eBnVBVrPG6emeWXbiBeIw0gzt4YY6dprLvHivZytMsVHMXD7irgX250OuuxIc
UC6CGSBgwpv6vZStoZ8U4aY8rUurl8EAHBPAOlRPJLte/u291We2vGyPeZmfpCTl
NMDfrow7NCC7yscwzmFsQ9Rm2Zu/e6EfyKgVE0SbT03aizjqMCw4MWlrtCQRfuoJ
sojjIWoT5ZXix/i+jyRYamegEtPIHNNvE5eOfedo7LN31k+uqOUzdDSbYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNkYHhPgohXjtMg9ZbgeQC346lWZMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvMlJnZUUtQ2lGZU8weUQxbHVCNUFMZmpxVlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAeR4IAD
BAWR4MADBAajTIAwDQQCAAIwBwMFACoDXWcwDQYJKoZIhvcNAQELBQADggEBAFL6
y7ZwxgFlFpcSVR/4ml67lMFiU5vuz9qxDl7DNE8XgavuiA8cQdb2ZpYohdFVZraP
w3H2kP/w3A5Abt9EDFTACP7UisHizH45vOsexgVH53S1oN/yri7dgNxEOFWhOtxT
2gurNN+/Yeg7JnkDE86xMKNLAUyEeKaMB4AMxO/QeeWGXwZVeJvGW5LI/gcmmD45
s56WDQFtHN3y5I+w98AbMo+lL095rov0CB/bW/F2cfHnS8inU54rjD0Cz9XSqMOc
pjX8ZsP30AmZKe3N1hvLUoku5XMem8Esyb43T4c5R7rkgp+GaGxPbOoELUTDNJHL
dcNxU4/PZWxprSkfDug=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:56:53 2025 by rpki-client