Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/stpDfm6iNdDYaLxAEW54ErOGA3g.roa
File: stpDfm6iNdDYaLxAEW54ErOGA3g.roa (raw, json)
Hash identifier: 0TvfMldTzQqqOzNlOoBnIsJUFfnXCRYAaac2mQAq9jQ=
Subject key identifier: B2:DA:43:7E:6E:A2:35:D0:D8:68:BC:40:11:6E:78:12:B3:86:03:78
Certificate issuer: /CN=1fedc4c19e033a167e4af795d54e34b71ea093c6
Certificate serial: 0197076824A2DB525D27E72E9C3A81114B2A
Authority key identifier: 1F:ED:C4:C1:9E:03:3A:16:7E:4A:F7:95:D5:4E:34:B7:1E:A0:93:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/stpDfm6iNdDYaLxAEW54ErOGA3g.roa
Signing time: Sun 25 May 2025 12:25:54 +0000
ROA not before: Sun 25 May 2025 12:25:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34412
IP address blocks: 31.25.90.0/24 maxlen: 24
31.25.91.0/24 maxlen: 24
62.204.61.0/24 maxlen: 24
77.72.80.0/24 maxlen: 24
91.228.192.0/24 maxlen: 24
91.246.44.0/24 maxlen: 24
146.19.217.0/24 maxlen: 24
185.49.231.0/24 maxlen: 24
185.226.140.0/24 maxlen: 24
185.226.141.0/24 maxlen: 24
185.226.142.0/24 maxlen: 24
185.226.143.0/24 maxlen: 24
193.3.182.0/24 maxlen: 24
2a10:5740::/48 maxlen: 48
2a10:5740:1::/48 maxlen: 48
2a10:5740:2::/48 maxlen: 48
2a10:5740:3::/48 maxlen: 48
2a11:9b40::/48 maxlen: 48
2a11:9b40:1::/48 maxlen: 48
2a11:9b40:2::/48 maxlen: 48
2a11:9b40:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:68:24:a2:db:52:5d:27:e7:2e:9c:3a:81:11:4b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fedc4c19e033a167e4af795d54e34b71ea093c6
Validity
Not Before: May 25 12:25:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2da437e6ea235d0d868bc40116e7812b3860378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:19:99:8a:93:c7:b5:24:d8:26:97:55:c1:9e:
b9:7b:98:50:ff:a0:42:07:ea:7a:c2:2c:72:68:41:
91:2d:3d:d5:31:46:73:46:ff:2b:16:2a:63:04:fa:
3a:8a:03:10:8b:ca:b0:00:e2:cf:dc:a7:b3:4c:f8:
19:1c:0f:bc:d3:db:f5:3a:8b:a2:d4:2b:09:93:31:
1f:41:4b:77:5f:15:e7:d1:92:49:67:be:b6:a4:92:
29:96:68:0a:76:a9:31:ef:24:0b:e0:94:fc:25:b6:
77:4c:ec:a0:08:85:80:12:48:5b:da:4b:96:7b:2e:
fd:e8:df:b7:f3:a1:95:53:9c:91:c4:c1:82:d1:cf:
90:55:6b:78:89:5c:64:fe:9c:c2:34:6d:bc:60:85:
09:d9:e9:53:94:71:75:bc:8e:65:81:d4:1b:79:3b:
bb:c0:f7:ce:0f:4a:39:35:79:81:ee:96:62:6a:f3:
d9:72:a0:3b:4b:37:03:ad:f9:b4:56:89:55:57:fa:
00:90:96:d0:90:6b:36:87:a2:78:f2:54:81:fc:7f:
9c:ec:63:9f:aa:da:3e:79:25:1f:17:a8:57:a9:c9:
44:ce:3c:16:08:81:f6:b9:c6:95:1c:14:87:fd:55:
30:6a:f1:53:06:5d:23:ff:5a:8b:92:31:9b:f1:e7:
a1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DA:43:7E:6E:A2:35:D0:D8:68:BC:40:11:6E:78:12:B3:86:03:78
X509v3 Authority Key Identifier:
keyid:1F:ED:C4:C1:9E:03:3A:16:7E:4A:F7:95:D5:4E:34:B7:1E:A0:93:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/stpDfm6iNdDYaLxAEW54ErOGA3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/df91c3-d5b8-4a58-ae9e-2f879b5754e1/1/H-3EwZ4DOhZ-SveV1U40tx6gk8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.90.0/23
62.204.61.0/24
77.72.80.0/24
91.228.192.0/24
91.246.44.0/24
146.19.217.0/24
185.49.231.0/24
185.226.140.0/22
193.3.182.0/24
IPv6:
2a10:5740::/46
2a11:9b40::/46
Signature Algorithm: sha256WithRSAEncryption
02:29:55:cf:fc:95:bc:b4:44:46:b4:f2:46:a9:2a:c7:7a:53:
c7:80:5c:e5:63:f5:a1:cd:cf:0d:b2:47:80:d5:d6:59:5a:5f:
1d:c3:25:df:e9:c6:a0:d7:ca:db:20:36:50:da:92:a5:ea:53:
1c:bb:f6:04:78:2b:f8:15:e3:af:89:62:75:11:b7:fe:7e:4b:
85:b8:90:62:ab:a5:63:91:08:7f:66:45:b7:e2:ff:37:2c:94:
5f:4d:c8:2e:87:2d:29:0b:56:ff:25:e2:3b:f7:0f:69:91:69:
5b:dd:06:24:fc:c7:4b:c2:32:be:0d:a6:78:4b:6a:7f:d5:3b:
95:da:9d:fc:12:12:ad:10:7b:cd:60:f2:82:a6:0b:89:e6:c9:
d6:7b:d7:23:02:96:86:86:0d:d6:e5:07:f4:f9:fc:28:29:07:
68:77:fc:e3:43:54:33:cd:dd:ff:28:79:19:67:ae:8e:ea:42:
c4:83:f2:df:cf:a2:af:65:29:f8:fb:3b:c6:a2:2d:89:b2:3a:
ac:f9:6e:d4:7b:79:fb:d1:a1:8a:ce:bc:77:07:96:2b:0a:a8:
89:ac:7e:5d:c4:85:97:95:1a:a1:b0:87:02:f7:2f:4e:11:de:
77:64:9c:65:cf:97:39:e5:bb:2f:5c:6f:6b:c1:5b:5a:45:4c:
3e:00:10:01
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZcHaCSi21JdJ+cunDqBEUsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZWRjNGMxOWUwMzNhMTY3ZTRhZjc5NWQ1NGUzNGI3MWVh
MDkzYzYwHhcNMjUwNTI1MTIyNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRhNDM3ZTZlYTIzNWQwZDg2OGJjNDAxMTZlNzgxMmIzODYwMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBmZipPHtSTYJpdVwZ65e5hQ/6BC
B+p6wixyaEGRLT3VMUZzRv8rFipjBPo6igMQi8qwAOLP3KezTPgZHA+809v1Ooui
1CsJkzEfQUt3XxXn0ZJJZ762pJIplmgKdqkx7yQL4JT8JbZ3TOygCIWAEkhb2kuW
ey796N+386GVU5yRxMGC0c+QVWt4iVxk/pzCNG28YIUJ2elTlHF1vI5lgdQbeTu7
wPfOD0o5NXmB7pZiavPZcqA7SzcDrfm0VolVV/oAkJbQkGs2h6J48lSB/H+c7GOf
qto+eSUfF6hXqclEzjwWCIH2ucaVHBSH/VUwavFTBl0j/1qLkjGb8eeh8QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLLaQ35uojXQ2Gi8QBFueBKzhgN4MB8GA1UdIwQY
MBaAFB/txMGeAzoWfkr3ldVONLceoJPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC0zRXdaNERPaFotU3ZlVjFVNDB0eDZnazhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kZjkxYzMtZDViOC00YTU4LWFlOWUt
MmY4NzliNTc1NGUxLzEvc3RwRGZtNmlOZERZYUx4QUVXNTRFck9HQTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kZjkxYzMtZDViOC00YTU4LWFlOWUtMmY4NzliNTc1NGUx
LzEvSC0zRXdaNERPaFotU3ZlVjFVNDB0eDZnazhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQBHxlaAwQA
Psw9AwQATUhQAwQAW+TAAwQAW/YsAwQAkhPZAwQAuTHnAwQCueKMAwQAwQO2MBgE
AgACMBIDBwIqEFdAAAADBwIqEZtAAAAwDQYJKoZIhvcNAQELBQADggEBAAIpVc/8
lby0REa08kapKsd6U8eAXOVj9aHNzw2yR4DV1llaXx3DJd/pxqDXytsgNlDakqXq
Uxy79gR4K/gV46+JYnURt/5+S4W4kGKrpWORCH9mRbfi/zcslF9NyC6HLSkLVv8l
4jv3D2mRaVvdBiT8x0vCMr4NpnhLan/VO5XanfwSEq0Qe81g8oKmC4nmydZ71yMC
loaGDdblB/T5/CgpB2h3/ONDVDPN3f8oeRlnro7qQsSD8t/Poq9lKfj7O8aiLYmy
Oqz5btR7efvRoYrOvHcHlisKqImsfl3EhZeVGqGwhwL3L04R3ndknGXPlznluy9c
b2vBW1pFTD4AEAE=
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:20:33 2025 by rpki-client