Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PJEuPmNmH3a0vp7lSOTiL8KKkJU.roa
File: PJEuPmNmH3a0vp7lSOTiL8KKkJU.roa (raw, json)
Hash identifier: uecYhAVJI+MeTYwOGUStCDXbW0TFhKF8xqDFG+RjS48=
Subject key identifier: 3C:91:2E:3E:63:66:1F:76:B4:BE:9E:E5:48:E4:E2:2F:C2:8A:90:95
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01973A242BC54EE579648BC498B728F38F30
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PJEuPmNmH3a0vp7lSOTiL8KKkJU.roa
Signing time: Wed 04 Jun 2025 08:52:18 +0000
ROA not before: Wed 04 Jun 2025 08:52:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:24:2b:c5:4e:e5:79:64:8b:c4:98:b7:28:f3:8f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 4 08:52:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c912e3e63661f76b4be9ee548e4e22fc28a9095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:3c:25:61:51:f3:4e:f9:b8:b2:90:fe:49:
67:ae:a0:7c:cb:b4:68:26:de:c6:4c:bf:9f:49:fe:
53:c7:54:89:85:83:ea:21:8f:18:3e:2a:51:e4:80:
1c:3f:4e:01:eb:36:42:e3:f9:85:c8:1e:32:f1:a3:
5a:a9:74:b6:85:5f:31:7b:ca:a2:f3:6a:f8:ac:b3:
2d:8b:17:da:8c:2e:09:ef:97:4c:3d:99:e8:36:89:
26:3d:7e:3c:71:a4:c6:3a:97:07:ee:d1:d6:f9:e9:
aa:de:f9:59:59:cb:33:5b:64:fb:d8:3b:bd:6a:ef:
8e:ec:69:3f:4f:de:1d:cc:51:0d:46:91:21:97:75:
82:37:75:89:7b:b8:46:c6:db:ed:62:70:37:4b:9b:
c5:06:a5:44:35:13:4d:c2:6f:e1:f4:bb:3d:6d:a8:
11:47:e6:07:58:ce:8f:d0:17:84:c9:8b:59:3b:06:
96:10:e8:db:d7:10:99:26:6b:6e:85:88:32:6d:a4:
bc:c1:c7:7c:25:52:2b:6f:80:7e:02:3a:70:c1:77:
75:c2:53:6c:81:a7:2c:3a:4b:0b:ac:e4:1c:3e:b7:
9b:d7:ed:6a:66:f8:1b:ec:cc:59:12:86:f0:39:d0:
5c:67:0e:84:8e:ed:91:12:b5:06:84:aa:12:99:e3:
2e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:91:2E:3E:63:66:1F:76:B4:BE:9E:E5:48:E4:E2:2F:C2:8A:90:95
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/PJEuPmNmH3a0vp7lSOTiL8KKkJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
217.60.199.0/24
217.60.237.0-217.60.238.255
217.60.243.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e5:ba:37:da:91:7a:85:bc:da:4e:9d:d5:5e:f6:54:13:5f:
0d:9d:1a:19:3b:af:26:13:2b:dc:6a:8e:70:22:79:0c:b7:f2:
e0:04:1c:d3:c4:99:aa:5e:f7:ba:03:42:aa:2d:26:d9:06:9c:
2c:72:27:64:14:28:1d:98:90:95:01:94:38:ef:59:dc:6c:d6:
36:65:33:07:8e:a9:30:d7:a7:54:82:0c:7d:ee:cc:d1:30:38:
67:f0:02:fe:90:31:10:ed:26:89:d1:9e:7d:18:eb:45:32:58:
78:f5:06:f6:3b:ca:75:46:2d:93:a0:64:f6:16:fc:3d:4f:0d:
c9:f2:92:5e:9c:a3:bc:be:c0:e5:86:79:6d:2f:fb:8e:75:d5:
57:30:e0:22:c7:60:58:82:9f:30:23:27:ff:df:c7:69:c1:8d:
4a:f4:02:3d:a9:7a:4a:e1:b7:93:50:7f:73:f5:eb:a5:3a:ea:
a8:e3:df:94:14:59:1b:ad:99:e8:24:a5:93:a8:75:2c:72:8e:
68:12:bf:78:73:d5:00:b5:78:b8:d9:4b:97:36:0d:78:7a:4a:
bc:c0:29:3a:2e:ed:81:40:4a:9d:05:10:00:d1:07:a1:c2:e5:
6e:dd:c1:c5:3e:18:b4:ef:7f:a9:23:59:d9:ce:c2:c1:96:d4:
6b:fc:01:0f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZc6JCvFTuV5ZIvEmLco848wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjA0MDg1MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzkxMmUzZTYzNjYxZjc2YjRiZTllZTU0OGU0ZTIyZmMyOGE5MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4o8JWFR8075uLKQ/klnrqB8y7Ro
Jt7GTL+fSf5Tx1SJhYPqIY8YPipR5IAcP04B6zZC4/mFyB4y8aNaqXS2hV8xe8qi
82r4rLMtixfajC4J75dMPZnoNokmPX48caTGOpcH7tHW+emq3vlZWcszW2T72Du9
au+O7Gk/T94dzFENRpEhl3WCN3WJe7hGxtvtYnA3S5vFBqVENRNNwm/h9Ls9bagR
R+YHWM6P0BeEyYtZOwaWEOjb1xCZJmtuhYgybaS8wcd8JVIrb4B+AjpwwXd1wlNs
gacsOksLrOQcPreb1+1qZvgb7MxZEobwOdBcZw6Eju2RErUGhKoSmeMuNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDyRLj5jZh92tL6e5Ujk4i/CipCVMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUEpFdVBtTm1IM2EwdnA3bFNPVGlMOEtLa0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHzrtAwQA
2TzHMAwDBADZPO0DBADZPO4DBADZPPMwDQYJKoZIhvcNAQELBQADggEBADTlujfa
kXqFvNpOndVe9lQTXw2dGhk7ryYTK9xqjnAieQy38uAEHNPEmape97oDQqotJtkG
nCxyJ2QUKB2YkJUBlDjvWdxs1jZlMweOqTDXp1SCDH3uzNEwOGfwAv6QMRDtJonR
nn0Y60UyWHj1BvY7ynVGLZOgZPYW/D1PDcnykl6co7y+wOWGeW0v+4511Vcw4CLH
YFiCnzAjJ//fx2nBjUr0Aj2pekrht5NQf3P166U66qjj35QUWRutmegkpZOodSxy
jmgSv3hz1QC1eLjZS5c2DXh6SrzAKTou7YFASp0FEADRB6HC5W7dwcU+GLTvf6kj
WdnOwsGW1Gv8AQ8=
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:26:37 2025 by rpki-client