Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JTkrSdEsOcQ6jVk5IgWW77pyOLM.roa
File: JTkrSdEsOcQ6jVk5IgWW77pyOLM.roa (raw, json)
Hash identifier: ZteAT0M3AlbQ20ohwTvqwmSA7ZVF1SoQkzpu1jmSj44=
Subject key identifier: 25:39:2B:49:D1:2C:39:C4:3A:8D:59:39:22:05:96:EF:BA:72:38:B3
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 01966B7C4CB07086EB01B40527D58A12C09B
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JTkrSdEsOcQ6jVk5IgWW77pyOLM.roa
Signing time: Fri 25 Apr 2025 05:47:10 +0000
ROA not before: Fri 25 Apr 2025 05:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42109
IP address blocks: 31.7.160.0/21 maxlen: 21
31.7.160.0/24 maxlen: 24
31.7.161.0/24 maxlen: 24
31.7.163.0/24 maxlen: 24
31.7.164.0/24 maxlen: 24
31.7.165.0/24 maxlen: 24
77.95.188.0/22 maxlen: 22
77.95.189.0/24 maxlen: 24
91.103.24.0/21 maxlen: 21
91.103.24.0/24 maxlen: 24
91.103.25.0/24 maxlen: 24
91.103.26.0/24 maxlen: 24
91.103.27.0/24 maxlen: 24
91.103.28.0/24 maxlen: 24
91.103.29.0/24 maxlen: 24
91.103.30.0/24 maxlen: 24
91.103.56.0/21 maxlen: 21
91.103.61.0/24 maxlen: 24
93.94.216.0/21 maxlen: 21
93.94.217.0/24 maxlen: 24
93.94.219.0/24 maxlen: 24
93.94.221.0/24 maxlen: 24
95.140.192.0/20 maxlen: 20
95.140.192.0/24 maxlen: 24
95.140.194.0/24 maxlen: 24
95.140.195.0/24 maxlen: 24
95.140.196.0/24 maxlen: 24
95.140.197.0/24 maxlen: 24
95.140.198.0/23 maxlen: 23
95.140.200.0/24 maxlen: 24
95.140.201.0/24 maxlen: 24
95.140.202.0/24 maxlen: 24
95.140.203.0/24 maxlen: 24
95.140.204.0/22 maxlen: 22
185.79.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 20:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:7c:4c:b0:70:86:eb:01:b4:05:27:d5:8a:12:c0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Apr 25 05:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25392b49d12c39c43a8d5939220596efba7238b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:15:23:03:5a:8d:f5:d3:68:81:c3:cc:a6:00:
8a:d1:15:e5:89:09:27:8f:82:48:64:72:ff:73:4f:
0f:b8:d9:ff:f7:9c:83:ec:85:ee:d5:ed:d9:7d:f9:
a2:6b:4b:0c:f1:0c:bb:c9:5a:aa:65:e6:f4:14:9d:
ef:3c:b7:84:ca:19:99:7e:4d:11:4b:37:75:48:9d:
c9:e6:40:18:3c:f1:73:cd:0a:38:36:cb:71:b6:3a:
df:22:29:e1:c5:51:d3:db:21:b5:21:19:03:4d:e1:
0c:f9:1d:ba:8e:e9:40:18:30:a4:4f:a2:3a:4e:07:
bd:02:3c:55:e9:a7:1e:6c:34:b2:5a:ae:fd:94:ec:
98:42:d0:d6:fe:f5:51:5b:85:9e:82:2c:4c:36:4c:
57:3f:14:be:8f:4c:d5:8c:2a:d8:bc:60:c1:8b:3e:
0d:5d:03:af:ce:4b:ba:2e:02:1c:3a:70:b7:7c:87:
d6:27:17:9e:83:41:f0:23:52:6a:62:2e:ec:e4:6c:
2d:54:7d:1a:4b:39:8c:ea:64:d3:d3:f1:d3:13:91:
6e:65:62:8f:92:8b:aa:f7:d6:db:9e:f3:fb:cf:78:
75:9b:b5:a8:b8:19:a9:74:d5:fd:86:32:dc:a4:b0:
65:13:3a:97:a0:0e:44:f0:38:fc:77:17:a8:59:4f:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:39:2B:49:D1:2C:39:C4:3A:8D:59:39:22:05:96:EF:BA:72:38:B3
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/JTkrSdEsOcQ6jVk5IgWW77pyOLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.160.0/21
77.95.188.0/22
91.103.24.0/21
91.103.56.0/21
93.94.216.0/21
95.140.192.0/20
185.79.0.0/24
Signature Algorithm: sha256WithRSAEncryption
38:5d:aa:b2:bf:af:e1:0d:4c:90:ee:6a:4d:dd:63:a4:86:0a:
ba:ad:27:96:a0:87:eb:b7:3a:03:0a:b0:3e:6c:4d:45:39:5f:
22:7a:b5:c2:dc:d7:dd:79:a4:cb:72:11:e5:0f:5a:4c:4d:ad:
01:d9:22:a5:8e:cc:7f:8c:60:ee:48:82:54:96:14:5c:aa:36:
cd:0a:12:26:98:c3:4c:82:6e:12:32:2b:96:a2:61:04:13:26:
e0:06:17:f6:ec:ae:f0:b6:8b:67:58:b5:e1:7a:07:a4:0b:8b:
5d:f2:c2:8a:50:80:ba:40:f9:cb:ba:06:69:1f:55:1b:a7:52:
30:d1:2a:ac:87:0c:86:1d:52:8e:b7:07:b2:53:d8:cb:04:6e:
a1:30:ab:8c:3e:b1:64:cc:96:c0:3d:18:1c:34:6c:b6:12:ff:
c2:b3:58:6a:33:f1:29:87:60:36:06:f2:bd:19:91:24:59:6f:
25:9e:42:96:98:89:7a:70:0c:f7:54:c1:5c:cf:64:9b:d0:9d:
eb:34:ce:aa:80:ba:a0:76:d6:fb:f4:ba:78:52:73:c3:36:d1:
a2:15:8e:f1:a2:5e:15:d6:14:00:1f:e7:66:eb:d4:2b:f8:3a:
8a:aa:b6:89:c8:23:43:13:f9:4e:a8:c3:e6:f9:42:6a:81:33:
1d:a2:77:87
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZrfEywcIbrAbQFJ9WKEsCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNDI1MDU0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM5MmI0OWQxMmMzOWM0M2E4ZDU5MzkyMjA1OTZlZmJhNzIzOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhUjA1qN9dNogcPMpgCK0RXliQkn
j4JIZHL/c08PuNn/95yD7IXu1e3Zffmia0sM8Qy7yVqqZeb0FJ3vPLeEyhmZfk0R
Szd1SJ3J5kAYPPFzzQo4NstxtjrfIinhxVHT2yG1IRkDTeEM+R26julAGDCkT6I6
Tge9AjxV6acebDSyWq79lOyYQtDW/vVRW4WegixMNkxXPxS+j0zVjCrYvGDBiz4N
XQOvzku6LgIcOnC3fIfWJxeeg0HwI1JqYi7s5GwtVH0aSzmM6mTT0/HTE5FuZWKP
kouq99bbnvP7z3h1m7WouBmpdNX9hjLcpLBlEzqXoA5E8Dj8dxeoWU9d+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCU5K0nRLDnEOo1ZOSIFlu+6cjizMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvSlRrclNkRXNPY1E2alZrNUlnV1c3N3B5T0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDHwegAwQC
TV+8AwQDW2cYAwQDW2c4AwQDXV7YAwQEX4zAAwQAuU8AMA0GCSqGSIb3DQEBCwUA
A4IBAQA4Xaqyv6/hDUyQ7mpN3WOkhgq6rSeWoIfrtzoDCrA+bE1FOV8ierXC3Nfd
eaTLchHlD1pMTa0B2SKljsx/jGDuSIJUlhRcqjbNChImmMNMgm4SMiuWomEEEybg
Bhf27K7wtotnWLXhegekC4td8sKKUIC6QPnLugZpH1Ubp1Iw0SqshwyGHVKOtwey
U9jLBG6hMKuMPrFkzJbAPRgcNGy2Ev/Cs1hqM/Eph2A2BvK9GZEkWW8lnkKWmIl6
cAz3VMFcz2Sb0J3rNM6qgLqgdtb79Lp4UnPDNtGiFY7xol4V1hQAH+dm69Qr+DqK
qraJyCNDE/lOqMPm+UJqgTMdoneH
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:50:25 2025 by rpki-client