Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/tuLehSOy-qAFQeskzDC9g5qQP28.roa
File: tuLehSOy-qAFQeskzDC9g5qQP28.roa (raw, json)
Hash identifier: PI1JhY3WzMR4z9FpYAEO5831pX148zh5gBmaERfINeo=
Subject key identifier: B6:E2:DE:85:23:B2:FA:A0:05:41:EB:24:CC:30:BD:83:9A:90:3F:6F
Certificate issuer: /CN=d547cf9f27767477120b1d3b26cc57a61099a724
Certificate serial: 0196F12BA03B33643AF3334008ACCF0DF275
Authority key identifier: D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/tuLehSOy-qAFQeskzDC9g5qQP28.roa
Signing time: Wed 21 May 2025 04:48:10 +0000
ROA not before: Wed 21 May 2025 04:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47705
IP address blocks: 109.197.166.0/23 maxlen: 23
176.97.56.0/21 maxlen: 21
176.97.63.0/24 maxlen: 24
192.162.208.0/22 maxlen: 22
192.162.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 23:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:2b:a0:3b:33:64:3a:f3:33:40:08:ac:cf:0d:f2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d547cf9f27767477120b1d3b26cc57a61099a724
Validity
Not Before: May 21 04:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6e2de8523b2faa00541eb24cc30bd839a903f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:c9:07:bf:d4:f9:1e:ea:16:69:31:62:70:
08:45:c5:07:1b:ac:87:9a:f8:22:90:b4:33:2b:0f:
0e:b2:6a:70:64:93:02:1e:5a:ee:9f:62:bb:c3:43:
47:38:45:1b:35:1f:6a:56:82:4e:d0:c0:c9:b2:ed:
84:57:5a:e6:ab:c5:60:59:f6:4a:0a:2c:a2:a2:ef:
72:0c:42:42:a4:37:91:5d:e1:33:e2:a9:7c:ea:8f:
03:e4:40:54:1c:13:1e:7b:e8:65:98:17:5f:56:97:
c0:c1:11:86:e9:d4:ec:f2:a4:f1:fa:cb:93:0e:8b:
86:3e:2b:09:61:dd:b6:92:7e:92:4c:84:a9:09:5c:
01:92:cf:e9:72:31:66:2b:bb:a8:42:40:34:8d:00:
24:b0:1b:63:42:d4:39:5e:19:aa:18:d8:7f:4a:dd:
a3:79:f6:ef:96:56:67:bd:8f:0a:76:2f:18:da:69:
ea:72:d6:a5:fb:70:7b:a2:1a:02:c1:5d:4d:c4:bd:
7d:20:34:b8:60:85:d6:90:98:f5:80:43:08:0a:dd:
c3:e8:7d:ac:88:d8:5d:eb:27:89:fa:3b:28:4d:12:
8b:82:40:0e:8b:ae:21:30:ff:47:b5:a2:df:79:59:
ab:f0:2b:34:90:5d:e4:c3:a0:fa:e1:9f:7d:6a:42:
79:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E2:DE:85:23:B2:FA:A0:05:41:EB:24:CC:30:BD:83:9A:90:3F:6F
X509v3 Authority Key Identifier:
keyid:D5:47:CF:9F:27:76:74:77:12:0B:1D:3B:26:CC:57:A6:10:99:A7:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1UfPnyd2dHcSCx07JsxXphCZpyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/tuLehSOy-qAFQeskzDC9g5qQP28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/063e59-9e94-4e91-8b7e-6f4de020aae6/1/1UfPnyd2dHcSCx07JsxXphCZpyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.166.0/23
176.97.56.0/21
192.162.208.0/22
Signature Algorithm: sha256WithRSAEncryption
64:b6:8f:61:11:30:70:88:c9:36:1a:b9:09:9c:40:2a:89:b6:
b8:c3:ab:b0:4f:0b:e7:c7:a1:ba:2b:61:b5:36:8e:f3:81:12:
79:2e:24:0f:66:34:10:f6:f0:a4:db:0b:1f:0d:35:a2:95:f6:
23:9e:82:2f:40:89:89:c6:1c:f5:77:b4:0e:75:d6:4e:4a:e6:
3a:5f:19:c1:32:de:04:a3:ac:d3:f6:86:ba:d2:2c:55:cd:81:
67:4f:ed:8f:1f:5f:36:6d:20:5a:c8:11:e9:51:2b:55:71:67:
db:10:64:b9:29:71:5a:c9:93:44:4a:ae:24:18:59:bd:3e:a7:
ed:a1:0a:90:83:43:05:74:dd:4e:5d:5c:f9:94:95:19:51:dd:
d1:af:d1:93:79:97:5d:3f:ad:20:a5:2d:17:99:61:33:75:38:
b0:2d:e7:24:dd:84:6b:23:70:57:7d:5b:8b:b6:8b:14:17:57:
4b:c3:df:3c:d8:76:b9:a6:38:d6:1c:54:ae:91:dd:85:0b:a7:
cf:bf:c6:74:5b:00:a3:ce:20:92:8b:4e:64:70:92:07:5a:9e:
57:b1:89:48:eb:65:83:c5:22:74:16:1c:02:46:87:a6:ed:7d:
c1:ea:a1:5f:0f:e3:66:5a:f8:c0:cd:80:37:b1:a8:12:ba:00:
f1:e8:a3:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbxK6A7M2Q68zNACKzPDfJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NDdjZjlmMjc3Njc0NzcxMjBiMWQzYjI2Y2M1N2E2MTA5
OWE3MjQwHhcNMjUwNTIxMDQ0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmUyZGU4NTIzYjJmYWEwMDU0MWViMjRjYzMwYmQ4MzlhOTAzZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8jJB7/U+R7qFmkxYnAIRcUHG6yH
mvgikLQzKw8OsmpwZJMCHlrun2K7w0NHOEUbNR9qVoJO0MDJsu2EV1rmq8VgWfZK
Ciyiou9yDEJCpDeRXeEz4ql86o8D5EBUHBMee+hlmBdfVpfAwRGG6dTs8qTx+suT
DouGPisJYd22kn6STISpCVwBks/pcjFmK7uoQkA0jQAksBtjQtQ5XhmqGNh/St2j
efbvllZnvY8Kdi8Y2mnqctal+3B7ohoCwV1NxL19IDS4YIXWkJj1gEMICt3D6H2s
iNhd6yeJ+jsoTRKLgkAOi64hMP9HtaLfeVmr8Cs0kF3kw6D64Z99akJ53wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLbi3oUjsvqgBUHrJMwwvYOakD9vMB8GA1UdIwQY
MBaAFNVHz58ndnR3EgsdOybMV6YQmackMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2Ut
NmY0ZGUwMjBhYWU2LzEvdHVMZWhTT3ktcUFGUWVza3pEQzlnNXFRUDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wNjNlNTktOWU5NC00ZTkxLThiN2UtNmY0ZGUwMjBhYWU2
LzEvMVVmUG55ZDJkSGNTQ3gwN0pzeFhwaENacHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbcWmAwQD
sGE4AwQCwKLQMA0GCSqGSIb3DQEBCwUAA4IBAQBkto9hETBwiMk2GrkJnEAqiba4
w6uwTwvnx6G6K2G1No7zgRJ5LiQPZjQQ9vCk2wsfDTWilfYjnoIvQImJxhz1d7QO
ddZOSuY6XxnBMt4Eo6zT9oa60ixVzYFnT+2PH182bSBayBHpUStVcWfbEGS5KXFa
yZNESq4kGFm9PqftoQqQg0MFdN1OXVz5lJUZUd3Rr9GTeZddP60gpS0XmWEzdTiw
Leck3YRrI3BXfVuLtosUF1dLw9882Ha5pjjWHFSukd2FC6fPv8Z0WwCjziCSi05k
cJIHWp5XsYlI62WDxSJ0FhwCRoem7X3B6qFfD+NmWvjAzYA3sagSugDx6KOb
-----END CERTIFICATE-----
Generated at Thu Jun 19 04:35:59 2025 by rpki-client