Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/0SnEDSu2fch50mXfNCrgepjBXHI.roa
File: 0SnEDSu2fch50mXfNCrgepjBXHI.roa (raw, json)
Hash identifier: An4Aho4+/IQv1xSA0visBRO6r1aot3IcatgSZ0mIirs=
Subject key identifier: D1:29:C4:0D:2B:B6:7D:C8:79:D2:65:DF:34:2A:E0:7A:98:C1:5C:72
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01975B4DD0A83C5BF8C9337B0D23C23AF816
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/0SnEDSu2fch50mXfNCrgepjBXHI.roa
Signing time: Tue 10 Jun 2025 19:25:15 +0000
ROA not before: Tue 10 Jun 2025 19:25:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 92.51.21.0/24 maxlen: 24
92.51.36.0/24 maxlen: 24
92.51.37.0/24 maxlen: 24
92.51.44.0/24 maxlen: 24
92.51.45.0/24 maxlen: 24
92.51.46.0/24 maxlen: 24
92.51.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 16:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5b:4d:d0:a8:3c:5b:f8:c9:33:7b:0d:23:c2:3a:f8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jun 10 19:25:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d129c40d2bb67dc879d265df342ae07a98c15c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:0d:76:55:84:96:30:0e:cd:66:59:d7:2e:
a8:09:7b:e9:a4:11:4e:6e:21:bd:48:fb:64:ec:18:
af:5a:5d:84:f7:4b:33:46:85:a1:2b:d9:db:d7:ec:
02:83:91:f3:56:fd:a1:32:6a:9b:e2:70:17:e3:d6:
88:bf:8a:46:ff:15:1b:f7:14:c3:ec:f5:c5:43:b6:
ed:9a:28:ef:43:39:65:d0:e1:c6:b2:21:62:be:78:
80:12:6b:cc:70:08:51:a1:54:8e:d0:fe:be:f8:52:
8e:d7:68:93:dd:f2:9c:68:59:c0:89:97:cf:4c:f4:
8b:be:31:d5:00:94:15:d9:3b:8f:98:1e:58:8b:fc:
de:45:15:cb:78:07:04:7d:0e:55:ac:b5:0e:33:ad:
a7:fe:ac:09:ef:2e:9e:d8:f5:e4:36:a3:3a:5d:77:
0d:45:d6:ee:56:c8:ca:4d:7f:ce:d8:57:ee:98:9f:
c3:21:62:6a:79:86:5f:bc:c4:f2:89:dd:e2:3b:2a:
53:a9:b1:fb:86:bf:d0:e0:29:6b:7b:e4:d5:36:ac:
a4:e0:3e:7b:c9:d9:40:f1:20:ed:7d:f6:13:9a:97:
0f:60:80:85:c3:00:a1:eb:9f:b9:f5:09:07:19:76:
e3:d0:35:83:95:f0:11:68:fe:6f:8f:c7:45:d4:62:
a4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:29:C4:0D:2B:B6:7D:C8:79:D2:65:DF:34:2A:E0:7A:98:C1:5C:72
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/0SnEDSu2fch50mXfNCrgepjBXHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.21.0/24
92.51.36.0/23
92.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
08:70:c3:bc:8b:76:c4:c8:95:b1:2e:ac:0b:5e:df:91:3e:a8:
14:bc:71:6b:9c:f8:de:53:89:56:d9:56:a9:ac:30:28:34:72:
6b:e9:56:fd:96:ca:89:e6:85:6f:3a:a3:ba:5e:23:0a:78:1d:
c9:11:f7:94:04:98:13:cd:a2:34:2a:3c:f5:c6:08:c9:7a:34:
f5:72:d4:00:73:b2:5a:de:c5:09:80:0a:38:bb:eb:78:53:9c:
35:87:b9:bb:7b:1b:0f:66:ae:6e:28:b8:b1:f9:f8:d2:97:5b:
52:cd:2e:28:6a:34:c3:2e:99:c8:fa:ee:a2:df:9f:fd:0c:ba:
f1:17:b0:7b:d1:5e:97:c3:5e:08:39:34:0b:b7:40:fb:39:cf:
0e:71:78:60:17:74:a8:96:78:39:0a:56:68:18:34:99:fc:e3:
16:f3:a3:d0:f4:7a:24:13:a2:48:e7:98:5c:ed:a5:a3:c8:f7:
30:ba:74:f0:e5:27:bb:3d:c9:c7:01:f7:a4:16:53:12:89:93:
cd:35:48:1c:31:5e:c3:1f:60:d6:ef:4b:c3:57:0c:a4:93:65:
b6:a2:eb:d9:96:7a:c2:99:fd:49:5f:90:d6:88:a6:51:0c:3f:
bd:9a:ce:43:5b:3c:bf:91:89:3b:c3:eb:a2:2e:d4:bc:7d:6b:
f9:28:df:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdbTdCoPFv4yTN7DSPCOvgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwNjEwMTkyNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTI5YzQwZDJiYjY3ZGM4NzlkMjY1ZGYzNDJhZTA3YTk4YzE1YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCANdlWEljAOzWZZ1y6oCXvppBFO
biG9SPtk7BivWl2E90szRoWhK9nb1+wCg5HzVv2hMmqb4nAX49aIv4pG/xUb9xTD
7PXFQ7btmijvQzll0OHGsiFivniAEmvMcAhRoVSO0P6++FKO12iT3fKcaFnAiZfP
TPSLvjHVAJQV2TuPmB5Yi/zeRRXLeAcEfQ5VrLUOM62n/qwJ7y6e2PXkNqM6XXcN
RdbuVsjKTX/O2FfumJ/DIWJqeYZfvMTyid3iOypTqbH7hr/Q4Clre+TVNqyk4D57
ydlA8SDtffYTmpcPYICFwwCh65+59QkHGXbj0DWDlfARaP5vj8dF1GKkhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNEpxA0rtn3IedJl3zQq4HqYwVxyMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvMFNuRURTdTJmY2g1MG1YZk5DcmdlcGpCWEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXDMVAwQB
XDMkAwQCXDMsMA0GCSqGSIb3DQEBCwUAA4IBAQAIcMO8i3bEyJWxLqwLXt+RPqgU
vHFrnPjeU4lW2VaprDAoNHJr6Vb9lsqJ5oVvOqO6XiMKeB3JEfeUBJgTzaI0Kjz1
xgjJejT1ctQAc7Ja3sUJgAo4u+t4U5w1h7m7exsPZq5uKLix+fjSl1tSzS4oajTD
LpnI+u6i35/9DLrxF7B70V6Xw14IOTQLt0D7Oc8OcXhgF3Solng5ClZoGDSZ/OMW
86PQ9HokE6JI55hc7aWjyPcwunTw5Se7PcnHAfekFlMSiZPNNUgcMV7DH2DW70vD
Vwykk2W2ouvZlnrCmf1JX5DWiKZRDD+9ms5DWzy/kYk7w+uiLtS8fWv5KN+z
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:42:23 2025 by rpki-client