Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/ooxM8hOuA4nDiPGuXdRPUtGWDNc.roa
File: ooxM8hOuA4nDiPGuXdRPUtGWDNc.roa (raw, json)
Hash identifier: UVNYNaiATl6QNf4jCjl5sMnfaTAqR1Ab6A7SsRKEAJo=
Subject key identifier: A2:8C:4C:F2:13:AE:03:89:C3:88:F1:AE:5D:D4:4F:52:D1:96:0C:D7
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 0196FDC3E0FF9F25EC6DABBC00EF63FFF482
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/ooxM8hOuA4nDiPGuXdRPUtGWDNc.roa
Signing time: Fri 23 May 2025 15:29:54 +0000
ROA not before: Fri 23 May 2025 15:29:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 84.22.67.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.247.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:c3:e0:ff:9f:25:ec:6d:ab:bc:00:ef:63:ff:f4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: May 23 15:29:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a28c4cf213ae0389c388f1ae5dd44f52d1960cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f9:be:1d:2b:0e:4b:9a:ec:a6:56:a6:95:2b:
2e:38:a1:18:ec:c8:18:a2:d7:55:a6:d7:52:e3:9c:
ec:32:6f:25:3a:b0:64:0e:c2:0d:fb:20:5e:2e:f0:
4e:9d:92:8c:6d:26:54:30:83:89:fe:9b:0a:c9:2d:
1e:db:43:ed:32:d4:7a:d4:66:28:76:5b:54:e7:7f:
03:11:a6:9d:24:ec:5d:46:0e:3c:4b:36:dd:a6:15:
56:3b:eb:44:ac:7e:6f:83:81:85:ea:36:eb:66:ac:
a6:18:da:a6:13:be:8a:4d:f5:65:03:cc:a5:f8:be:
07:94:76:ad:15:d5:24:18:68:e8:c6:e9:57:75:b7:
5f:e2:ff:2c:f9:47:9f:f5:d9:3e:ac:41:83:5d:61:
d1:05:51:5c:59:15:21:28:ce:1d:42:d7:d9:71:fa:
88:7e:ab:d1:e1:ce:ca:c4:3a:e0:2b:b2:45:5a:0b:
41:41:47:c8:4c:93:4c:e4:14:9f:e0:40:fe:73:e9:
14:3c:3a:5f:3b:c0:cc:b2:53:7d:75:4e:01:0a:5e:
34:7b:1a:ed:52:21:d2:8a:12:39:d9:bd:2c:de:51:
bf:a2:b3:93:e8:6f:fa:d3:9e:da:8b:c1:49:ee:91:
73:c1:68:a5:9c:c7:38:64:73:b0:66:3b:d3:82:3d:
84:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8C:4C:F2:13:AE:03:89:C3:88:F1:AE:5D:D4:4F:52:D1:96:0C:D7
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/ooxM8hOuA4nDiPGuXdRPUtGWDNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.67.0/24
84.22.86.0/24
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.247.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:7e:23:a0:fe:d8:41:d4:13:74:d5:49:f5:f9:27:72:7c:5a:
73:49:a8:00:9e:55:46:17:a6:c5:e9:8f:e8:b6:67:10:2f:db:
0f:1f:fc:3e:49:e4:c1:83:ac:94:66:cf:64:b2:93:85:0c:ec:
0d:c5:da:30:50:48:2d:b8:95:c0:b5:71:95:66:c4:b4:0b:c3:
09:6a:f1:f7:1a:46:65:dc:79:a3:0e:ba:62:17:d2:b4:6e:97:
17:2b:6e:b0:f7:99:f3:70:0b:dd:45:96:b9:bc:73:a7:3d:fa:
49:d5:85:62:af:0d:27:b0:e5:bf:8a:d7:c7:ed:80:ab:61:2d:
63:58:6d:b8:0c:e9:f3:82:47:b0:b1:2b:bc:04:8a:b4:1b:37:
fd:e2:f8:70:45:ec:d5:21:0e:84:1c:8c:ff:12:05:a2:0b:5a:
0a:c4:bc:bd:5c:28:f7:d5:2e:0a:c3:bf:31:a3:69:dc:14:66:
72:f3:69:25:fe:05:12:3b:ab:ae:5a:cc:1e:67:19:72:84:04:
82:41:03:e0:5c:96:a6:23:14:b5:4f:f1:69:42:5a:5e:1e:ff:
29:79:98:c7:2b:9e:89:49:8d:43:f8:64:a3:d3:3d:c8:0d:4a:
9b:93:66:98:87:66:1f:5a:a6:d8:63:e6:d3:2b:a8:9b:dc:48:
5d:d7:e4:30
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZb9w+D/nyXsbau8AO9j//SCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNTIzMTUyOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjhjNGNmMjEzYWUwMzg5YzM4OGYxYWU1ZGQ0NGY1MmQxOTYwY2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/m+HSsOS5rsplamlSsuOKEY7MgY
otdVptdS45zsMm8lOrBkDsIN+yBeLvBOnZKMbSZUMIOJ/psKyS0e20PtMtR61GYo
dltU538DEaadJOxdRg48SzbdphVWO+tErH5vg4GF6jbrZqymGNqmE76KTfVlA8yl
+L4HlHatFdUkGGjoxulXdbdf4v8s+Uef9dk+rEGDXWHRBVFcWRUhKM4dQtfZcfqI
fqvR4c7KxDrgK7JFWgtBQUfITJNM5BSf4ED+c+kUPDpfO8DMslN9dU4BCl40exrt
UiHSihI52b0s3lG/orOT6G/6057ai8FJ7pFzwWilnMc4ZHOwZjvTgj2E1wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKKMTPITrgOJw4jxrl3UT1LRlgzXMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvb294TThoT3VBNG5EaVBHdVhkUlBVdEdXRE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAVBZDAwQA
VBZWAwQEgIyAAwQBuRdgAwQAuRdjMAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW0
5gMEANW09wMEAtW0/DANBgkqhkiG9w0BAQsFAAOCAQEAnH4joP7YQdQTdNVJ9fkn
cnxac0moAJ5VRhemxemP6LZnEC/bDx/8PknkwYOslGbPZLKThQzsDcXaMFBILbiV
wLVxlWbEtAvDCWrx9xpGZdx5ow66YhfStG6XFytusPeZ83AL3UWWubxzpz36SdWF
Yq8NJ7Dlv4rXx+2Aq2EtY1htuAzp84JHsLErvASKtBs3/eL4cEXs1SEOhByM/xIF
ogtaCsS8vVwo99UuCsO/MaNp3BRmcvNpJf4FEjurrlrMHmcZcoQEgkED4FyWpiMU
tU/xaUJaXh7/KXmYxyueiUmNQ/hko9M9yA1Km5NmmIdmH1qm2GPm0yuom9xIXdfk
MA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:03:57 2025 by rpki-client