Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ldIKIl2hT2hAwQTKrdRlmsB4juU.roa
File: ldIKIl2hT2hAwQTKrdRlmsB4juU.roa (raw, json)
Hash identifier: zq2UnfowZc/m8YEPTF9rVW1m2lxfMiYzzAeVxQdzTe8=
Subject key identifier: 95:D2:0A:22:5D:A1:4F:68:40:C1:04:CA:AD:D4:65:9A:C0:78:8E:E5
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01975DD8C9B4D73C6ED1EC6285042707FC66
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ldIKIl2hT2hAwQTKrdRlmsB4juU.roa
Signing time: Wed 11 Jun 2025 07:16:17 +0000
ROA not before: Wed 11 Jun 2025 07:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 89.28.200.0/24 maxlen: 24
89.28.201.0/24 maxlen: 24
89.28.203.0/24 maxlen: 24
89.28.204.0/24 maxlen: 24
89.28.206.0/24 maxlen: 24
89.28.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:d8:c9:b4:d7:3c:6e:d1:ec:62:85:04:27:07:fc:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jun 11 07:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95d20a225da14f6840c104caadd4659ac0788ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:e0:bf:68:ec:02:56:5a:a1:08:e3:cb:a6:
f3:b9:17:54:95:59:c2:df:e6:e6:97:d5:06:55:d2:
29:2b:23:1e:09:85:d0:6b:32:8d:d2:6d:f2:ab:fc:
fd:df:07:cd:49:83:fa:67:f4:14:61:55:e5:07:0e:
68:ca:c6:7b:3c:1e:ac:ff:35:bd:dd:a3:f6:4d:0c:
c5:ea:0e:34:32:29:78:a3:31:53:62:db:bf:fc:cb:
1e:29:97:79:a1:28:83:8f:f4:aa:9f:4b:a8:41:2d:
e3:8c:93:9b:2f:dc:dd:a0:e5:bb:94:5f:0d:3b:a1:
6b:89:bb:a7:5d:49:68:f5:90:d7:f8:15:38:bc:a4:
68:c4:4d:3f:a3:88:ca:db:df:6d:6f:36:d2:9e:22:
7d:b5:45:2f:4a:d5:9e:aa:31:eb:22:35:93:cb:0b:
fb:d6:07:94:a1:19:f2:50:b4:5a:22:65:e8:72:ff:
3e:b1:52:07:84:c0:83:e7:fb:b1:de:93:42:fb:a8:
b7:a1:2c:3b:ec:0a:72:d1:a0:98:71:5d:d1:4a:dd:
39:5a:b0:ef:ac:fa:30:db:66:8d:a2:38:75:ed:00:
ca:2c:4f:02:f9:d3:ba:ce:f6:7d:a7:d0:bd:46:31:
8a:7e:ed:70:a9:19:c7:38:48:a0:63:89:80:c1:08:
c5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D2:0A:22:5D:A1:4F:68:40:C1:04:CA:AD:D4:65:9A:C0:78:8E:E5
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/ldIKIl2hT2hAwQTKrdRlmsB4juU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.200.0/23
89.28.203.0-89.28.204.255
89.28.206.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:c5:ff:61:ea:4e:9f:70:5b:ed:8f:47:72:a5:92:01:63:43:
97:21:6d:77:ac:94:91:a4:7c:d1:a9:ed:b0:1f:c3:61:55:93:
08:4f:b6:34:e1:a8:d9:79:4d:5a:6a:0f:02:07:25:05:fb:1f:
59:48:23:5c:fe:eb:0e:1a:3e:a7:de:f1:5f:33:18:d1:7f:d3:
b3:35:b9:43:67:1a:c1:20:34:d4:c9:5e:21:1f:3a:11:48:41:
8c:83:ae:f9:9f:67:10:81:ff:3b:59:bf:21:d6:7c:64:15:ca:
2c:60:c3:d8:55:56:ff:b2:f4:66:4e:d4:5d:28:4c:32:5e:b0:
23:7c:79:24:dc:db:f2:94:de:54:db:1c:c6:c9:02:32:08:d4:
23:10:60:6b:45:4c:5c:49:4c:07:27:65:a3:6f:1e:21:cc:b4:
fd:dc:b7:fc:9d:7b:98:b0:21:9a:e1:23:5a:c2:ef:18:95:f4:
14:ac:30:7e:af:89:7d:97:29:66:cb:5a:78:77:1f:93:61:6c:
ca:7b:0f:43:1f:09:d3:dc:60:b0:0a:08:d8:d9:40:9d:1b:6a:
67:89:64:dc:fb:69:b3:7d:ee:27:e2:d6:8f:b3:e9:dc:b2:b5:
ea:9c:d3:f6:1b:62:3f:77:8c:66:7b:cc:f7:a2:04:e4:29:b7:
bc:37:97:55
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZdd2Mm01zxu0exihQQnB/xmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNjExMDcxNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQyMGEyMjVkYTE0ZjY4NDBjMTA0Y2FhZGQ0NjU5YWMwNzg4ZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgLgv2jsAlZaoQjjy6bzuRdUlVnC
3+bml9UGVdIpKyMeCYXQazKN0m3yq/z93wfNSYP6Z/QUYVXlBw5oysZ7PB6s/zW9
3aP2TQzF6g40Mil4ozFTYtu//MseKZd5oSiDj/Sqn0uoQS3jjJObL9zdoOW7lF8N
O6FribunXUlo9ZDX+BU4vKRoxE0/o4jK299tbzbSniJ9tUUvStWeqjHrIjWTywv7
1geUoRnyULRaImXocv8+sVIHhMCD5/ux3pNC+6i3oSw77Apy0aCYcV3RSt05WrDv
rPow22aNojh17QDKLE8C+dO6zvZ9p9C9RjGKfu1wqRnHOEigY4mAwQjFXwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJXSCiJdoU9oQMEEyq3UZZrAeI7lMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvbGRJS0lsMmhUMmhBd1FUS3JkUmxtc0I0anVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBWRzIMAwD
BABZHMsDBABZHMwDBAFZHM4wDQYJKoZIhvcNAQELBQADggEBAKTF/2HqTp9wW+2P
R3KlkgFjQ5chbXeslJGkfNGp7bAfw2FVkwhPtjThqNl5TVpqDwIHJQX7H1lII1z+
6w4aPqfe8V8zGNF/07M1uUNnGsEgNNTJXiEfOhFIQYyDrvmfZxCB/ztZvyHWfGQV
yixgw9hVVv+y9GZO1F0oTDJesCN8eSTc2/KU3lTbHMbJAjII1CMQYGtFTFxJTAcn
ZaNvHiHMtP3ct/yde5iwIZrhI1rC7xiV9BSsMH6viX2XKWbLWnh3H5NhbMp7D0Mf
CdPcYLAKCNjZQJ0bameJZNz7abN97ifi1o+z6dyyteqc0/YbYj93jGZ7zPeiBOQp
t7w3l1U=
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:01:53 2025 by rpki-client