Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/_Cbg2gi_s_VKpTIkG3bEBTZBdxs.roa
File: _Cbg2gi_s_VKpTIkG3bEBTZBdxs.roa (raw, json)
Hash identifier: B8pai3ZmKLHEPdQUTuODVk/zYN3nOw61AYES66S31Jw=
Subject key identifier: FC:26:E0:DA:08:BF:B3:F5:4A:A5:32:24:1B:76:C4:05:36:41:77:1B
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0196E33E903AC3B91BB445E31609426C16E0
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/_Cbg2gi_s_VKpTIkG3bEBTZBdxs.roa
Signing time: Sun 18 May 2025 11:54:10 +0000
ROA not before: Sun 18 May 2025 11:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
209.35.238.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e3:3e:90:3a:c3:b9:1b:b4:45:e3:16:09:42:6c:16:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: May 18 11:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc26e0da08bfb3f54aa532241b76c4053641771b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9e:c5:dd:96:84:c6:49:42:7a:5d:8c:6d:28:
09:2c:84:8e:63:39:38:bd:43:2e:c1:b8:12:b3:72:
62:53:cc:be:67:49:1d:03:76:c8:20:4a:2b:b8:85:
13:76:15:ba:ad:17:f5:56:9d:32:11:b6:12:14:c3:
42:2c:2f:f1:be:ac:97:48:16:f6:06:da:03:0e:73:
69:2a:4a:d0:8b:de:f6:ad:3a:c9:12:14:1d:b8:24:
28:19:10:38:f8:82:c7:94:5d:13:8b:3d:8a:71:87:
ff:0c:eb:ba:21:1d:ef:bd:f6:a0:58:54:9a:e8:e1:
77:8a:46:cb:46:03:e8:42:30:3c:b7:f2:02:b2:a2:
e6:34:08:40:ec:09:86:08:54:88:95:e6:60:c4:8b:
db:99:fa:ed:14:07:f5:bd:63:03:47:4c:5c:2f:cb:
c7:de:27:36:40:21:21:7c:04:20:59:b9:ce:2a:ec:
53:40:fe:20:df:72:a4:4e:97:82:35:88:e8:2f:08:
5d:5d:24:72:e2:b1:8a:07:03:81:7a:1c:7c:eb:0a:
18:43:15:c2:22:5c:ac:b1:6f:f4:69:7d:76:f2:49:
c6:78:c8:64:9a:cc:c5:c6:7a:fd:a1:06:f2:0b:ff:
b3:06:a2:3d:a5:e7:5c:2e:a8:33:be:f0:46:19:05:
73:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:26:E0:DA:08:BF:B3:F5:4A:A5:32:24:1B:76:C4:05:36:41:77:1B
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/_Cbg2gi_s_VKpTIkG3bEBTZBdxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.238.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
36:53:5b:ee:89:46:b3:aa:8e:28:b2:39:5d:2e:36:ad:7b:51:
ae:37:69:2a:2c:94:f1:51:10:48:8d:ca:20:1a:3e:16:67:ef:
44:6d:4d:40:05:06:4c:d7:08:a1:3c:12:7f:0e:35:09:64:0b:
6d:45:ce:79:b0:94:39:75:bf:a5:5f:64:d7:a6:88:1a:76:1f:
f5:c0:a1:25:a6:78:02:d8:48:1f:5c:c4:78:c8:85:38:36:e7:
33:dc:55:c0:8c:b2:45:a5:53:1b:90:82:04:31:ae:ca:7f:65:
84:e8:71:74:a3:67:b4:92:a1:b8:ac:a4:4f:5e:21:a2:d9:cb:
5f:98:d8:e8:b0:a3:24:ed:66:2d:fd:2c:77:f3:13:66:a3:77:
21:e0:b1:56:43:ed:b3:84:36:80:74:01:51:92:1d:8c:05:f7:
b5:67:68:08:75:8e:1b:6b:ca:41:c1:0f:fc:02:ad:a8:c1:86:
07:96:1a:1e:f8:e2:e1:f7:0a:07:20:c2:4f:73:63:6c:62:7e:
4a:6c:87:18:ac:fc:a7:bf:2f:6b:00:d1:64:09:b7:74:4d:00:
01:eb:72:bf:65:d8:48:4a:1c:77:12:91:d8:46:6b:c0:4a:08:
a9:fd:ae:bd:5d:04:44:a8:89:52:24:9e:17:5e:de:40:8a:4e:
31:50:89:9e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZbjPpA6w7kbtEXjFglCbBbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUwNTE4MTE1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI2ZTBkYTA4YmZiM2Y1NGFhNTMyMjQxYjc2YzQwNTM2NDE3NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ7F3ZaExklCel2MbSgJLISOYzk4
vUMuwbgSs3JiU8y+Z0kdA3bIIEoruIUTdhW6rRf1Vp0yEbYSFMNCLC/xvqyXSBb2
BtoDDnNpKkrQi972rTrJEhQduCQoGRA4+ILHlF0Tiz2KcYf/DOu6IR3vvfagWFSa
6OF3ikbLRgPoQjA8t/ICsqLmNAhA7AmGCFSIleZgxIvbmfrtFAf1vWMDR0xcL8vH
3ic2QCEhfAQgWbnOKuxTQP4g33KkTpeCNYjoLwhdXSRy4rGKBwOBehx86woYQxXC
IlyssW/0aX128knGeMhkmszFxnr9oQbyC/+zBqI9pedcLqgzvvBGGQVz9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPwm4NoIv7P1SqUyJBt2xAU2QXcbMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvX0NiZzJnaV9zX1ZLcFRJa0czYkVCVFpCZHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgMAwD
BADRI+kDBADRI+4DBAPUO0AwDQYJKoZIhvcNAQELBQADggEBADZTW+6JRrOqjiiy
OV0uNq17Ua43aSoslPFREEiNyiAaPhZn70RtTUAFBkzXCKE8En8ONQlkC21Fznmw
lDl1v6VfZNemiBp2H/XAoSWmeALYSB9cxHjIhTg25zPcVcCMskWlUxuQggQxrsp/
ZYTocXSjZ7SSobispE9eIaLZy1+Y2OiwoyTtZi39LHfzE2ajdyHgsVZD7bOENoB0
AVGSHYwF97VnaAh1jhtrykHBD/wCrajBhgeWGh744uH3Cgcgwk9zY2xifkpshxis
/Ke/L2sA0WQJt3RNAAHrcr9l2EhKHHcSkdhGa8BKCKn9rr1dBESoiVIknhde3kCK
TjFQiZ4=
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:01:09 2025 by rpki-client