Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/82ddCXRGPTSNS9hTYan2VCDyLIk.roa
File: 82ddCXRGPTSNS9hTYan2VCDyLIk.roa (raw, json)
Hash identifier: FrQAL1Gbil8vPVyEFVSqvHLh6u6Vga4znBeYCvDapwQ=
Subject key identifier: F3:67:5D:09:74:46:3D:34:8D:4B:D8:53:61:A9:F6:54:20:F2:2C:89
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0197DBA96A3CB19CF2433695665CE73EDAAD
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/82ddCXRGPTSNS9hTYan2VCDyLIk.roa
Signing time: Sat 05 Jul 2025 17:36:42 +0000
ROA not before: Sat 05 Jul 2025 17:36:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2.59.22.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e943::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:db:a9:6a:3c:b1:9c:f2:43:36:95:66:5c:e7:3e:da:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jul 5 17:36:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3675d0974463d348d4bd85361a9f65420f22c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:e2:a5:42:54:ca:1e:b0:93:a8:e7:c3:ed:
5d:d6:5c:48:66:bd:4e:8b:81:63:ac:1b:a8:47:84:
a9:51:d2:18:b4:6a:76:bc:fb:af:56:da:1f:a3:3b:
50:e1:ed:53:0b:92:56:7c:7c:53:2f:32:15:0d:97:
cf:14:a8:2b:e7:5f:a7:24:bd:27:5f:38:f0:b8:d8:
21:b1:89:2a:8e:e4:24:fd:d6:f2:ab:70:ef:78:a7:
1c:39:52:73:57:40:4d:ca:50:1e:e8:08:bd:8a:76:
b5:45:55:13:1c:6a:72:b8:de:38:9f:6b:e9:fe:3b:
38:f0:1d:b7:81:88:1a:99:da:f2:52:64:a9:18:fc:
d9:bb:e7:5e:d0:5c:24:7a:d2:6e:d9:72:7a:45:30:
f0:d5:92:3e:e3:0d:52:d8:bf:2d:98:88:69:d6:1f:
a8:6f:b5:24:e8:ab:8a:05:37:ac:ca:a4:6a:38:06:
bf:b7:ae:a0:7c:ec:f6:a3:2c:96:63:c7:6e:90:84:
b3:6c:5b:b9:27:5e:b1:92:0a:0d:ea:f6:0d:48:a2:
ad:4c:a0:29:5e:6d:b3:01:c9:b6:28:c1:37:4c:04:
96:12:f1:fd:09:77:dd:eb:1c:a9:23:78:e0:32:b2:
cd:0d:b0:a8:87:50:2b:7f:3a:75:fe:c2:00:9d:70:
c2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:67:5D:09:74:46:3D:34:8D:4B:D8:53:61:A9:F6:54:20:F2:2C:89
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/82ddCXRGPTSNS9hTYan2VCDyLIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
86.54.28.0/24
86.54.31.0/24
212.104.141.0/24
IPv6:
2a01:e940::/48
2a01:e943::/48
Signature Algorithm: sha256WithRSAEncryption
13:f3:81:09:86:cc:32:f0:fd:73:a5:ad:96:5e:84:f8:aa:bb:
0b:a9:c1:b9:0a:a1:ff:3c:20:ed:81:80:5e:ef:0e:2e:04:c9:
a4:4c:19:5d:ae:9f:f0:05:03:a3:c3:cd:8f:65:e0:2e:2a:63:
12:d5:0c:fc:8f:15:18:87:9c:f2:59:bc:4a:55:7c:d6:8e:99:
bd:86:0a:8e:0d:22:d9:65:2d:69:0c:bd:b0:fa:0c:55:8f:bb:
5f:7b:a0:cb:b8:55:12:1c:a0:4d:33:46:22:3f:34:56:d0:d6:
8e:0b:db:56:b5:19:fb:a4:62:41:5e:2d:d7:5a:7d:34:d0:2a:
2f:2b:68:fb:ab:81:56:60:c8:63:10:78:42:a6:34:32:c2:e6:
77:3f:4e:99:99:81:59:24:19:7b:01:2a:71:43:6e:6e:33:fa:
ea:7c:fe:fa:dc:df:2e:f1:23:55:a0:f2:1b:e7:53:ae:13:dc:
9d:63:00:13:75:9e:be:f0:33:26:7f:24:f2:57:ed:50:a6:b4:
06:82:b8:78:ab:9a:0b:64:cb:a0:e7:49:61:13:8d:be:7f:90:
69:47:0c:a0:89:c7:01:53:e7:c1:06:77:6a:a8:45:31:ee:30:
69:11:4d:57:a1:44:55:6b:c5:7b:5c:b5:1c:d5:78:0c:bb:6f:
1f:1e:b5:b9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZfbqWo8sZzyQzaVZlznPtqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwNzA1MTczNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzY3NWQwOTc0NDYzZDM0OGQ0YmQ4NTM2MWE5ZjY1NDIwZjIyYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWzipUJUyh6wk6jnw+1d1lxIZr1O
i4FjrBuoR4SpUdIYtGp2vPuvVtofoztQ4e1TC5JWfHxTLzIVDZfPFKgr51+nJL0n
XzjwuNghsYkqjuQk/dbyq3DveKccOVJzV0BNylAe6Ai9ina1RVUTHGpyuN44n2vp
/js48B23gYgamdryUmSpGPzZu+de0FwketJu2XJ6RTDw1ZI+4w1S2L8tmIhp1h+o
b7Uk6KuKBTesyqRqOAa/t66gfOz2oyyWY8dukISzbFu5J16xkgoN6vYNSKKtTKAp
Xm2zAcm2KME3TASWEvH9CXfd6xypI3jgMrLNDbCoh1Arfzp1/sIAnXDC3wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPNnXQl0Rj00jUvYU2Gp9lQg8iyJMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvODJkZENYUkdQVFNOUzloVFlhbjJWQ0R5TElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAAjsWAwQA
VjYcAwQAVjYfAwQA1GiNMBgEAgACMBIDBwAqAelAAAADBwAqAelDAAAwDQYJKoZI
hvcNAQELBQADggEBABPzgQmGzDLw/XOlrZZehPiquwupwbkKof88IO2BgF7vDi4E
yaRMGV2un/AFA6PDzY9l4C4qYxLVDPyPFRiHnPJZvEpVfNaOmb2GCo4NItllLWkM
vbD6DFWPu197oMu4VRIcoE0zRiI/NFbQ1o4L21a1GfukYkFeLddafTTQKi8raPur
gVZgyGMQeEKmNDLC5nc/TpmZgVkkGXsBKnFDbm4z+up8/vrc3y7xI1Wg8hvnU64T
3J1jABN1nr7wMyZ/JPJX7VCmtAaCuHirmgtky6DnSWETjb5/kGlHDKCJxwFT58EG
d2qoRTHuMGkRTVehRFVrxXtctRzVeAy7bx8etbk=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:07:28 2025 by rpki-client