Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/380GYTCLdKhX211Crq9VUdvAoyY.roa
File: 380GYTCLdKhX211Crq9VUdvAoyY.roa (raw, json)
Hash identifier: QeCACCp/CXpQP+4lJHRjFHasfJueLhBY+GJQKiWXLGw=
Subject key identifier: DF:CD:06:61:30:8B:74:A8:57:DB:5D:42:AE:AF:55:51:DB:C0:A3:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196DD494C56FC9F79E6CAFFCE536AD6102C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/380GYTCLdKhX211Crq9VUdvAoyY.roa
Signing time: Sat 17 May 2025 08:08:10 +0000
ROA not before: Sat 17 May 2025 08:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213990
IP address blocks: 194.87.61.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dd:49:4c:56:fc:9f:79:e6:ca:ff:ce:53:6a:d6:10:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 17 08:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfcd0661308b74a857db5d42aeaf5551dbc0a326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:09:38:58:91:53:1c:32:72:37:36:0a:75:
d1:9e:62:3c:f5:4b:50:2d:44:02:24:da:00:35:36:
a7:5b:49:ec:a2:72:a7:52:c6:12:e3:16:54:13:a5:
68:37:93:d1:6b:9e:ad:fa:21:92:ba:5c:1d:d3:c1:
67:16:7b:95:c7:61:ad:15:cc:62:a5:3c:d8:11:d1:
a9:af:55:bb:d1:95:c7:eb:b0:47:62:23:da:1e:95:
53:fb:6e:58:c9:12:1c:82:25:99:a9:42:22:d6:eb:
91:03:80:43:bc:e8:ec:c7:90:2b:e6:6b:82:0f:b2:
48:85:35:e6:bf:2a:26:30:e7:43:2d:8a:1d:a2:00:
11:73:c1:8e:d1:c1:08:bc:b7:9e:09:a1:0e:01:62:
00:a3:74:38:57:b5:a2:a1:04:77:eb:17:07:2b:a4:
b9:ca:a8:03:cd:70:10:c6:07:0c:c9:2c:ec:0a:07:
fa:47:7c:8b:a5:fd:88:3f:42:9e:2b:e4:24:e8:13:
fc:27:e6:8e:0a:f5:1c:d6:ea:ba:b6:4c:fe:e1:21:
fd:c9:a7:d3:02:e8:0b:9c:74:e5:16:7c:3f:c5:08:
b4:3f:bd:0d:a5:09:6f:ae:9c:6f:de:58:24:a4:f9:
e9:45:2b:e9:39:79:c6:23:66:75:d5:21:26:04:e3:
aa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CD:06:61:30:8B:74:A8:57:DB:5D:42:AE:AF:55:51:DB:C0:A3:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/380GYTCLdKhX211Crq9VUdvAoyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.61.0/24
194.87.126.0/24
194.87.212.0/24
212.192.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:07:bd:98:e3:60:b6:8f:d5:8e:3d:35:05:5c:b5:5f:50:43:
ab:d8:e3:da:fe:fc:5c:02:a2:f4:25:ce:d6:83:bb:e7:3e:5a:
4f:53:d9:f1:59:0f:a7:7f:8b:47:7f:80:ef:70:5d:e7:33:c9:
5c:64:7f:e8:1c:7e:a3:9f:1e:a1:af:12:d5:96:90:3c:f1:b0:
96:b6:08:6b:16:65:89:f2:4a:8e:40:ed:3f:da:47:17:9b:21:
8e:bb:29:91:99:d7:5f:81:93:3c:4c:dc:ff:19:fa:c1:1c:da:
e1:1e:cb:c7:c1:6a:41:92:26:a4:b6:5e:4d:cb:8a:94:db:cb:
fb:27:5f:cc:ba:3e:3b:2b:fd:aa:7b:9a:ce:53:7e:4a:ef:e3:
2e:f4:b6:c2:f8:a1:37:65:d8:9f:9b:4d:76:2a:8d:7d:07:96:
d1:b6:d6:98:46:13:a4:4c:36:6b:af:01:8b:f1:39:13:9e:a4:
52:10:37:5e:5d:93:b5:63:ac:21:84:a6:03:24:1e:fe:6e:1f:
a8:43:46:15:0e:cf:2c:21:74:08:55:43:6b:a7:d7:5b:2a:db:
cb:ad:72:71:2c:6e:39:65:51:61:d0:da:47:77:f0:5d:11:59:
7e:df:d1:51:ce:52:0b:49:95:46:6f:e5:2b:ad:b4:5a:9d:fa:
09:e3:8e:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbdSUxW/J955sr/zlNq1hAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTE3MDgwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNkMDY2MTMwOGI3NGE4NTdkYjVkNDJhZWFmNTU1MWRiYzBhMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbgJOFiRUxwycjc2CnXRnmI89UtQ
LUQCJNoANTanW0nsonKnUsYS4xZUE6VoN5PRa56t+iGSulwd08FnFnuVx2GtFcxi
pTzYEdGpr1W70ZXH67BHYiPaHpVT+25YyRIcgiWZqUIi1uuRA4BDvOjsx5Ar5muC
D7JIhTXmvyomMOdDLYodogARc8GO0cEIvLeeCaEOAWIAo3Q4V7WioQR36xcHK6S5
yqgDzXAQxgcMySzsCgf6R3yLpf2IP0KeK+Qk6BP8J+aOCvUc1uq6tkz+4SH9yafT
AugLnHTlFnw/xQi0P70NpQlvrpxv3lgkpPnpRSvpOXnGI2Z11SEmBOOqvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN/NBmEwi3SoV9tdQq6vVVHbwKMmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMzgwR1lUQ0xkS2hYMjExQ3JxOVZVZHZBb3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwlc9AwQA
wld+AwQAwlfUAwQA1MD3MA0GCSqGSIb3DQEBCwUAA4IBAQBsB72Y42C2j9WOPTUF
XLVfUEOr2OPa/vxcAqL0Jc7Wg7vnPlpPU9nxWQ+nf4tHf4DvcF3nM8lcZH/oHH6j
nx6hrxLVlpA88bCWtghrFmWJ8kqOQO0/2kcXmyGOuymRmddfgZM8TNz/GfrBHNrh
HsvHwWpBkiaktl5Ny4qU28v7J1/Muj47K/2qe5rOU35K7+Mu9LbC+KE3Zdifm012
Ko19B5bRttaYRhOkTDZrrwGL8TkTnqRSEDdeXZO1Y6whhKYDJB7+bh+oQ0YVDs8s
IXQIVUNrp9dbKtvLrXJxLG45ZVFh0NpHd/BdEVl+39FRzlILSZVGb+UrrbRanfoJ
445n
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:03:44 2025 by rpki-client