Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/lX6hj9K_SgWpbjs9Vm4h-iLqKxg.roa
File: lX6hj9K_SgWpbjs9Vm4h-iLqKxg.roa (raw, json)
Hash identifier: sh68gHRxqa7fIqQfLrHiW3Yb8Ld23ANUs7IVCd+duFY=
Subject key identifier: 95:7E:A1:8F:D2:BF:4A:05:A9:6E:3B:3D:56:6E:21:FA:22:EA:2B:18
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 0196B7881359D0C3148052E4C0528287AD5A
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/lX6hj9K_SgWpbjs9Vm4h-iLqKxg.roa
Signing time: Sat 10 May 2025 00:11:10 +0000
ROA not before: Sat 10 May 2025 00:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35539
IP address blocks: 31.134.192.0/21 maxlen: 21
46.160.192.0/18 maxlen: 18
46.160.192.0/19 maxlen: 19
46.160.224.0/19 maxlen: 19
93.95.160.0/21 maxlen: 21
93.95.160.0/22 maxlen: 22
93.95.164.0/22 maxlen: 22
93.123.128.0/17 maxlen: 17
93.123.128.0/18 maxlen: 18
93.123.192.0/18 maxlen: 18
95.131.208.0/21 maxlen: 21
95.131.208.0/22 maxlen: 22
95.131.212.0/22 maxlen: 22
217.194.240.0/20 maxlen: 20
217.194.240.0/21 maxlen: 21
217.194.248.0/21 maxlen: 21
2a01:5fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b7:88:13:59:d0:c3:14:80:52:e4:c0:52:82:87:ad:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: May 10 00:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=957ea18fd2bf4a05a96e3b3d566e21fa22ea2b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:14:80:1b:17:c8:94:5d:c7:c2:bf:b0:54:
51:f4:c8:17:5a:a6:44:e9:c1:99:0c:35:c2:b3:cb:
a3:e3:8a:ba:5f:b1:57:37:6b:2c:9f:90:1a:06:44:
5f:42:13:1c:2e:be:dd:b7:58:b7:5c:bf:f8:c8:9e:
46:68:c5:f4:f9:d9:f8:1f:80:28:f5:20:b9:1d:00:
b7:ba:2e:c4:65:b5:04:a0:1d:1e:f9:a6:b2:fa:3e:
e2:62:86:48:b3:82:04:53:0f:4b:60:b7:49:99:11:
4b:d4:52:9f:28:93:ce:e3:5f:d9:ad:9a:d1:37:a9:
0b:fb:1b:ac:13:15:61:16:6c:05:e4:20:ab:84:09:
6b:b1:54:d6:32:c6:18:ca:4f:2b:f8:b5:0b:4f:b7:
87:a3:b2:7b:54:ae:6f:37:37:e0:cc:01:9d:2e:37:
40:34:2e:b8:5f:cd:52:a6:c6:7a:9f:54:34:da:32:
33:a0:0d:df:97:53:57:51:30:0b:1e:b2:08:2a:70:
e1:31:44:e7:b9:bf:96:2a:b6:56:a4:df:ec:27:62:
26:a2:ba:99:4e:1f:6a:4c:12:0b:4a:27:4c:26:97:
f8:85:4a:e3:e5:b5:46:7e:00:52:4c:2a:11:73:38:
7f:5a:cf:f2:6d:65:0a:15:62:dd:71:d6:b5:c7:c6:
2c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7E:A1:8F:D2:BF:4A:05:A9:6E:3B:3D:56:6E:21:FA:22:EA:2B:18
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/lX6hj9K_SgWpbjs9Vm4h-iLqKxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.192.0/21
46.160.192.0/18
93.95.160.0/21
93.123.128.0/17
95.131.208.0/21
217.194.240.0/20
IPv6:
2a01:5fc0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:0a:09:28:61:b0:a9:39:d7:ce:7c:5a:75:99:df:c2:75:8f:
5b:33:7a:68:fa:93:3a:7f:ce:56:61:3c:3e:f4:52:42:7b:0f:
9d:e5:e9:9b:d9:42:f3:d5:b1:64:2d:f6:96:c5:ce:2e:af:d7:
04:88:84:25:ae:4f:c6:1b:f5:9c:d1:b5:0b:30:7d:01:c2:a9:
0d:dc:59:62:5e:8d:9f:a0:77:14:06:35:b7:26:4b:28:d1:29:
0c:f5:c8:3e:61:f4:9f:05:58:f8:84:ed:36:f0:9a:06:79:9d:
61:26:e4:f4:bf:88:ca:34:da:7e:80:d2:0f:41:a8:f8:80:c4:
e0:38:70:a6:0f:1c:9e:02:10:87:80:33:d2:8b:0b:34:cc:b5:
f2:9c:c8:78:fe:1a:91:01:71:c8:9f:00:db:f5:a6:87:a6:3f:
40:53:ad:e9:62:30:f9:aa:c7:2d:16:bb:a6:f6:14:9a:c6:d4:
97:90:05:64:da:bd:f1:f2:ee:f3:5b:6c:38:f1:2e:27:8c:4e:
c5:f8:26:6b:62:c8:36:a0:a7:13:9d:be:11:31:13:3b:41:40:
e2:c2:f8:80:d4:aa:29:cd:56:b4:d5:39:97:68:2f:f1:5d:aa:
4b:9b:26:ae:a2:ed:f4:11:0a:28:c6:fb:fb:b8:52:08:bd:25:
64:70:40:34
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZa3iBNZ0MMUgFLkwFKCh61aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjUwNTEwMDAxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTdlYTE4ZmQyYmY0YTA1YTk2ZTNiM2Q1NjZlMjFmYTIyZWEyYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudIUgBsXyJRdx8K/sFRR9MgXWqZE
6cGZDDXCs8uj44q6X7FXN2ssn5AaBkRfQhMcLr7dt1i3XL/4yJ5GaMX0+dn4H4Ao
9SC5HQC3ui7EZbUEoB0e+aay+j7iYoZIs4IEUw9LYLdJmRFL1FKfKJPO41/ZrZrR
N6kL+xusExVhFmwF5CCrhAlrsVTWMsYYyk8r+LULT7eHo7J7VK5vNzfgzAGdLjdA
NC64X81SpsZ6n1Q02jIzoA3fl1NXUTALHrIIKnDhMUTnub+WKrZWpN/sJ2ImorqZ
Th9qTBILSidMJpf4hUrj5bVGfgBSTCoRczh/Ws/ybWUKFWLdcda1x8YsWwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJV+oY/Sv0oFqW47PVZuIfoi6isYMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvbFg2aGo5S19TZ1dwYmpzOVZtNGgtaUxxS3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDH4bAAwQG
LqDAAwQDXV+gAwQHXXuAAwQDX4PQAwQE2cLwMA0EAgACMAcDBQAqAV/AMA0GCSqG
SIb3DQEBCwUAA4IBAQAKCgkoYbCpOdfOfFp1md/CdY9bM3po+pM6f85WYTw+9FJC
ew+d5emb2ULz1bFkLfaWxc4ur9cEiIQlrk/GG/Wc0bULMH0BwqkN3FliXo2foHcU
BjW3Jkso0SkM9cg+YfSfBVj4hO028JoGeZ1hJuT0v4jKNNp+gNIPQaj4gMTgOHCm
DxyeAhCHgDPSiws0zLXynMh4/hqRAXHInwDb9aaHpj9AU63pYjD5qsctFrum9hSa
xtSXkAVk2r3x8u7zW2w48S4njE7F+CZrYsg2oKcTnb4RMRM7QUDiwviA1KopzVa0
1TmXaC/xXapLmyauou30EQooxvv7uFIIvSVkcEA0
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:31:41 2025 by rpki-client