Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DuWp9Jgfsb8kkCe1eDr9eCYcSi8.roa
File: DuWp9Jgfsb8kkCe1eDr9eCYcSi8.roa (raw, json)
Hash identifier: 9ZgNrT4nNhJaIP7mHBQeCUL3xDBuDPIWtIs2xlTmVsw=
Subject key identifier: 0E:E5:A9:F4:98:1F:B1:BF:24:90:27:B5:78:3A:FD:78:26:1C:4A:2F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197D2B4F09B7B6260CF79FE2E8E4ED2EF5C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DuWp9Jgfsb8kkCe1eDr9eCYcSi8.roa
Signing time: Thu 03 Jul 2025 23:52:42 +0000
ROA not before: Thu 03 Jul 2025 23:52:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.175.216.0/24 maxlen: 24
5.175.217.0/24 maxlen: 24
5.175.218.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
5.231.116.0/24 maxlen: 24
94.249.190.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.229.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
94.249.238.0/24 maxlen: 24
94.249.239.0/24 maxlen: 24
94.249.243.0/24 maxlen: 24
94.249.244.0/24 maxlen: 24
94.249.245.0/24 maxlen: 24
94.249.246.0/24 maxlen: 24
94.249.247.0/24 maxlen: 24
94.249.248.0/24 maxlen: 24
94.249.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 04:13:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d2:b4:f0:9b:7b:62:60:cf:79:fe:2e:8e:4e:d2:ef:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 3 23:52:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ee5a9f4981fb1bf249027b5783afd78261c4a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:b5:27:f1:6e:0d:ca:81:a0:64:b2:b2:e6:
46:f9:46:c6:a1:b2:3a:6e:57:e0:99:65:64:44:ae:
dd:6d:da:51:18:97:b7:dc:9e:ab:61:f1:79:85:9f:
70:fd:f1:92:56:1d:b4:28:0a:c1:01:de:84:a3:15:
3d:d2:92:47:af:3d:00:29:65:dd:51:f1:0f:3b:53:
91:84:23:dc:ba:18:20:c5:72:46:c7:f8:a9:e8:74:
56:60:37:0c:b9:71:bc:96:1d:13:08:84:7f:85:ef:
cb:a8:7c:69:99:f3:44:9f:9d:5c:92:cf:9d:f5:b3:
6e:23:45:01:e4:b0:fd:6e:84:d5:a3:cf:77:9a:68:
2b:e4:da:f8:4f:2a:48:b2:b8:39:49:5b:03:b9:4f:
de:06:e1:91:1d:0f:d6:08:e1:60:61:bd:a5:57:3d:
05:50:37:ed:bc:4d:52:fc:93:dc:19:06:bb:d3:b7:
80:e5:7c:73:b2:71:ea:0b:f6:20:5a:df:09:40:45:
3e:79:72:f2:b0:aa:d7:11:ef:a6:63:97:8f:10:11:
46:a3:0e:4b:25:90:6e:96:5f:06:84:9e:d5:7f:08:
8b:f5:67:e3:6d:13:db:8e:76:c0:60:1c:05:48:60:
9a:6e:e3:cf:20:b4:0c:10:6f:e2:59:e3:aa:20:5f:
d0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E5:A9:F4:98:1F:B1:BF:24:90:27:B5:78:3A:FD:78:26:1C:4A:2F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/DuWp9Jgfsb8kkCe1eDr9eCYcSi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.216.0-5.175.218.255
5.231.92.0/24
5.231.116.0/24
94.249.190.0/24
94.249.195.0/24
94.249.229.0-94.249.230.255
94.249.238.0/23
94.249.243.0-94.249.249.255
Signature Algorithm: sha256WithRSAEncryption
b0:f4:ff:d2:83:1a:33:72:b7:72:50:66:be:30:39:4f:80:6e:
4f:04:7f:0a:1b:31:85:e8:35:73:41:51:84:f2:ca:b3:95:f6:
3d:10:b6:49:ba:16:90:61:9a:45:7a:67:0d:84:20:78:7c:f9:
6a:73:94:a8:69:fa:0c:77:89:84:b3:a5:34:c9:97:c0:f8:00:
38:ab:25:7c:80:73:d0:12:bd:ac:26:ae:95:a1:2f:9f:02:b5:
fa:10:62:14:00:eb:ee:cf:ea:fd:1d:18:5c:ce:5f:59:f6:34:
01:c3:9e:27:a8:d5:c2:2a:50:4d:91:64:6a:9c:71:40:4a:cb:
ed:3a:cd:3d:47:26:14:c1:d6:61:78:56:5b:81:c3:c8:4a:32:
38:4c:84:79:c7:dc:ae:59:27:94:b3:99:8c:09:3e:f3:60:60:
53:95:4c:e1:69:d9:99:84:6b:e1:40:c8:ea:cb:6e:a8:79:5d:
2c:b1:52:df:05:9f:24:3e:9b:f0:9a:45:13:4b:f4:a6:58:95:
ec:b2:b1:84:a6:8f:a1:f5:59:fb:2d:c0:a2:da:b7:a6:a7:f1:
03:c0:ac:c2:be:24:22:e9:17:6b:91:17:2b:6a:7d:df:80:29:
08:05:4b:0e:e5:70:f7:17:09:54:df:c5:99:4b:cf:e3:4b:01:
61:a3:12:2f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZfStPCbe2Jgz3n+Lo5O0u9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzAzMjM1MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU1YTlmNDk4MWZiMWJmMjQ5MDI3YjU3ODNhZmQ3ODI2MWM0YTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz61J/FuDcqBoGSysuZG+UbGobI6
blfgmWVkRK7dbdpRGJe33J6rYfF5hZ9w/fGSVh20KArBAd6EoxU90pJHrz0AKWXd
UfEPO1ORhCPcuhggxXJGx/ip6HRWYDcMuXG8lh0TCIR/he/LqHxpmfNEn51cks+d
9bNuI0UB5LD9boTVo893mmgr5Nr4TypIsrg5SVsDuU/eBuGRHQ/WCOFgYb2lVz0F
UDftvE1S/JPcGQa707eA5XxzsnHqC/YgWt8JQEU+eXLysKrXEe+mY5ePEBFGow5L
JZBull8GhJ7VfwiL9WfjbRPbjnbAYBwFSGCabuPPILQMEG/iWeOqIF/QUwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA7lqfSYH7G/JJAntXg6/XgmHEovMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRHVXcDlKZ2ZzYjhra0NlMWVEcjllQ1ljU2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAMFr9gD
BAAFr9oDBAAF51wDBAAF53QDBABe+b4DBABe+cMwDAMEAF755QMEAF755gMEAV75
7jAMAwQAXvnzAwQBXvn4MA0GCSqGSIb3DQEBCwUAA4IBAQCw9P/SgxozcrdyUGa+
MDlPgG5PBH8KGzGF6DVzQVGE8sqzlfY9ELZJuhaQYZpFemcNhCB4fPlqc5SoafoM
d4mEs6U0yZfA+AA4qyV8gHPQEr2sJq6VoS+fArX6EGIUAOvuz+r9HRhczl9Z9jQB
w54nqNXCKlBNkWRqnHFASsvtOs09RyYUwdZheFZbgcPISjI4TIR5x9yuWSeUs5mM
CT7zYGBTlUzhadmZhGvhQMjqy26oeV0ssVLfBZ8kPpvwmkUTS/SmWJXssrGEpo+h
9Vn7LcCi2remp/EDwKzCviQi6RdrkRcran3fgCkIBUsO5XD3FwlU38WZS8/jSwFh
oxIv
-----END CERTIFICATE-----
Generated at Sun Jul 6 09:03:17 2025 by rpki-client