Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/l21Nzo1dkFgN0H5LRYdGTDkig_k.roa
File: l21Nzo1dkFgN0H5LRYdGTDkig_k.roa (raw, json)
Hash identifier: G00+ZwRidpobiQLOf1POPayc7cGBvspQbpLD/H+03ag=
Subject key identifier: 97:6D:4D:CE:8D:5D:90:58:0D:D0:7E:4B:45:87:46:4C:39:22:83:F9
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019731143AF9319D2D8929E673C40793D0D3
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/l21Nzo1dkFgN0H5LRYdGTDkig_k.roa
Signing time: Mon 02 Jun 2025 14:38:18 +0000
ROA not before: Mon 02 Jun 2025 14:38:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34304
IP address blocks: 80.96.99.0/24 maxlen: 24
80.96.106.0/24 maxlen: 24
81.180.252.0/23 maxlen: 23
81.181.173.0/24 maxlen: 24
85.122.84.0/24 maxlen: 24
217.156.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:14:3a:f9:31:9d:2d:89:29:e6:73:c4:07:93:d0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 2 14:38:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=976d4dce8d5d90580dd07e4b4587464c392283f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:21:d7:5d:88:46:42:22:6b:b1:5c:c2:f9:65:
27:56:73:8a:4c:68:15:76:87:fc:fe:5a:1b:e1:95:
cb:40:15:18:fd:9f:44:14:07:4d:4e:f8:1a:e6:85:
b2:ce:51:57:40:29:de:51:45:5b:21:b6:62:6a:d6:
d2:98:68:58:5f:99:8b:25:05:35:4c:b5:b7:66:b6:
a9:39:ba:fb:6d:ea:38:fc:1b:b2:94:19:a4:d1:a9:
79:24:0c:24:85:45:22:30:25:38:1a:e6:1e:fd:00:
33:15:b7:6e:c4:dc:bc:36:20:d1:fb:aa:27:87:3f:
b8:32:b2:78:8f:81:e4:2a:e3:ca:d2:60:a7:e1:49:
9f:b5:ce:31:31:17:ff:1c:92:50:5a:41:65:84:da:
5f:c1:5c:32:54:4b:3f:d5:01:8c:63:94:aa:23:fa:
0f:79:b4:b3:e5:3e:a3:26:33:2c:c0:3f:b9:86:35:
16:de:e9:b1:09:e2:69:95:5b:d4:75:84:13:4f:46:
8e:e2:86:e5:75:ee:06:52:7a:78:d3:c4:8d:fa:2e:
ee:1d:53:f9:71:44:5a:02:80:dd:e5:3f:5a:61:a2:
62:fd:11:39:bf:c4:f7:a5:6b:30:90:bc:e4:15:88:
b3:13:2c:24:25:4f:59:7d:0a:2e:d0:e0:e0:e0:7e:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6D:4D:CE:8D:5D:90:58:0D:D0:7E:4B:45:87:46:4C:39:22:83:F9
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/l21Nzo1dkFgN0H5LRYdGTDkig_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.99.0/24
80.96.106.0/24
81.180.252.0/23
81.181.173.0/24
85.122.84.0/24
217.156.56.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:b6:fb:0b:57:d8:c0:93:1a:08:87:69:30:bd:49:0c:29:a4:
61:62:1b:a7:65:fc:ea:a3:55:21:96:f0:68:05:40:9d:f9:2c:
ae:f6:3d:32:ce:49:57:07:ed:5c:92:87:5a:61:a0:a3:c5:78:
7c:b7:b7:9c:cf:f4:2a:6d:bd:8f:c1:49:23:4b:11:82:b5:0c:
6b:92:2f:27:38:ef:e3:28:f2:dc:fc:23:07:2d:ed:74:17:68:
95:bd:71:9b:59:fb:4a:fe:a3:a2:fa:97:56:80:30:35:f7:db:
33:f4:78:b6:6f:36:39:19:9f:8a:a3:a0:de:90:d0:3f:ed:eb:
37:a6:98:81:a4:f1:cf:7c:5c:4e:45:a6:34:0c:b5:f5:07:90:
29:db:82:d9:6a:82:be:fe:75:bd:a8:38:4d:6c:fb:c6:57:fe:
02:18:fd:8c:4f:68:ea:3b:ff:b3:62:0e:9f:43:c0:b5:65:99:
b6:05:5f:2b:df:24:99:37:b3:f5:99:f2:2f:b3:cd:ba:4e:c6:
f8:8a:83:8b:13:66:8e:b9:4e:e1:b9:ee:bf:84:3d:99:c3:6b:
c6:9a:b9:a7:bd:da:0d:d3:af:53:fa:20:9d:6f:06:b2:4e:41:
6a:91:24:1b:71:1a:91:f5:e2:30:b6:00:05:95:e6:d1:8a:40:
f2:34:a8:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZcxFDr5MZ0tiSnmc8QHk9DTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNjAyMTQzODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZkNGRjZThkNWQ5MDU4MGRkMDdlNGI0NTg3NDY0YzM5MjI4M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyHXXYhGQiJrsVzC+WUnVnOKTGgV
dof8/lob4ZXLQBUY/Z9EFAdNTvga5oWyzlFXQCneUUVbIbZiatbSmGhYX5mLJQU1
TLW3ZrapObr7beo4/BuylBmk0al5JAwkhUUiMCU4GuYe/QAzFbduxNy8NiDR+6on
hz+4MrJ4j4HkKuPK0mCn4Umftc4xMRf/HJJQWkFlhNpfwVwyVEs/1QGMY5SqI/oP
ebSz5T6jJjMswD+5hjUW3umxCeJplVvUdYQTT0aO4oblde4GUnp408SN+i7uHVP5
cURaAoDd5T9aYaJi/RE5v8T3pWswkLzkFYizEywkJU9ZfQou0ODg4H7mdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJdtTc6NXZBYDdB+S0WHRkw5IoP5MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvbDIxTnpvMWRrRmdOMEg1TFJZZEdURGtpZ19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUGBjAwQA
UGBqAwQBUbT8AwQAUbWtAwQAVXpUAwQA2Zw4MA0GCSqGSIb3DQEBCwUAA4IBAQCM
tvsLV9jAkxoIh2kwvUkMKaRhYhunZfzqo1UhlvBoBUCd+Syu9j0yzklXB+1ckoda
YaCjxXh8t7ecz/Qqbb2PwUkjSxGCtQxrki8nOO/jKPLc/CMHLe10F2iVvXGbWftK
/qOi+pdWgDA199sz9Hi2bzY5GZ+Ko6DekNA/7es3ppiBpPHPfFxORaY0DLX1B5Ap
24LZaoK+/nW9qDhNbPvGV/4CGP2MT2jqO/+zYg6fQ8C1ZZm2BV8r3ySZN7P1mfIv
s826Tsb4ioOLE2aOuU7hue6/hD2Zw2vGmrmnvdoN069T+iCdbwayTkFqkSQbcRqR
9eIwtgAFlebRikDyNKhG
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:21:04 2025 by rpki-client