Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/aHZiJgVBcp3QEfhpBBlnMevn95c.roa
File: aHZiJgVBcp3QEfhpBBlnMevn95c.roa (raw, json)
Hash identifier: kY5l/11r78p6CSIOWHTFpBOl7j8UPn6XdN3dmnO0kMg=
Subject key identifier: 68:76:62:26:05:41:72:9D:D0:11:F8:69:04:19:67:31:EB:E7:F7:97
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0196BEA8B8AFCF8CEF5813E6DDD2153B082B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/aHZiJgVBcp3QEfhpBBlnMevn95c.roa
Signing time: Sun 11 May 2025 09:24:10 +0000
ROA not before: Sun 11 May 2025 09:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 31.170.55.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.173.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:a8:b8:af:cf:8c:ef:58:13:e6:dd:d2:15:3b:08:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 11 09:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=687662260541729dd011f86904196731ebe7f797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:29:71:f1:dd:cf:3d:27:4d:07:cf:61:7c:d5:
09:d0:62:04:5c:a9:f4:2b:21:ce:26:a7:9b:57:fe:
b1:e1:d4:6e:88:3f:9c:bb:21:a1:ae:ce:82:86:bd:
96:d9:bf:19:7d:ce:5a:79:bf:25:d1:f6:bf:03:db:
2f:85:a9:6b:06:cb:e6:19:10:21:08:25:94:3d:7d:
e0:00:bb:66:b0:93:12:a6:55:f2:17:fa:0a:f9:3f:
99:0d:11:8a:66:de:ae:29:73:c3:52:15:05:ef:3d:
91:f8:f5:fc:34:df:d2:ba:39:17:10:1b:4d:9d:2d:
91:56:95:6c:7c:c9:05:18:ce:e2:cd:70:33:37:4a:
9e:92:f2:0b:4c:96:eb:e0:f2:c4:bf:47:4f:d2:95:
ec:ab:da:7b:ab:03:41:2d:26:c2:fc:81:c4:ab:29:
c9:df:2c:68:97:d6:a2:07:8b:a9:c7:09:c3:af:c2:
7b:cb:43:cf:e8:b9:58:4b:0f:f1:c6:55:3d:9a:2f:
c4:bd:0a:2f:93:b1:15:08:e8:a6:a9:b8:42:41:7a:
61:89:3f:0f:46:dc:43:d6:ac:53:1a:f9:31:8e:bb:
de:54:a2:38:72:ef:e0:16:35:80:8f:59:08:d4:c1:
6d:50:d3:10:48:c8:9c:90:31:43:62:ca:a2:dc:2d:
8b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:76:62:26:05:41:72:9D:D0:11:F8:69:04:19:67:31:EB:E7:F7:97
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/aHZiJgVBcp3QEfhpBBlnMevn95c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.147.0/24
94.74.152.0/22
94.74.173.0/24
109.203.161.0/24
109.203.166.0/24
109.203.168.0-109.203.191.255
176.46.129.0-176.46.130.255
176.46.133.0-176.46.135.255
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:04:c1:fd:f0:25:5a:87:65:07:4d:2a:14:2f:87:e6:4a:0a:
f8:2f:ab:23:94:db:41:d6:29:60:6d:cd:13:a1:e9:bf:fe:20:
86:80:40:f2:1d:c7:75:28:ed:65:94:32:03:10:04:6d:39:60:
40:7f:c6:91:12:88:2e:e6:08:b1:21:5f:20:13:ac:6c:fa:3f:
1f:88:61:4d:83:19:54:6f:30:6d:0d:fd:8a:78:6a:c1:5c:da:
46:28:fe:56:57:98:5b:08:05:57:76:b7:6a:b2:54:cc:fb:40:
14:2d:5f:e0:e8:4e:02:f3:d5:b7:0f:a8:38:b2:0b:51:32:64:
ee:ee:ff:76:b1:f3:1f:24:a4:91:a0:ae:46:7a:9b:e2:65:ea:
83:cf:5b:d2:d7:4d:4e:7e:86:27:51:b3:45:e3:40:c2:5e:25:
fd:97:fd:4c:49:76:82:5d:ce:2e:fc:98:e0:8c:17:8b:54:e7:
fc:48:ce:24:fc:62:a1:4a:7a:b7:3f:73:56:16:96:27:3e:12:
ac:40:d4:fa:84:1e:59:0a:c3:89:6c:af:e3:65:8a:92:e3:25:
17:f9:6d:31:c5:1f:3a:b4:9d:04:d9:51:91:a8:28:bc:86:62:
55:95:bf:c2:b2:bf:d0:a6:30:d8:51:2f:c9:b1:3d:7a:b8:0d:
52:63:d7:b1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZa+qLivz4zvWBPm3dIVOwgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNTExMDkyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc2NjIyNjA1NDE3MjlkZDAxMWY4NjkwNDE5NjczMWViZTdmNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwilx8d3PPSdNB89hfNUJ0GIEXKn0
KyHOJqebV/6x4dRuiD+cuyGhrs6Chr2W2b8Zfc5aeb8l0fa/A9svhalrBsvmGRAh
CCWUPX3gALtmsJMSplXyF/oK+T+ZDRGKZt6uKXPDUhUF7z2R+PX8NN/SujkXEBtN
nS2RVpVsfMkFGM7izXAzN0qekvILTJbr4PLEv0dP0pXsq9p7qwNBLSbC/IHEqynJ
3yxol9aiB4upxwnDr8J7y0PP6LlYSw/xxlU9mi/EvQovk7EVCOimqbhCQXphiT8P
RtxD1qxTGvkxjrveVKI4cu/gFjWAj1kI1MFtUNMQSMickDFDYsqi3C2LJQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGh2YiYFQXKd0BH4aQQZZzHr5/eXMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvYUhaaUpnVkJjcDNRRWZocEJCbG5NZXZuOTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAH6o3AwQA
JTGQAwQAJTGTAwQCXkqYAwQAXkqtAwQAbcuhAwQAbcumMAwDBANty6gDBAZty4Aw
DAMEALAugQMEALAugjAMAwQAsC6FAwQDsC6AAwQAsC6TMA0GCSqGSIb3DQEBCwUA
A4IBAQCeBMH98CVah2UHTSoUL4fmSgr4L6sjlNtB1ilgbc0Toem//iCGgEDyHcd1
KO1llDIDEARtOWBAf8aREogu5gixIV8gE6xs+j8fiGFNgxlUbzBtDf2KeGrBXNpG
KP5WV5hbCAVXdrdqslTM+0AULV/g6E4C89W3D6g4sgtRMmTu7v92sfMfJKSRoK5G
epviZeqDz1vS101OfoYnUbNF40DCXiX9l/1MSXaCXc4u/JjgjBeLVOf8SM4k/GKh
Snq3P3NWFpYnPhKsQNT6hB5ZCsOJbK/jZYqS4yUX+W0xxR86tJ0E2VGRqCi8hmJV
lb/Csr/QpjDYUS/JsT16uA1SY9ex
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:36:10 2025 by rpki-client