Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ymJp7HISBj0p6-vEi_s9etWAgM4.roa
File: ymJp7HISBj0p6-vEi_s9etWAgM4.roa (raw, json)
Hash identifier: AY4z2OjO/3eefpDKUZbNSVp/8J59RozeSssJEh5mcj8=
Subject key identifier: CA:62:69:EC:72:12:06:3D:29:EB:EB:C4:8B:FB:3D:7A:D5:80:80:CE
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019713213D0033954C1BE8AB6E6B9C959A98
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ymJp7HISBj0p6-vEi_s9etWAgM4.roa
Signing time: Tue 27 May 2025 19:03:54 +0000
ROA not before: Tue 27 May 2025 19:03:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 23:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:21:3d:00:33:95:4c:1b:e8:ab:6e:6b:9c:95:9a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 27 19:03:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca6269ec7212063d29ebebc48bfb3d7ad58080ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:97:37:2b:1f:9c:47:5d:bb:71:c8:97:91:53:
16:b5:24:b2:ef:70:42:a1:b1:05:a7:5f:84:3c:ee:
fc:22:22:69:ee:ab:d5:11:2c:82:3a:0b:8b:bf:3f:
c8:5c:35:46:6b:4d:ed:28:78:a8:85:38:32:0f:3f:
83:30:36:78:e2:32:9b:98:a3:c8:ea:12:f5:78:21:
26:f9:25:dc:44:df:b3:a9:67:7d:2e:16:b6:cd:2a:
6c:96:06:1f:ed:c1:ac:ac:4f:35:1d:0d:52:1e:ff:
ae:7e:87:31:2c:7a:72:21:93:56:11:a5:62:93:23:
c1:7a:54:ef:80:35:9a:c5:50:fa:0e:d5:92:2c:cb:
b0:25:f4:32:28:0a:32:ad:d5:24:56:63:f8:92:4b:
dc:35:cd:04:84:b4:e5:a7:09:b1:05:c9:be:23:ed:
96:b6:21:c9:7d:ea:ee:33:76:34:62:c2:31:01:d7:
c6:83:86:c9:31:21:44:e7:27:dc:f4:65:b6:2b:8f:
2f:49:55:eb:35:98:24:95:9d:d7:ce:09:1e:66:e2:
8a:96:1d:5a:0e:f3:a9:66:d8:b2:e0:06:97:a1:12:
ba:68:91:2f:8e:6e:56:f6:67:dc:49:95:9a:77:c1:
75:2f:73:29:2e:20:c3:46:f7:35:77:49:03:a2:d1:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:62:69:EC:72:12:06:3D:29:EB:EB:C4:8B:FB:3D:7A:D5:80:80:CE
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ymJp7HISBj0p6-vEi_s9etWAgM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
26:dc:3d:85:92:4b:b5:25:fc:df:24:d9:7c:bf:47:40:18:8b:
31:1e:24:4d:3d:52:73:98:b4:16:a0:38:dc:e4:77:27:d8:ce:
ae:b7:8b:37:d4:59:57:37:1b:85:de:f7:a0:6e:e9:a2:1f:de:
92:78:b4:c5:81:f8:5d:3c:33:c5:9a:d9:0d:17:a4:27:a3:7c:
b1:aa:ce:e1:fe:fd:06:90:2b:4c:54:f2:9a:03:e0:d5:da:10:
88:a2:ea:84:36:1e:fb:78:fd:02:53:97:5b:cd:bf:a9:67:ef:
b3:80:07:c7:bb:6e:f9:33:af:5a:a0:ff:d0:1f:55:c6:60:63:
72:ed:b0:6b:52:6f:d5:20:16:3c:4e:b5:d7:fd:57:dd:fa:a2:
ba:2f:99:7c:76:f0:80:6e:3d:8b:a8:d4:5e:f0:56:2b:96:3c:
e3:70:38:cf:e9:39:d3:45:3a:0b:93:89:38:1c:35:36:e6:c4:
de:3b:b6:b6:ac:28:cd:4a:28:5c:9f:48:8b:45:2d:d5:a0:49:
34:8e:aa:ae:83:c5:0e:ed:37:f2:21:cb:26:27:4c:65:3c:5f:
38:48:e2:0d:08:ad:af:45:39:1e:85:bb:d3:8f:e8:68:5d:42:
21:41:08:40:db:8e:25:99:a2:22:44:42:91:d4:a2:95:fa:f3:
21:43:13:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcTIT0AM5VMG+irbmuclZqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNTI3MTkwMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYyNjllYzcyMTIwNjNkMjllYmViYzQ4YmZiM2Q3YWQ1ODA4MGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJc3Kx+cR127cciXkVMWtSSy73BC
obEFp1+EPO78IiJp7qvVESyCOguLvz/IXDVGa03tKHiohTgyDz+DMDZ44jKbmKPI
6hL1eCEm+SXcRN+zqWd9Lha2zSpslgYf7cGsrE81HQ1SHv+ufocxLHpyIZNWEaVi
kyPBelTvgDWaxVD6DtWSLMuwJfQyKAoyrdUkVmP4kkvcNc0EhLTlpwmxBcm+I+2W
tiHJferuM3Y0YsIxAdfGg4bJMSFE5yfc9GW2K48vSVXrNZgklZ3XzgkeZuKKlh1a
DvOpZtiy4AaXoRK6aJEvjm5W9mfcSZWad8F1L3MpLiDDRvc1d0kDotF51wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMpiaexyEgY9KevrxIv7PXrVgIDOMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEveW1KcDdISVNCajBwNi12RWlfczlldFdBZ000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQAm3D2Fkku1JfzfJNl8v0dAGIsxHiRNPVJz
mLQWoDjc5Hcn2M6ut4s31FlXNxuF3vegbumiH96SeLTFgfhdPDPFmtkNF6Qno3yx
qs7h/v0GkCtMVPKaA+DV2hCIouqENh77eP0CU5dbzb+pZ++zgAfHu275M69aoP/Q
H1XGYGNy7bBrUm/VIBY8TrXX/Vfd+qK6L5l8dvCAbj2LqNRe8FYrljzjcDjP6TnT
RToLk4k4HDU25sTeO7a2rCjNSihcn0iLRS3VoEk0jqqug8UO7TfyIcsmJ0xlPF84
SOINCK2vRTkehbvTj+hoXUIhQQhA244lmaIiREKR1KKV+vMhQxMr
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:51:48 2025 by rpki-client