Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CcLRGj42YfBnS-DSMVQ56Ed1ds8.roa
File: CcLRGj42YfBnS-DSMVQ56Ed1ds8.roa (raw, json)
Hash identifier: p6KK3vhNlRrVRpgQjaHC47rAMguNzRk9ILNOwRtTjlE=
Subject key identifier: 09:C2:D1:1A:3E:36:61:F0:67:4B:E0:D2:31:54:39:E8:47:75:76:CF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01968381E5B26626E0405649A24A429BE04F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CcLRGj42YfBnS-DSMVQ56Ed1ds8.roa
Signing time: Tue 29 Apr 2025 21:44:10 +0000
ROA not before: Tue 29 Apr 2025 21:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 37.97.112.0/22 maxlen: 24
81.161.52.0/22 maxlen: 24
94.232.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:81:e5:b2:66:26:e0:40:56:49:a2:4a:42:9b:e0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 29 21:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09c2d11a3e3661f0674be0d2315439e8477576cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:b1:52:a3:52:53:9f:bf:f5:95:39:28:1c:
57:6c:cd:75:ef:43:6d:9b:7e:66:4f:b7:b7:c0:d1:
21:cc:03:55:21:b8:1b:7e:7f:30:b6:18:c4:3d:eb:
9a:b6:d5:07:1c:59:94:9c:82:0f:e2:03:b9:75:51:
71:bd:8b:a8:c8:22:77:76:65:a9:f5:07:e5:4c:98:
c2:79:6c:ba:a6:9f:1c:1e:3f:c3:e3:e0:c3:3c:bf:
06:12:9e:24:85:67:94:fe:53:9d:b2:91:01:4c:24:
0c:33:3b:d0:9a:4f:83:22:46:4a:c5:75:1c:7d:2e:
e5:7f:ec:58:7f:06:32:b8:ef:dc:f7:fb:b3:06:44:
5f:53:bf:48:82:be:81:69:a9:ac:3f:1e:d7:fc:c0:
f6:6e:d9:91:40:1b:79:76:48:d1:ae:9d:c3:dd:45:
ab:b0:17:3c:e2:ec:6a:15:c9:1c:a3:c6:13:32:65:
5c:4e:04:94:8a:54:e1:78:fa:22:25:36:3f:03:df:
0b:b1:13:80:b1:dc:d5:35:6f:e7:27:16:64:55:3e:
06:99:89:d0:db:89:b4:81:ef:79:68:3a:a0:75:61:
08:7a:79:ec:af:e4:e5:d1:a3:c7:35:a5:79:0e:60:
86:8d:2f:c4:fd:f1:5a:88:4e:6f:07:b0:c3:31:88:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C2:D1:1A:3E:36:61:F0:67:4B:E0:D2:31:54:39:E8:47:75:76:CF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/CcLRGj42YfBnS-DSMVQ56Ed1ds8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.112.0/22
81.161.52.0/22
94.232.100.0/22
Signature Algorithm: sha256WithRSAEncryption
27:67:8d:aa:14:52:a2:99:2f:fe:57:b4:12:65:32:80:18:0b:
6e:9c:53:29:7d:0b:a1:e2:ad:9d:d7:9d:2d:b9:b8:08:95:71:
e0:04:57:f0:dc:df:36:71:ee:92:59:48:b4:a6:27:4f:79:07:
47:bb:80:c8:fc:1b:89:72:b1:40:d7:53:fb:88:1e:ff:8b:61:
fc:ed:25:59:d6:97:df:c5:27:79:67:32:b4:92:4e:e4:3a:48:
38:01:09:61:b4:e6:21:b4:40:29:8c:bf:61:fc:bb:e0:aa:70:
3f:32:cc:0f:4b:29:99:c8:dc:b0:ea:fc:b4:f5:d0:07:ad:d1:
2a:cc:77:c5:ef:06:58:8a:95:a7:6c:9d:e9:44:ff:06:e7:30:
a1:d3:22:87:59:4d:de:ca:02:f2:12:2b:96:fe:a3:d7:7a:0b:
eb:6c:44:0c:6d:d6:6e:e5:87:60:77:76:a6:21:e2:d1:58:00:
49:2e:e7:b0:c4:ef:1c:08:8c:29:2d:b3:f7:e4:9a:65:69:28:
17:a9:e2:fd:89:b8:cc:02:ce:f3:47:84:5a:f4:0d:9a:87:43:
93:b4:b6:50:1a:48:ea:29:9e:25:16:37:23:2d:1d:09:84:10:
8c:2b:f9:8b:aa:c0:98:a0:95:c2:38:c1:72:7e:37:05:26:8c:
35:9b:07:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaDgeWyZibgQFZJokpCm+BPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDI5MjE0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMyZDExYTNlMzY2MWYwNjc0YmUwZDIzMTU0MzllODQ3NzU3NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsyxUqNSU5+/9ZU5KBxXbM1170Nt
m35mT7e3wNEhzANVIbgbfn8wthjEPeuattUHHFmUnIIP4gO5dVFxvYuoyCJ3dmWp
9QflTJjCeWy6pp8cHj/D4+DDPL8GEp4khWeU/lOdspEBTCQMMzvQmk+DIkZKxXUc
fS7lf+xYfwYyuO/c9/uzBkRfU79Igr6BaamsPx7X/MD2btmRQBt5dkjRrp3D3UWr
sBc84uxqFckco8YTMmVcTgSUilThePoiJTY/A98LsROAsdzVNW/nJxZkVT4GmYnQ
24m0ge95aDqgdWEIennsr+Tl0aPHNaV5DmCGjS/E/fFaiE5vB7DDMYi9IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAnC0Ro+NmHwZ0vg0jFUOehHdXbPMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQ2NMUkdqNDJZZkJuUy1EU01WUTU2RWQxZHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJWFwAwQC
UaE0AwQCXuhkMA0GCSqGSIb3DQEBCwUAA4IBAQAnZ42qFFKimS/+V7QSZTKAGAtu
nFMpfQuh4q2d150tubgIlXHgBFfw3N82ce6SWUi0pidPeQdHu4DI/BuJcrFA11P7
iB7/i2H87SVZ1pffxSd5ZzK0kk7kOkg4AQlhtOYhtEApjL9h/LvgqnA/MswPSymZ
yNyw6vy09dAHrdEqzHfF7wZYipWnbJ3pRP8G5zCh0yKHWU3eygLyEiuW/qPXegvr
bEQMbdZu5Ydgd3amIeLRWABJLuewxO8cCIwpLbP35JplaSgXqeL9ibjMAs7zR4Ra
9A2ah0OTtLZQGkjqKZ4lFjcjLR0JhBCMK/mLqsCYoJXCOMFyfjcFJow1mweA
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:09:16 2025 by rpki-client