Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/anRCvSGXJN-cP3l_C6L2k19y4zA.roa
File: anRCvSGXJN-cP3l_C6L2k19y4zA.roa (raw, json)
Hash identifier: o5ciTWqaZzCbSMaIT6261kWGdGN0gxeTcqMlc5EBp70=
Subject key identifier: 6A:74:42:BD:21:97:24:DF:9C:3F:79:7F:0B:A2:F6:93:5F:72:E3:30
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01973F348D85827E2240E9B928B2B331B3B0
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/anRCvSGXJN-cP3l_C6L2k19y4zA.roa
Signing time: Thu 05 Jun 2025 08:28:18 +0000
ROA not before: Thu 05 Jun 2025 08:28:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 31.135.2.0/24 maxlen: 24
64.43.64.0/24 maxlen: 24
176.116.228.0/24 maxlen: 24
193.36.200.0/24 maxlen: 24
193.36.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 20:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:34:8d:85:82:7e:22:40:e9:b9:28:b2:b3:31:b3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 5 08:28:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a7442bd219724df9c3f797f0ba2f6935f72e330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:55:f1:d9:b7:19:17:4f:a5:16:fe:db:a2:7d:
ed:f8:8d:56:6c:59:b1:c6:f5:db:54:e6:f3:ee:9d:
83:bf:99:85:97:c7:bc:20:db:e6:b0:58:ec:4c:b6:
3a:06:22:7f:b7:91:33:12:c8:e1:9a:c5:8f:ca:44:
6c:9d:3a:e1:20:c5:95:0b:48:7f:9f:1b:85:9c:ee:
4d:78:f5:03:f1:d1:32:bd:1b:60:6d:a2:26:92:c0:
8a:63:a3:2b:46:e0:dd:7f:7b:42:63:61:38:7d:b2:
9c:f4:31:8e:0f:ac:33:d6:39:d6:5c:dc:05:df:21:
8f:69:16:b5:50:54:f7:06:83:82:0d:cd:5b:b4:b5:
70:03:ad:1b:a8:ca:6a:fd:51:aa:a2:45:fe:45:06:
be:41:4b:54:35:b4:33:46:ae:cc:50:88:e9:65:5f:
02:2e:17:fd:1c:7a:74:61:69:31:78:1b:b0:f2:04:
93:6a:07:e8:d3:e1:6b:0c:25:cd:87:9e:77:22:ff:
ee:0b:e0:6f:7f:58:3a:e7:94:5f:b8:67:39:d6:29:
3e:f7:54:49:1a:f2:e3:42:81:6e:7a:51:8d:41:72:
27:f7:56:85:39:42:e1:dd:33:1c:2f:08:59:d7:52:
b3:00:a9:32:5e:0f:10:28:11:0a:75:c8:46:08:57:
67:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:74:42:BD:21:97:24:DF:9C:3F:79:7F:0B:A2:F6:93:5F:72:E3:30
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/anRCvSGXJN-cP3l_C6L2k19y4zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.2.0/24
64.43.64.0/24
176.116.228.0/24
193.36.200.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:21:74:9c:bc:94:49:07:70:77:be:ec:78:24:25:0a:3d:05:
4e:3a:f0:ff:b6:53:c3:36:13:ea:5c:de:08:63:70:96:8b:71:
e8:49:28:ba:58:88:7d:e9:2b:d9:45:56:91:cc:1c:91:b3:dd:
2c:f0:24:88:80:fb:16:c1:ed:e3:a3:2a:57:ac:64:48:b7:d2:
43:14:63:c4:9d:d9:95:8a:39:6c:50:7d:58:dc:5c:6a:8c:b0:
76:5b:96:4b:e1:19:46:4d:52:14:28:59:38:5c:f9:c8:68:28:
80:15:01:a3:3f:f0:e9:d0:03:d9:3f:28:36:69:32:76:c5:62:
43:82:a8:bc:b3:a3:fd:7e:b3:e3:9f:77:7a:94:c4:9c:84:ec:
2c:91:7a:3b:c3:76:70:21:c2:cd:62:1a:49:81:41:b5:5a:e7:
a0:62:0d:60:4f:17:35:ea:3d:a0:59:e7:34:3f:e4:15:d2:26:
23:cf:98:70:83:74:1b:25:6c:7d:a7:0f:ec:83:ae:19:a9:78:
d9:fd:b6:6b:3d:e8:6a:02:ed:c0:8f:29:74:64:f7:7d:49:97:
d3:66:aa:2c:4e:4a:f7:45:53:41:1e:e1:04:63:18:19:d8:67:
9c:fa:f3:b4:12:bd:2c:53:44:e3:12:74:db:97:dd:0c:08:8c:
a3:d5:6e:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc/NI2Fgn4iQOm5KLKzMbOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNjA1MDgyODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTc0NDJiZDIxOTcyNGRmOWMzZjc5N2YwYmEyZjY5MzVmNzJlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVXx2bcZF0+lFv7bon3t+I1WbFmx
xvXbVObz7p2Dv5mFl8e8INvmsFjsTLY6BiJ/t5EzEsjhmsWPykRsnTrhIMWVC0h/
nxuFnO5NePUD8dEyvRtgbaImksCKY6MrRuDdf3tCY2E4fbKc9DGOD6wz1jnWXNwF
3yGPaRa1UFT3BoOCDc1btLVwA60bqMpq/VGqokX+RQa+QUtUNbQzRq7MUIjpZV8C
Lhf9HHp0YWkxeBuw8gSTagfo0+FrDCXNh553Iv/uC+Bvf1g655RfuGc51ik+91RJ
GvLjQoFuelGNQXIn91aFOULh3TMcLwhZ11KzAKkyXg8QKBEKdchGCFdnXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGp0Qr0hlyTfnD95fwui9pNfcuMwMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYW5SQ3ZTR1hKTi1jUDNsX0M2TDJrMTl5NHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4cCAwQA
QCtAAwQAsHTkAwQBwSTIMA0GCSqGSIb3DQEBCwUAA4IBAQAaIXScvJRJB3B3vux4
JCUKPQVOOvD/tlPDNhPqXN4IY3CWi3HoSSi6WIh96SvZRVaRzByRs90s8CSIgPsW
we3joypXrGRIt9JDFGPEndmVijlsUH1Y3FxqjLB2W5ZL4RlGTVIUKFk4XPnIaCiA
FQGjP/Dp0APZPyg2aTJ2xWJDgqi8s6P9frPjn3d6lMSchOwskXo7w3ZwIcLNYhpJ
gUG1WuegYg1gTxc16j2gWec0P+QV0iYjz5hwg3QbJWx9pw/sg64ZqXjZ/bZrPehq
Au3Ajyl0ZPd9SZfTZqosTkr3RVNBHuEEYxgZ2Gec+vO0Er0sU0TjEnTbl90MCIyj
1W5m
-----END CERTIFICATE-----
Generated at Sat Jun 7 02:21:22 2025 by rpki-client