Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/txttKzsLJkY8gbNtZCV5qz-4CbU.roa
File: txttKzsLJkY8gbNtZCV5qz-4CbU.roa (raw, json)
Hash identifier: 15a96b1Fi4+O1cBOo6+7ym2V5lOwNCIsUKyVOWkTdOk=
Subject key identifier: B7:1B:6D:2B:3B:0B:26:46:3C:81:B3:6D:64:25:79:AB:3F:B8:09:B5
Certificate issuer: /CN=086438e9889389829fa5f51b6a210731082eac22
Certificate serial: 019740263FFC3A97D6880922205DFE1CE826
Authority key identifier: 08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/txttKzsLJkY8gbNtZCV5qz-4CbU.roa
Signing time: Thu 05 Jun 2025 12:52:17 +0000
ROA not before: Thu 05 Jun 2025 12:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400318
IP address blocks: 193.57.228.0/24 maxlen: 24
193.57.229.0/24 maxlen: 24
193.57.230.0/24 maxlen: 24
193.57.230.224/29 maxlen: 29
193.57.231.0/24 maxlen: 24
194.165.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:26:3f:fc:3a:97:d6:88:09:22:20:5d:fe:1c:e8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086438e9889389829fa5f51b6a210731082eac22
Validity
Not Before: Jun 5 12:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b71b6d2b3b0b26463c81b36d642579ab3fb809b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:24:b4:10:be:65:10:90:15:2f:eb:88:8a:30:
2d:eb:df:e0:2c:93:13:1d:97:a5:1c:d3:a0:ea:54:
46:7c:11:8a:05:de:01:19:4a:75:c3:24:26:7f:37:
a9:78:62:7b:81:d0:db:a7:80:90:03:20:08:b4:c5:
8b:43:67:3d:7c:52:b2:6c:ba:73:38:66:94:16:28:
81:e1:38:ab:80:59:44:65:87:cd:29:37:18:42:de:
27:3f:81:d2:3f:6d:ee:3c:3f:49:56:1c:e6:5f:af:
90:de:53:a6:ff:22:7f:ee:63:90:07:4a:6d:0b:58:
81:a3:65:89:ec:67:f7:47:5f:57:2a:36:14:82:a5:
0c:42:3d:e3:85:3d:e1:44:16:0f:ed:97:de:04:30:
2b:da:53:62:ec:68:2e:a1:0d:ea:92:12:9c:bc:10:
a3:ff:7f:2e:4e:07:3a:53:2d:07:2a:20:ed:e8:1c:
d6:fd:79:29:ca:cb:8b:73:c5:bd:6b:e5:6f:6d:d4:
f5:cf:9f:72:64:23:22:ca:b6:93:22:cd:7b:b3:8e:
4f:e1:bf:1c:9b:42:3e:e8:e4:ed:1e:81:b4:e8:71:
85:95:5b:84:08:ce:f1:ce:cf:f6:7f:61:f9:35:6f:
15:1a:ec:54:12:57:79:a1:35:b8:66:c6:6a:46:a4:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1B:6D:2B:3B:0B:26:46:3C:81:B3:6D:64:25:79:AB:3F:B8:09:B5
X509v3 Authority Key Identifier:
keyid:08:64:38:E9:88:93:89:82:9F:A5:F5:1B:6A:21:07:31:08:2E:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGQ46YiTiYKfpfUbaiEHMQgurCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/txttKzsLJkY8gbNtZCV5qz-4CbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e49ae7-a51a-4764-85c8-a7810e3a1beb/1/CGQ46YiTiYKfpfUbaiEHMQgurCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.228.0/22
194.165.37.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:03:c8:44:10:d8:06:e2:0e:18:92:f7:fb:45:8b:cc:f4:6a:
0d:7f:d3:37:00:0e:66:56:ad:14:d6:64:73:6f:2f:e2:46:28:
5d:28:2a:11:86:cd:a1:4d:f2:b4:d3:98:ab:8c:b5:da:8e:81:
1d:fa:2e:7b:89:27:e8:9c:b8:ee:98:04:3c:75:9e:2b:b9:41:
c8:62:80:5b:6b:0a:60:e8:df:70:b9:1c:52:4d:39:de:5d:3a:
b0:c4:3f:67:c6:d9:c3:4f:73:0a:b0:7f:f0:8a:b9:26:47:da:
3b:70:bf:fb:9a:d1:e5:de:39:26:02:bb:8f:0d:08:04:bc:50:
07:f0:7b:35:b2:38:ed:e7:38:a6:15:0c:bf:70:08:96:71:85:
e4:8d:79:57:db:2a:3f:d9:b6:5f:84:f9:53:c3:26:4f:8d:3c:
da:9a:70:bd:b1:37:65:b0:1f:3b:1f:3e:1e:b1:d7:e2:cd:ed:
f6:67:43:2f:69:1f:13:f1:be:d0:28:31:0a:c8:f2:35:b8:e2:
8c:30:f5:af:db:a2:84:ad:19:35:8c:0c:35:d3:29:f1:30:10:
f8:c6:8e:5c:98:0b:bc:c7:23:77:ba:df:37:3c:30:eb:d5:3f:
62:ad:bd:69:73:55:d8:6e:53:27:da:c7:37:b4:54:92:88:91:
bb:07:0b:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdAJj/8OpfWiAkiIF3+HOgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjQzOGU5ODg5Mzg5ODI5ZmE1ZjUxYjZhMjEwNzMxMDgy
ZWFjMjIwHhcNMjUwNjA1MTI1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFiNmQyYjNiMGIyNjQ2M2M4MWIzNmQ2NDI1NzlhYjNmYjgwOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SS0EL5lEJAVL+uIijAt69/gLJMT
HZelHNOg6lRGfBGKBd4BGUp1wyQmfzepeGJ7gdDbp4CQAyAItMWLQ2c9fFKybLpz
OGaUFiiB4TirgFlEZYfNKTcYQt4nP4HSP23uPD9JVhzmX6+Q3lOm/yJ/7mOQB0pt
C1iBo2WJ7Gf3R19XKjYUgqUMQj3jhT3hRBYP7ZfeBDAr2lNi7GguoQ3qkhKcvBCj
/38uTgc6Uy0HKiDt6BzW/XkpysuLc8W9a+VvbdT1z59yZCMiyraTIs17s45P4b8c
m0I+6OTtHoG06HGFlVuECM7xzs/2f2H5NW8VGuxUEld5oTW4ZsZqRqREgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcbbSs7CyZGPIGzbWQleas/uAm1MB8GA1UdIwQY
MBaAFAhkOOmIk4mCn6X1G2ohBzEILqwiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1Yzgt
YTc4MTBlM2ExYmViLzEvdHh0dEt6c0xKa1k4Z2JOdFpDVjVxei00Q2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lNDlhZTctYTUxYS00NzY0LTg1YzgtYTc4MTBlM2ExYmVi
LzEvQ0dRNDZZaVRpWUtmcGZVYmFpRUhNUWd1ckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwTnkAwQA
wqUlMA0GCSqGSIb3DQEBCwUAA4IBAQB+A8hEENgG4g4Ykvf7RYvM9GoNf9M3AA5m
Vq0U1mRzby/iRihdKCoRhs2hTfK005irjLXajoEd+i57iSfonLjumAQ8dZ4ruUHI
YoBbawpg6N9wuRxSTTneXTqwxD9nxtnDT3MKsH/wirkmR9o7cL/7mtHl3jkmAruP
DQgEvFAH8Hs1sjjt5zimFQy/cAiWcYXkjXlX2yo/2bZfhPlTwyZPjTzamnC9sTdl
sB87Hz4esdfize32Z0MvaR8T8b7QKDEKyPI1uOKMMPWv26KErRk1jAw10ynxMBD4
xo5cmAu8xyN3ut83PDDr1T9irb1pc1XYblMn2sc3tFSSiJG7Bwuh
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:23:56 2025 by rpki-client