Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/rztsTufSoR-W_P1Ii78nFC4FuTk.roa
File: rztsTufSoR-W_P1Ii78nFC4FuTk.roa (raw, json)
Hash identifier: xuo1Ar7awubUSeGyu2ODhUDhZtyEioCr27uE58GVZok=
Subject key identifier: AF:3B:6C:4E:E7:D2:A1:1F:96:FC:FD:48:8B:BF:27:14:2E:05:B9:39
Certificate issuer: /CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Certificate serial: 0196F7922EF29455E1B77522C87DA8979CE3
Authority key identifier: 58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/rztsTufSoR-W_P1Ii78nFC4FuTk.roa
Signing time: Thu 22 May 2025 10:37:54 +0000
ROA not before: Thu 22 May 2025 10:37:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 5.42.202.0/24 maxlen: 24
91.142.130.0/24 maxlen: 24
185.102.87.0/24 maxlen: 24
194.31.59.0/24 maxlen: 24
194.31.64.0/24 maxlen: 24
194.31.79.0/24 maxlen: 24
194.31.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:92:2e:f2:94:55:e1:b7:75:22:c8:7d:a8:97:9c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Validity
Not Before: May 22 10:37:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af3b6c4ee7d2a11f96fcfd488bbf27142e05b939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:91:98:84:99:af:55:1d:1f:55:4d:1c:4e:
fa:4c:91:e2:cc:76:3d:86:a9:0f:e4:ae:2d:00:23:
56:04:1f:38:bc:8d:7b:5f:11:e9:e9:6e:af:6f:38:
de:ed:1d:44:30:c1:40:78:a3:a5:4f:18:3b:67:6c:
b7:89:57:ad:92:86:af:56:18:c1:84:e6:41:69:b1:
7d:c7:5d:af:41:95:55:a1:86:a0:2c:49:92:c5:c9:
0b:61:a0:1b:69:7b:a6:54:23:47:1f:da:4d:4a:78:
1f:b3:ce:65:6f:51:21:10:ce:c1:3f:61:48:be:98:
50:e3:f9:fa:fd:b7:04:2a:7b:eb:9c:34:31:d0:78:
86:48:4f:5b:b5:80:cb:07:4d:f7:6e:b2:79:24:e2:
54:8b:ba:2a:cc:60:28:a2:6c:af:5c:12:10:88:ce:
cf:07:90:49:79:77:fe:c7:e1:ca:cd:f1:d6:55:43:
40:20:4e:44:b2:98:c4:9f:62:98:d0:eb:0f:52:20:
a2:bf:80:a5:b4:1f:4f:cf:c7:da:00:54:47:c2:11:
28:40:8a:2b:78:1a:89:0e:fb:03:00:5b:7b:4a:41:
14:82:7f:9d:a3:ac:3d:f2:ae:b3:39:07:e1:d9:bf:
da:5d:fa:5b:d1:53:5b:24:3c:89:6d:3f:12:b2:36:
72:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3B:6C:4E:E7:D2:A1:1F:96:FC:FD:48:8B:BF:27:14:2E:05:B9:39
X509v3 Authority Key Identifier:
keyid:58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/rztsTufSoR-W_P1Ii78nFC4FuTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.202.0/24
91.142.130.0/24
185.102.87.0/24
194.31.59.0/24
194.31.64.0/24
194.31.79.0/24
194.31.87.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:86:0c:25:b0:2c:8e:6f:17:2a:5c:00:f5:74:d1:96:d3:aa:
7b:e1:84:7b:fe:81:57:c9:c0:97:6f:1a:3e:bb:a7:74:c6:6e:
c2:f1:a5:5d:15:7d:92:60:66:01:b3:47:9c:a6:e6:4d:fd:89:
54:ff:af:3c:9e:fa:4c:4c:31:98:d7:de:0f:d3:a5:2f:fb:86:
a1:ee:9a:ff:0b:25:a9:85:02:bc:1a:27:86:91:23:7e:e5:fc:
02:69:3f:6e:6c:03:9a:cb:18:4f:3c:b9:46:8f:a2:a3:df:48:
cc:bf:69:c1:c4:a7:7b:a0:5c:bb:61:67:77:bb:96:b6:28:76:
63:45:9b:d1:95:bd:fa:01:1d:38:0a:3e:33:e1:3e:d7:08:40:
01:29:e9:1a:3d:94:76:1a:f6:49:ba:d7:3d:9d:71:78:aa:b1:
f1:35:4f:c7:ef:d3:52:24:0c:a3:7e:3e:b2:f5:be:21:fa:22:
3a:54:48:14:71:e7:5d:4f:1d:36:85:93:c8:a2:69:92:c0:65:
bb:70:75:28:00:4b:ed:27:04:e7:dd:df:1f:e7:51:d1:2e:7a:
6d:13:70:c5:b5:c9:03:ac:64:84:37:36:10:b7:73:84:41:83:
24:84:40:52:16:11:15:a2:a8:29:8a:6f:8d:8b:52:89:08:f3:
15:7d:c0:f1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZb3ki7ylFXht3UiyH2ol5zjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmM3NGZjNTliN2FiMDk2YTI1N2QzYjYyOTlkMmY2ZmRh
NDZhODAwHhcNMjUwNTIyMTAzNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNiNmM0ZWU3ZDJhMTFmOTZmY2ZkNDg4YmJmMjcxNDJlMDViOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3ORmISZr1UdH1VNHE76TJHizHY9
hqkP5K4tACNWBB84vI17XxHp6W6vbzje7R1EMMFAeKOlTxg7Z2y3iVetkoavVhjB
hOZBabF9x12vQZVVoYagLEmSxckLYaAbaXumVCNHH9pNSngfs85lb1EhEM7BP2FI
vphQ4/n6/bcEKnvrnDQx0HiGSE9btYDLB033brJ5JOJUi7oqzGAoomyvXBIQiM7P
B5BJeXf+x+HKzfHWVUNAIE5EspjEn2KY0OsPUiCiv4CltB9Pz8faAFRHwhEoQIor
eBqJDvsDAFt7SkEUgn+do6w98q6zOQfh2b/aXfpb0VNbJDyJbT8SsjZyAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK87bE7n0qEflvz9SIu/JxQuBbk5MB8GA1UdIwQY
MBaAFFgsdPxZt6sJaiV9O2KZ0vb9pGqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUt
ZjllZmMwNDU3ZmI5LzEvcnp0c1R1ZlNvUi1XX1AxSWk3OG5GQzRGdVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUtZjllZmMwNDU3ZmI5
LzEvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABSrKAwQA
W46CAwQAuWZXAwQAwh87AwQAwh9AAwQAwh9PAwQAwh9XMA0GCSqGSIb3DQEBCwUA
A4IBAQBOhgwlsCyObxcqXAD1dNGW06p74YR7/oFXycCXbxo+u6d0xm7C8aVdFX2S
YGYBs0ecpuZN/YlU/688nvpMTDGY194P06Uv+4ah7pr/CyWphQK8GieGkSN+5fwC
aT9ubAOayxhPPLlGj6Kj30jMv2nBxKd7oFy7YWd3u5a2KHZjRZvRlb36AR04Cj4z
4T7XCEABKekaPZR2GvZJutc9nXF4qrHxNU/H79NSJAyjfj6y9b4h+iI6VEgUcedd
Tx02hZPIommSwGW7cHUoAEvtJwTn3d8f51HRLnptE3DFtckDrGSENzYQt3OEQYMk
hEBSFhEVoqgpim+Ni1KJCPMVfcDx
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:49:01 2025 by rpki-client