Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/E_L2oklniQj05pWuM0xgBEBv9Z0.roa
File: E_L2oklniQj05pWuM0xgBEBv9Z0.roa (raw, json)
Hash identifier: vggfw58sjlCL17O/pPVvpJxnAr4298gihw1aekiLNHY=
Subject key identifier: 13:F2:F6:A2:49:67:89:08:F4:E6:95:AE:33:4C:60:04:40:6F:F5:9D
Certificate issuer: /CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Certificate serial: 0197456E7B141FB06963867719CAE8F5094B
Authority key identifier: 65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/E_L2oklniQj05pWuM0xgBEBv9Z0.roa
Signing time: Fri 06 Jun 2025 13:29:17 +0000
ROA not before: Fri 06 Jun 2025 13:29:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210772
IP address blocks: 139.28.140.0/22 maxlen: 22
185.112.156.0/22 maxlen: 22
2a02:6080::/32 maxlen: 32
2a09:740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:6e:7b:14:1f:b0:69:63:86:77:19:ca:e8:f5:09:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Validity
Not Before: Jun 6 13:29:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13f2f6a249678908f4e695ae334c6004406ff59d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:f8:8d:5e:52:79:24:40:18:b0:af:96:fa:
86:51:d4:65:c6:a3:68:26:01:b4:29:c7:a2:c9:38:
2c:38:b2:50:41:f9:5b:03:a9:11:75:b5:c8:11:82:
ab:29:fe:d7:b9:64:85:08:a8:8d:71:b7:92:1d:ad:
66:29:1d:1e:2f:42:88:b3:7a:14:75:95:22:9d:05:
8d:4c:6f:ae:8a:f5:7f:64:da:80:78:3a:67:b8:aa:
ed:26:d9:6d:19:aa:19:21:67:5b:8d:8f:fe:1f:68:
a0:0e:68:5c:5d:30:25:d9:c4:94:05:69:9a:a7:b5:
b9:91:b1:b4:9b:a7:3c:ec:60:d0:9b:c7:6f:58:7a:
a8:cf:75:f0:85:7b:36:78:9a:7f:84:de:1f:b5:d2:
b5:72:41:44:69:29:c8:ed:62:a9:fa:cb:c3:38:74:
88:48:85:c6:43:8c:f4:82:cc:47:2d:3f:47:6f:06:
00:ba:1d:69:11:6c:09:ff:63:f5:53:aa:dc:bb:3f:
c5:0a:a7:94:88:c0:b0:4b:9f:28:58:c0:0a:7c:94:
83:ae:7d:c5:a4:84:8d:b1:2c:01:ef:71:f4:e9:0d:
66:e0:ad:e3:9c:ca:61:94:7c:2a:69:58:a7:21:9a:
79:37:26:02:70:29:7f:99:48:11:d8:1e:06:2f:70:
a8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F2:F6:A2:49:67:89:08:F4:E6:95:AE:33:4C:60:04:40:6F:F5:9D
X509v3 Authority Key Identifier:
keyid:65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/E_L2oklniQj05pWuM0xgBEBv9Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.140.0/22
185.112.156.0/22
IPv6:
2a02:6080::/32
2a09:740::/32
Signature Algorithm: sha256WithRSAEncryption
84:58:cf:0e:97:5c:a3:09:b1:0a:8b:57:1e:16:1e:64:10:bd:
d9:fc:48:d1:a2:95:69:29:b7:41:3a:1b:c5:9f:48:db:97:27:
7b:58:fa:ed:d6:32:a1:fc:d2:b0:d6:7b:16:be:a3:8f:c0:31:
6f:72:54:b5:d7:59:f0:cf:c2:3b:09:23:55:76:91:ae:5f:54:
13:8c:36:5b:0e:2b:ec:6c:23:1e:08:1c:fe:5e:93:06:9d:40:
26:8a:cd:e6:10:39:77:66:b2:0b:b4:c2:b2:1e:51:bb:88:2e:
7f:97:7d:ba:dd:71:84:06:3a:f8:76:d6:0d:66:3d:bf:26:d3:
3b:db:a7:fa:39:08:4b:bf:a1:84:b3:ea:86:af:40:59:34:f6:
67:16:48:4b:f5:8d:d3:c6:70:7c:4b:21:66:96:dd:1e:71:46:
fd:7b:11:25:f4:b2:d2:a2:0a:b7:ec:85:94:fa:35:50:3b:36:
50:72:29:2b:80:19:33:93:b2:37:4c:79:bb:3c:2a:f7:f2:0f:
41:59:fb:58:75:f8:08:b0:36:09:cb:64:2d:74:31:59:b0:5b:
09:53:a5:62:c0:8b:b3:ab:a5:4e:df:a3:3c:2f:01:b9:28:f5:
a4:a1:a1:5a:c2:db:f5:88:26:62:6d:3f:a3:cf:f4:71:a4:09:
b1:b6:18:db
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZdFbnsUH7BpY4Z3Gcro9QlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmYjg5YThhMjNjYmU0ZjJhZGIxNjVjODlmMjZkZThh
Yjc4NzYwHhcNMjUwNjA2MTMyOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2YyZjZhMjQ5Njc4OTA4ZjRlNjk1YWUzMzRjNjAwNDQwNmZmNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu/4jV5SeSRAGLCvlvqGUdRlxqNo
JgG0KceiyTgsOLJQQflbA6kRdbXIEYKrKf7XuWSFCKiNcbeSHa1mKR0eL0KIs3oU
dZUinQWNTG+uivV/ZNqAeDpnuKrtJtltGaoZIWdbjY/+H2igDmhcXTAl2cSUBWma
p7W5kbG0m6c87GDQm8dvWHqoz3XwhXs2eJp/hN4ftdK1ckFEaSnI7WKp+svDOHSI
SIXGQ4z0gsxHLT9HbwYAuh1pEWwJ/2P1U6rcuz/FCqeUiMCwS58oWMAKfJSDrn3F
pISNsSwB73H06Q1m4K3jnMphlHwqaVinIZp5NyYCcCl/mUgR2B4GL3CoGwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBPy9qJJZ4kI9OaVrjNMYARAb/WdMB8GA1UdIwQY
MBaAFGWW+4moojy+TyrbFlyJ8m3oq3h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUt
MjAyZTE5YzA4OGIxLzEvRV9MMm9rbG5pUWowNXBXdU0weGdCRUJ2OVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUtMjAyZTE5YzA4OGIx
LzEvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCixyMAwQC
uXCcMBQEAgACMA4DBQAqAmCAAwUAKgkHQDANBgkqhkiG9w0BAQsFAAOCAQEAhFjP
DpdcowmxCotXHhYeZBC92fxI0aKVaSm3QTobxZ9I25cne1j67dYyofzSsNZ7Fr6j
j8Axb3JUtddZ8M/COwkjVXaRrl9UE4w2Ww4r7GwjHggc/l6TBp1AJorN5hA5d2ay
C7TCsh5Ru4guf5d9ut1xhAY6+HbWDWY9vybTO9un+jkIS7+hhLPqhq9AWTT2ZxZI
S/WN08ZwfEshZpbdHnFG/XsRJfSy0qIKt+yFlPo1UDs2UHIpK4AZM5OyN0x5uzwq
9/IPQVn7WHX4CLA2CctkLXQxWbBbCVOlYsCLs6ulTt+jPC8BuSj1pKGhWsLb9Ygm
Ym0/o8/0caQJsbYY2w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:45:08 2025 by rpki-client