Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/m3TD70Wk8LjMHagCf7nprKktZHM.roa
File: m3TD70Wk8LjMHagCf7nprKktZHM.roa (raw, json)
Hash identifier: +OB3m2U7o6BE+QfdP9KhiHkHyl0xJ3vodcbBJvAYpFU=
Subject key identifier: 9B:74:C3:EF:45:A4:F0:B8:CC:1D:A8:02:7F:B9:E9:AC:A9:2D:64:73
Certificate issuer: /CN=f887ac7e5b289ce681b2474c38f7952cca9c0fb8
Certificate serial: 0196A48C747ACAF50BDFD45450A610F5EEDB
Authority key identifier: F8:87:AC:7E:5B:28:9C:E6:81:B2:47:4C:38:F7:95:2C:CA:9C:0F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IesflsonOaBskdMOPeVLMqcD7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/m3TD70Wk8LjMHagCf7nprKktZHM.roa
Signing time: Tue 06 May 2025 07:43:10 +0000
ROA not before: Tue 06 May 2025 07:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202055
IP address blocks: 185.54.156.0/24 maxlen: 24
185.54.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/1-IesflsonOaBskdMOPeVLMqcD7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/1-IesflsonOaBskdMOPeVLMqcD7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-IesflsonOaBskdMOPeVLMqcD7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:8c:74:7a:ca:f5:0b:df:d4:54:50:a6:10:f5:ee:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f887ac7e5b289ce681b2474c38f7952cca9c0fb8
Validity
Not Before: May 6 07:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b74c3ef45a4f0b8cc1da8027fb9e9aca92d6473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:32:90:ac:f6:e7:fe:65:44:b0:02:5f:2e:
ae:b1:98:3f:8a:2b:ef:bb:12:14:68:f9:d0:2b:16:
b6:b6:32:40:ec:cd:cb:1a:dd:5a:fc:b6:ba:2d:79:
c0:87:56:28:a7:be:ad:cf:b8:e5:73:da:5b:91:9d:
e1:38:db:b8:f9:a4:e6:69:35:e5:02:ae:fa:f5:ad:
bf:f5:62:8b:7c:60:86:b2:22:f7:1c:08:8e:8a:06:
27:4f:b0:ce:22:5e:26:74:04:d5:48:12:db:bd:aa:
32:52:a7:34:d9:bd:cd:7b:54:9d:7c:48:5b:b6:ed:
b1:97:f9:fc:e1:ea:35:69:73:69:9a:b3:26:ee:6a:
16:2f:31:3b:85:90:41:ec:0e:29:10:cb:b0:3d:0e:
1c:b3:86:e0:a3:18:b6:b7:df:44:88:4e:5a:0e:ef:
c0:5c:8b:e3:98:14:31:cb:13:7f:c1:47:14:1b:24:
1e:8d:dd:fb:a0:20:84:b4:63:a0:c5:e9:dc:30:ac:
74:24:5a:1f:7a:78:4a:10:59:75:c0:5e:12:c3:d2:
4e:3f:05:56:ef:a5:57:f1:a9:4c:58:6d:4d:e6:ba:
2f:86:e5:d9:94:eb:d4:f0:49:9c:9d:ed:23:19:91:
35:b0:0c:ad:e2:b0:c4:e5:56:01:ba:4e:ba:bf:10:
97:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:74:C3:EF:45:A4:F0:B8:CC:1D:A8:02:7F:B9:E9:AC:A9:2D:64:73
X509v3 Authority Key Identifier:
keyid:F8:87:AC:7E:5B:28:9C:E6:81:B2:47:4C:38:F7:95:2C:CA:9C:0F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IesflsonOaBskdMOPeVLMqcD7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/m3TD70Wk8LjMHagCf7nprKktZHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/cc3ad4-ff1a-4497-82da-8d51db65db66/1/1-IesflsonOaBskdMOPeVLMqcD7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.156.0/24
185.54.159.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3e:9e:d3:05:6f:0c:31:53:4a:40:b5:f2:54:e3:81:22:97:
1b:ff:a3:33:52:bb:b4:67:d8:53:8c:e7:d3:01:03:c6:1f:96:
42:ae:ce:89:78:88:c2:b3:60:ef:27:26:a4:9d:7a:2a:c6:fb:
48:09:09:29:95:be:a3:36:04:ce:86:81:fc:d0:f9:6b:b8:0b:
21:0c:18:a3:b5:ad:0d:24:07:0b:8a:87:66:66:d6:11:e3:0d:
6a:eb:d7:6b:65:97:ed:76:a2:20:5f:44:e4:4f:15:64:02:e3:
ab:d1:6f:68:73:80:fc:11:d3:f8:6f:15:7a:30:82:62:99:7c:
f4:a2:70:94:fd:3c:14:26:f1:65:70:ff:9e:5c:c7:6c:4d:3a:
48:9a:0f:6d:b9:44:95:67:60:30:51:50:b3:bc:67:85:10:f3:
f3:0c:a6:5a:41:7b:4f:10:65:03:57:a1:59:ac:06:6b:1d:f7:
a2:49:11:bb:5d:86:e6:37:32:17:e0:d0:99:d7:d2:cf:3c:d4:
49:fc:1d:07:ee:c5:bc:b2:89:14:e2:cd:07:21:6a:ed:2b:2b:
d9:36:24:6a:98:f6:4b:43:75:0f:41:37:06:80:18:ea:62:fd:
1f:ad:84:63:6c:01:b7:6d:58:13:72:79:19:83:99:d8:98:3e:
f3:05:7e:49
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZakjHR6yvUL39RUUKYQ9e7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODdhYzdlNWIyODljZTY4MWIyNDc0YzM4Zjc5NTJjY2E5
YzBmYjgwHhcNMjUwNTA2MDc0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc0YzNlZjQ1YTRmMGI4Y2MxZGE4MDI3ZmI5ZTlhY2E5MmQ2NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdYykKz25/5lRLACXy6usZg/iivv
uxIUaPnQKxa2tjJA7M3LGt1a/La6LXnAh1Yop76tz7jlc9pbkZ3hONu4+aTmaTXl
Aq769a2/9WKLfGCGsiL3HAiOigYnT7DOIl4mdATVSBLbvaoyUqc02b3Ne1SdfEhb
tu2xl/n84eo1aXNpmrMm7moWLzE7hZBB7A4pEMuwPQ4cs4bgoxi2t99EiE5aDu/A
XIvjmBQxyxN/wUcUGyQejd37oCCEtGOgxencMKx0JFofenhKEFl1wF4Sw9JOPwVW
76VX8alMWG1N5rovhuXZlOvU8Emcne0jGZE1sAyt4rDE5VYBuk66vxCX2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJt0w+9FpPC4zB2oAn+56aypLWRzMB8GA1UdIwQY
MBaAFPiHrH5bKJzmgbJHTDj3lSzKnA+4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JZXNmbHNvbk9hQnNrZE1PUGVWTE1xY0Q3Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkvY2MzYWQ0LWZmMWEtNDQ5Ny04MmRh
LThkNTFkYjY1ZGI2Ni8xL20zVEQ3MFdrOExqTUhhZ0NmN25wcktrdFpITS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDkvY2MzYWQ0LWZmMWEtNDQ5Ny04MmRhLThkNTFkYjY1ZGI2
Ni8xLzEtSWVzZmxzb25PYUJza2RNT1BlVkxNcWNEN2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC5NpwD
BAC5Np8wDQYJKoZIhvcNAQELBQADggEBAAg+ntMFbwwxU0pAtfJU44Eilxv/ozNS
u7Rn2FOM59MBA8YflkKuzol4iMKzYO8nJqSdeirG+0gJCSmVvqM2BM6GgfzQ+Wu4
CyEMGKO1rQ0kBwuKh2Zm1hHjDWrr12tll+12oiBfRORPFWQC46vRb2hzgPwR0/hv
FXowgmKZfPSicJT9PBQm8WVw/55cx2xNOkiaD225RJVnYDBRULO8Z4UQ8/MMplpB
e08QZQNXoVmsBmsd96JJEbtdhuY3Mhfg0JnX0s881En8HQfuxbyyiRTizQchau0r
K9k2JGqY9ktDdQ9BNwaAGOpi/R+thGNsAbdtWBNyeRmDmdiYPvMFfkk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:44:25 2025 by rpki-client