Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/sRlrf2L_j98uPIoNnChhrs6bing.roa
File: sRlrf2L_j98uPIoNnChhrs6bing.roa (raw, json)
Hash identifier: 1ZhMP4XH7DUgYDZTVYKViXDgJjDrkhtBjx0bS6tr/u4=
Subject key identifier: B1:19:6B:7F:62:FF:8F:DF:2E:3C:8A:0D:9C:28:61:AE:CE:9B:8A:78
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0197443D9C653CCB9B8F30CD7C444627073F
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/sRlrf2L_j98uPIoNnChhrs6bing.roa
Signing time: Fri 06 Jun 2025 07:56:17 +0000
ROA not before: Fri 06 Jun 2025 07:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 212.79.116.0/22 maxlen: 22
212.79.120.0/23 maxlen: 23
212.87.160.0/21 maxlen: 21
212.87.172.0/22 maxlen: 22
212.87.176.0/22 maxlen: 22
212.87.182.0/23 maxlen: 23
212.87.184.0/22 maxlen: 22
212.87.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:3d:9c:65:3c:cb:9b:8f:30:cd:7c:44:46:27:07:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jun 6 07:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1196b7f62ff8fdf2e3c8a0d9c2861aece9b8a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:b7:eb:93:04:02:ec:fc:83:50:c7:1a:bb:
4b:e5:ca:90:f8:31:f3:2f:49:e1:d4:9f:5e:f3:10:
e4:02:e7:2e:c8:46:a5:13:72:bf:d0:99:61:8c:a4:
2c:de:dc:8e:b9:ef:6b:f5:a9:8d:d7:ed:81:8f:b1:
22:00:f9:82:0d:2e:d8:ef:14:d5:30:64:28:40:31:
aa:6e:ec:a5:46:f6:56:16:f4:b9:97:7b:e8:96:04:
89:b9:b1:0b:6a:56:16:06:ba:7a:39:fb:ba:9e:33:
42:4f:b3:e1:60:ea:c0:22:30:8d:3f:a2:2d:2e:46:
40:04:ee:56:1d:d2:76:c5:3c:9d:7f:0e:b3:e6:03:
78:8d:c6:08:82:56:5e:64:6f:28:ac:c0:86:a7:e4:
1e:c1:6f:69:7c:23:1f:49:f4:ee:b7:e0:91:eb:8c:
9b:45:76:49:e5:63:34:b2:89:fe:58:05:74:fa:48:
c0:45:32:a2:3c:31:05:96:95:ca:fa:91:5f:f5:d0:
fd:f5:5d:f3:10:29:b4:25:f7:ee:db:bd:1f:cc:a8:
bf:05:f7:33:83:08:6c:fe:c2:11:68:01:a5:d2:9a:
4b:07:db:e8:79:6b:8a:75:dd:2c:78:4e:3a:4c:26:
25:2a:64:24:43:e2:6d:f0:04:51:83:6d:9e:c5:bc:
9c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:19:6B:7F:62:FF:8F:DF:2E:3C:8A:0D:9C:28:61:AE:CE:9B:8A:78
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/sRlrf2L_j98uPIoNnChhrs6bing.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.79.116.0-212.79.121.255
212.87.160.0/21
212.87.172.0-212.87.179.255
212.87.182.0-212.87.191.255
Signature Algorithm: sha256WithRSAEncryption
8c:3c:4d:c8:a8:ed:83:f7:0e:40:af:cb:65:ff:b2:2b:df:98:
01:79:37:f2:54:d1:32:b0:65:f2:e0:ee:2a:83:45:37:33:ca:
7c:0a:dc:a7:55:7a:82:20:5d:8f:fa:a4:d0:5d:8c:eb:a0:24:
ca:b3:a5:e1:48:63:b0:03:5f:d1:1b:40:ca:19:57:a4:5a:4f:
8a:80:ea:36:79:82:53:ab:89:2b:fe:5d:ab:62:bf:58:a5:c8:
00:3e:c1:77:e3:b3:b5:05:52:46:c9:72:36:b2:a3:90:3f:96:
21:05:a7:de:7c:53:72:3e:0b:ae:27:bc:28:75:a6:87:7d:57:
d1:56:2c:8d:22:6c:04:8a:42:93:51:86:78:58:9d:3b:a8:c7:
ff:39:65:1a:61:d4:db:10:d2:f0:6a:8c:3a:cb:08:51:d4:31:
80:1f:8a:ea:fb:f6:a1:59:c8:d2:40:19:90:fd:e8:b8:c3:3a:
b7:64:b1:48:66:6b:9c:03:97:f0:d8:18:c3:7f:05:02:ac:b5:
2e:08:2d:5b:d1:22:c3:2a:f0:91:bb:30:f8:c3:ec:f1:f1:01:
95:4f:61:58:5f:34:de:ba:c3:e6:f5:2c:81:0c:27:24:50:41:
ea:3b:42:50:e7:10:dd:e3:91:a2:5d:bc:01:af:12:42:c7:d3:
9f:78:79:2b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZdEPZxlPMubjzDNfERGJwc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjUwNjA2MDc1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE5NmI3ZjYyZmY4ZmRmMmUzYzhhMGQ5YzI4NjFhZWNlOWI4YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC+365MEAuz8g1DHGrtL5cqQ+DHz
L0nh1J9e8xDkAucuyEalE3K/0JlhjKQs3tyOue9r9amN1+2Bj7EiAPmCDS7Y7xTV
MGQoQDGqbuylRvZWFvS5l3volgSJubELalYWBrp6Ofu6njNCT7PhYOrAIjCNP6It
LkZABO5WHdJ2xTydfw6z5gN4jcYIglZeZG8orMCGp+QewW9pfCMfSfTut+CR64yb
RXZJ5WM0son+WAV0+kjARTKiPDEFlpXK+pFf9dD99V3zECm0Jffu270fzKi/Bfcz
gwhs/sIRaAGl0ppLB9voeWuKdd0seE46TCYlKmQkQ+Jt8ARRg22exbyclQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLEZa39i/4/fLjyKDZwoYa7Om4p4MB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvc1JscmYyTF9qOTh1UElvTm5DaGhyczZiaW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBALUT3QD
BAHUT3gDBAPUV6AwDAMEAtRXrAMEAtRXsDAMAwQB1Fe2AwQG1FeAMA0GCSqGSIb3
DQEBCwUAA4IBAQCMPE3IqO2D9w5Ar8tl/7Ir35gBeTfyVNEysGXy4O4qg0U3M8p8
CtynVXqCIF2P+qTQXYzroCTKs6XhSGOwA1/RG0DKGVekWk+KgOo2eYJTq4kr/l2r
Yr9YpcgAPsF347O1BVJGyXI2sqOQP5YhBafefFNyPguuJ7wodaaHfVfRViyNImwE
ikKTUYZ4WJ07qMf/OWUaYdTbENLwaow6ywhR1DGAH4rq+/ahWcjSQBmQ/ei4wzq3
ZLFIZmucA5fw2BjDfwUCrLUuCC1b0SLDKvCRuzD4w+zx8QGVT2FYXzTeusPm9SyB
DCckUEHqO0JQ5xDd45GiXbwBrxJCx9OfeHkr
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:20:06 2025 by rpki-client