Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ts2CHXeNdsorvzlFGN7hLQ_YyYA.roa
File: ts2CHXeNdsorvzlFGN7hLQ_YyYA.roa (raw, json)
Hash identifier: /vbZdvZzvzEZg0+lm3MnplQ2nFty9QhYiePSaDuaiG4=
Subject key identifier: B6:CD:82:1D:77:8D:76:CA:2B:BF:39:45:18:DE:E1:2D:0F:D8:C9:80
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 01970C009875CAAAFBA27109C92B94B54745
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ts2CHXeNdsorvzlFGN7hLQ_YyYA.roa
Signing time: Mon 26 May 2025 09:50:54 +0000
ROA not before: Mon 26 May 2025 09:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8612
IP address blocks: 82.84.0.0/15 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
94.32.0.0/19 maxlen: 24
94.32.64.0/18 maxlen: 24
94.32.128.0/17 maxlen: 24
193.207.24.0/23 maxlen: 23
193.207.26.0/24 maxlen: 24
193.207.48.0/20 maxlen: 24
193.207.64.0/18 maxlen: 24
193.207.96.0/20 maxlen: 21
193.207.128.0/17 maxlen: 22
195.130.224.0/19 maxlen: 19
212.123.64.0/19 maxlen: 19
213.205.0.0/18 maxlen: 18
213.205.0.251/32 maxlen: 32
2a01:7d0::/32 maxlen: 32
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0:4811::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:00:98:75:ca:aa:fb:a2:71:09:c9:2b:94:b5:47:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: May 26 09:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6cd821d778d76ca2bbf394518dee12d0fd8c980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:72:48:c2:40:4a:26:83:e7:bc:21:65:44:
4c:d2:dd:03:03:45:7c:76:4c:e6:e7:e3:23:c5:8f:
39:33:74:97:14:91:8d:41:ea:41:bf:de:74:59:f4:
bb:e1:11:6e:d4:32:30:10:5d:0f:fe:d8:77:7e:ae:
8b:55:28:f5:40:51:bd:fa:e1:47:b8:69:c9:73:ed:
0f:1e:8d:1e:81:03:c8:6e:58:bc:3f:28:b6:43:e9:
6a:9f:70:7a:ea:47:eb:cb:b9:69:95:6a:07:d9:46:
3c:8c:38:db:b6:de:0d:3c:e7:74:d3:95:a8:ff:36:
74:53:0e:51:79:55:5a:29:5a:2e:9f:b9:fa:51:0b:
cb:25:46:25:cf:42:20:c9:e9:61:36:9c:14:b5:75:
77:c5:96:8c:1d:84:d9:ba:f2:a7:8a:e7:ad:bd:fb:
ce:c4:77:f9:89:84:54:55:15:72:7b:3f:81:58:5e:
b3:b4:8b:99:04:27:e0:45:27:61:c0:c3:ea:21:d0:
a9:34:c2:f2:a1:cc:d2:8a:96:67:4b:fc:b7:02:d6:
a6:99:99:0e:d6:54:a2:56:dc:99:8e:1b:3f:cd:d1:
af:f7:b0:c9:a8:2a:99:15:6d:80:49:cc:a9:6d:d3:
ae:52:5e:e4:e4:4d:a3:b3:73:78:45:7d:4b:32:3c:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CD:82:1D:77:8D:76:CA:2B:BF:39:45:18:DE:E1:2D:0F:D8:C9:80
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ts2CHXeNdsorvzlFGN7hLQ_YyYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
94.32.0.0/19
94.32.64.0-94.32.255.255
193.207.24.0-193.207.26.255
193.207.48.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
19:60:28:be:03:e7:38:7c:43:5f:c7:36:86:f8:5c:ba:ab:05:
7f:2f:00:05:c7:79:91:6d:67:2b:a1:db:d7:80:97:87:cf:a5:
83:b7:8a:a9:cd:bb:3a:c0:28:3d:6d:c8:db:14:4d:86:2f:19:
fd:80:8d:44:8a:08:2b:ee:ff:4d:7b:28:23:5f:a3:85:e0:4c:
a2:3d:92:73:93:25:5a:a9:04:48:3c:d9:35:b8:d9:32:25:6f:
4f:01:b3:f1:2a:29:58:12:48:bb:1a:af:58:14:52:62:ff:cd:
02:4e:c9:0e:49:ae:cb:8d:86:e7:af:71:09:5d:c0:b4:51:c5:
fa:f7:90:d6:35:2c:59:4c:12:5c:3a:5d:aa:50:c8:ca:dc:1c:
ee:6f:8b:bf:45:17:cf:2c:46:bf:a3:35:e3:0d:3a:20:7f:34:
2d:69:87:41:9a:1e:3b:5f:32:d9:39:0b:c6:ec:f3:28:0e:e1:
2e:26:6d:fa:a3:c4:fc:c5:14:64:c0:fa:a3:76:be:c0:86:c1:
86:3c:05:92:dc:f6:df:2c:e8:e3:2e:60:df:1f:58:63:61:ce:
33:6a:0d:4d:76:b7:c9:fb:bc:c4:7e:b6:23:bd:c6:db:07:d1:
00:89:5b:df:70:9e:aa:a3:03:84:8f:ff:c9:61:af:52:ed:0d:
a5:8f:79:b3
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZcMAJh1yqr7onEJySuUtUdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwNTI2MDk1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmNkODIxZDc3OGQ3NmNhMmJiZjM5NDUxOGRlZTEyZDBmZDhjOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBlySMJASiaD57whZURM0t0DA0V8
dkzm5+MjxY85M3SXFJGNQepBv950WfS74RFu1DIwEF0P/th3fq6LVSj1QFG9+uFH
uGnJc+0PHo0egQPIbli8Pyi2Q+lqn3B66kfry7lplWoH2UY8jDjbtt4NPOd005Wo
/zZ0Uw5ReVVaKVoun7n6UQvLJUYlz0IgyelhNpwUtXV3xZaMHYTZuvKniuetvfvO
xHf5iYRUVRVyez+BWF6ztIuZBCfgRSdhwMPqIdCpNMLyoczSipZnS/y3AtammZkO
1lSiVtyZjhs/zdGv97DJqCqZFW2AScypbdOuUl7k5E2js3N4RX1LMjyDMwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLbNgh13jXbKK785RRje4S0P2MmAMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvdHMyQ0hYZU5kc29ydnpsRkdON2hMUV9ZeVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwMBUlQDBAVe
IAAwCwMEBl4gQAMDAF4gMAwDBAPBzxgDBADBzxowCwMEBMHPMAMDBMHAAwQFw4Lg
AwQF1HtAAwQG1c0AMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
YCi+A+c4fENfxzaG+Fy6qwV/LwAFx3mRbWcrodvXgJeHz6WDt4qpzbs6wCg9bcjb
FE2GLxn9gI1Eiggr7v9NeygjX6OF4EyiPZJzkyVaqQRIPNk1uNkyJW9PAbPxKilY
Eki7Gq9YFFJi/80CTskOSa7LjYbnr3EJXcC0UcX695DWNSxZTBJcOl2qUMjK3Bzu
b4u/RRfPLEa/ozXjDTogfzQtaYdBmh47XzLZOQvG7PMoDuEuJm36o8T8xRRkwPqj
dr7AhsGGPAWS3PbfLOjjLmDfH1hjYc4zag1NdrfJ+7zEfrYjvcbbB9EAiVvfcJ6q
owOEj//JYa9S7Q2lj3mz
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:06:59 2025 by rpki-client