Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/TwH3XLR5eWytPH0e1iR6q0ymUKY.roa
File: TwH3XLR5eWytPH0e1iR6q0ymUKY.roa (raw, json)
Hash identifier: JYDjIaQDGAR5XZu9vovS5Bznar5fD08d08gvLcW2UeI=
Subject key identifier: 4F:01:F7:5C:B4:79:79:6C:AD:3C:7D:1E:D6:24:7A:AB:4C:A6:50:A6
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0196C45E0C6D4F7AB8956B2B306956579E38
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/TwH3XLR5eWytPH0e1iR6q0ymUKY.roa
Signing time: Mon 12 May 2025 12:00:19 +0000
ROA not before: Mon 12 May 2025 12:00:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44213
IP address blocks: 87.229.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:5e:0c:6d:4f:7a:b8:95:6b:2b:30:69:56:57:9e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 12 12:00:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f01f75cb479796cad3c7d1ed6247aab4ca650a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a7:89:01:74:8b:de:86:49:63:c1:d3:5f:ab:
8b:58:c4:23:d1:c7:a5:e8:33:c9:81:23:51:55:60:
da:c1:75:e1:47:9b:68:63:00:84:71:a0:7e:ad:8e:
f7:23:d9:6f:69:40:86:8b:bb:11:82:13:9b:8b:e9:
f4:27:84:1a:85:0d:15:74:ba:4a:05:cb:0c:bf:a9:
e5:00:71:ea:6a:85:77:0e:c5:d9:83:04:40:6b:fc:
d8:2e:8d:34:77:05:f6:e7:05:29:87:37:a9:d6:92:
7a:6c:55:48:43:72:96:a2:44:f1:58:99:f1:37:95:
47:03:7f:2e:28:94:9a:59:96:31:ed:4b:6f:46:55:
be:f4:6b:b3:29:04:db:b9:b5:75:0c:01:c3:12:fb:
ab:f5:91:b2:32:ca:c4:6b:08:6c:0a:1e:fc:d6:79:
cd:c8:89:42:02:de:ee:8d:d0:8a:15:cd:b0:0e:7e:
08:b2:96:b1:2b:ad:3a:20:de:eb:62:5f:26:0e:aa:
e8:a5:19:46:a2:f0:74:b7:98:d3:29:54:3d:41:67:
ff:e6:f7:86:c6:1c:0d:74:7e:c2:c9:9d:db:2a:58:
07:5c:8f:3c:4f:23:81:9e:77:b8:3b:40:99:16:7b:
02:11:a5:24:d7:10:7d:dc:be:71:2a:b4:12:16:ff:
a1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:01:F7:5C:B4:79:79:6C:AD:3C:7D:1E:D6:24:7A:AB:4C:A6:50:A6
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/TwH3XLR5eWytPH0e1iR6q0ymUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:51:ff:63:38:8d:bd:e8:b6:14:79:a0:2f:17:3e:ef:a0:7f:
58:be:f1:d3:c1:1a:ee:c0:3e:44:a3:c7:8a:d9:77:e1:ba:1d:
51:93:ad:7a:06:70:28:f0:85:28:c9:69:46:e4:cf:ee:9f:46:
b0:8c:84:0e:e1:e8:e5:55:d7:97:c4:d8:51:01:a2:37:ae:cb:
95:6d:7f:26:8c:aa:84:f5:c9:7e:df:0d:7d:d3:03:89:31:2e:
c7:ee:f6:dc:0a:74:bb:4e:bf:09:39:bf:d8:a1:b8:ec:e4:7d:
22:ee:3f:3d:bd:11:ff:61:8c:b7:8c:0f:89:17:7f:bd:68:07:
d9:dc:02:25:6a:37:e8:75:06:7b:45:0f:c4:6c:13:dc:03:fe:
d8:ca:bb:49:0f:51:b3:9d:1e:31:c4:a0:f5:8b:03:5b:47:d8:
cd:f4:fb:62:dc:2e:11:40:78:84:9d:68:23:16:2f:9a:2b:3f:
e0:11:ae:63:3e:7b:55:6a:77:42:da:1f:62:55:e6:ae:5b:ab:
87:57:c1:b2:cf:cd:dd:c8:1a:88:d1:f9:1e:0f:ec:bf:d9:18:
6a:c4:54:36:b0:02:22:2c:6d:46:32:0e:e6:54:ac:48:c7:ad:
68:d9:e7:4d:07:74:08:de:8d:2d:9c:e8:86:a4:91:14:f6:18:
af:40:df:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbEXgxtT3q4lWsrMGlWV544MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNTEyMTIwMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAxZjc1Y2I0Nzk3OTZjYWQzYzdkMWVkNjI0N2FhYjRjYTY1MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76eJAXSL3oZJY8HTX6uLWMQj0cel
6DPJgSNRVWDawXXhR5toYwCEcaB+rY73I9lvaUCGi7sRghObi+n0J4QahQ0VdLpK
BcsMv6nlAHHqaoV3DsXZgwRAa/zYLo00dwX25wUphzep1pJ6bFVIQ3KWokTxWJnx
N5VHA38uKJSaWZYx7UtvRlW+9GuzKQTbubV1DAHDEvur9ZGyMsrEawhsCh781nnN
yIlCAt7ujdCKFc2wDn4IspaxK606IN7rYl8mDqropRlGovB0t5jTKVQ9QWf/5veG
xhwNdH7CyZ3bKlgHXI88TyOBnne4O0CZFnsCEaUk1xB93L5xKrQSFv+hNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8B91y0eXlsrTx9HtYkeqtMplCmMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvVHdIM1hMUjVlV3l0UEgwZTFpUjZxMHltVUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+UOMA0G
CSqGSIb3DQEBCwUAA4IBAQAMUf9jOI296LYUeaAvFz7voH9YvvHTwRruwD5Eo8eK
2Xfhuh1Rk616BnAo8IUoyWlG5M/un0awjIQO4ejlVdeXxNhRAaI3rsuVbX8mjKqE
9cl+3w190wOJMS7H7vbcCnS7Tr8JOb/Yobjs5H0i7j89vRH/YYy3jA+JF3+9aAfZ
3AIlajfodQZ7RQ/EbBPcA/7YyrtJD1GznR4xxKD1iwNbR9jN9Pti3C4RQHiEnWgj
Fi+aKz/gEa5jPntVandC2h9iVeauW6uHV8Gyz83dyBqI0fkeD+y/2RhqxFQ2sAIi
LG1GMg7mVKxIx61o2edNB3QI3o0tnOiGpJEU9hivQN+B
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:43:58 2025 by rpki-client