Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/aleW7Ot-gpwQFgCpX5YamcoaUQc.roa
File: aleW7Ot-gpwQFgCpX5YamcoaUQc.roa (raw, json)
Hash identifier: BMPbglBlQN5MqzrXdwkO3ix1cczyDRBBYgypfG53uco=
Subject key identifier: 6A:57:96:EC:EB:7E:82:9C:10:16:00:A9:5F:96:1A:99:CA:1A:51:07
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019720A3A2A9D03F976B47F89DE38FE708E2
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/aleW7Ot-gpwQFgCpX5YamcoaUQc.roa
Signing time: Fri 30 May 2025 10:01:24 +0000
ROA not before: Fri 30 May 2025 10:01:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:a3:a2:a9:d0:3f:97:6b:47:f8:9d:e3:8f:e7:08:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: May 30 10:01:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5796eceb7e829c101600a95f961a99ca1a5107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:dd:f5:d8:e9:f0:93:7c:dc:4b:60:a8:d8:
e8:f1:ec:ce:9a:84:33:ee:69:e2:38:97:6e:1e:ee:
0f:92:e6:88:a1:ca:60:8e:f9:b3:cc:2b:f1:02:8e:
08:7b:a8:95:b8:24:77:72:e2:92:68:43:85:c7:57:
3f:3d:5b:d5:a9:64:5b:36:c9:ed:89:73:14:8a:d8:
8c:05:d1:b2:b6:dd:ea:81:db:81:f4:24:e4:e0:dc:
70:e9:59:4e:5c:94:11:b0:7d:22:38:f9:78:e3:eb:
30:37:54:3a:25:ea:77:a4:8d:fc:31:88:77:c5:da:
8c:ce:0f:91:6e:f7:d2:67:b3:f4:04:0f:34:f4:89:
b3:be:14:ba:22:e5:f1:61:a2:8f:b6:f8:5b:cd:9f:
7d:53:d6:e4:19:fe:ce:17:ff:f4:61:90:0c:ab:dd:
a9:a4:43:8e:95:66:f4:71:18:e6:32:89:9f:97:24:
af:de:91:a5:58:64:60:67:78:27:f1:8a:df:14:de:
ba:df:4d:50:a9:df:96:f5:6f:1a:8f:2b:46:ab:a9:
9f:bf:1e:c4:7f:87:1b:13:d1:74:b4:fa:7b:d0:91:
7a:10:ba:3a:37:11:71:63:29:76:ba:d9:a9:55:8e:
b9:3b:84:34:a4:b4:99:cb:c2:c8:65:52:15:c2:8c:
09:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:57:96:EC:EB:7E:82:9C:10:16:00:A9:5F:96:1A:99:CA:1A:51:07
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/aleW7Ot-gpwQFgCpX5YamcoaUQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0-91.196.138.255
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:66:51:79:aa:fe:f9:1d:81:57:a5:ab:78:ca:17:14:9b:9d:
b9:ef:c8:4c:57:cb:3d:0e:5a:46:5e:22:de:f1:94:48:71:3b:
89:91:fe:8a:47:eb:4a:e9:e4:67:84:e5:73:18:a4:e8:fc:92:
1f:00:27:22:68:11:25:41:7b:56:d7:e7:45:05:77:0e:53:9d:
f0:ab:77:7f:8b:c2:44:dd:da:3e:24:ef:65:8b:53:28:b6:2e:
3b:4d:8e:5d:fb:37:bd:67:b8:ea:a9:2d:f5:8a:6e:aa:f0:11:
65:ee:dc:9a:57:a2:e3:ec:50:87:61:f9:48:78:95:36:6c:5c:
30:a5:87:93:5f:19:71:e2:d7:ea:0f:75:1e:06:d8:c5:c1:25:
e5:49:bf:ee:5d:8e:64:53:1a:4a:ea:a9:02:5f:12:0a:59:b5:
15:dd:d6:dd:9e:d3:8f:2e:1a:84:bd:a6:2c:7b:ae:b1:57:5a:
fb:8f:04:29:3f:1e:e6:8f:e1:2e:d0:2a:0d:fa:af:86:99:22:
87:d1:3f:51:64:4b:de:61:8e:6d:60:28:d3:09:f4:50:7c:a7:
83:69:75:37:a8:6e:aa:89:45:de:78:8e:4e:6b:e0:69:f2:57:
82:35:64:51:f3:e6:14:bf:d7:43:6b:9b:1c:a2:c3:39:bd:44:
47:85:6e:f1
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZcgo6Kp0D+Xa0f4neOP5wjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwNTMwMTAwMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU3OTZlY2ViN2U4MjljMTAxNjAwYTk1Zjk2MWE5OWNhMWE1MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdXd9djp8JN83EtgqNjo8ezOmoQz
7mniOJduHu4PkuaIocpgjvmzzCvxAo4Ie6iVuCR3cuKSaEOFx1c/PVvVqWRbNsnt
iXMUitiMBdGytt3qgduB9CTk4Nxw6VlOXJQRsH0iOPl44+swN1Q6Jep3pI38MYh3
xdqMzg+RbvfSZ7P0BA809ImzvhS6IuXxYaKPtvhbzZ99U9bkGf7OF//0YZAMq92p
pEOOlWb0cRjmMomflySv3pGlWGRgZ3gn8YrfFN66301Qqd+W9W8ajytGq6mfvx7E
f4cbE9F0tPp70JF6ELo6NxFxYyl2utmpVY65O4Q0pLSZy8LIZVIVwowJ9wIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFGpXluzrfoKcEBYAqV+WGpnKGlEHMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvYWxlVzdPdC1ncHdRRmdDcFg1WWFtY29hVVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAzBAIAATAtMAwDBANbxIgD
BABbxIoDBABds3gDBQdfVVOAAwQAX7XVAwQAbcSFAwQAw7YIMBQEAgACMA4DBQEq
BIaAAwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAA2ZRear++R2BV6WreMoXFJud
ue/ITFfLPQ5aRl4i3vGUSHE7iZH+ikfrSunkZ4Tlcxik6PySHwAnImgRJUF7Vtfn
RQV3DlOd8Kt3f4vCRN3aPiTvZYtTKLYuO02OXfs3vWe46qkt9YpuqvARZe7cmlei
4+xQh2H5SHiVNmxcMKWHk18ZceLX6g91HgbYxcEl5Um/7l2OZFMaSuqpAl8SClm1
Fd3W3Z7Tjy4ahL2mLHuusVda+48EKT8e5o/hLtAqDfqvhpkih9E/UWRL3mGObWAo
0wn0UHyng2l1N6huqolF3niOTmvgafJXgjVkUfPmFL/XQ2ubHKLDOb1ER4Vu8Q==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:18:12 2025 by rpki-client