Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/9ESyzHY3tDwoLy0qTdzIIz35dKQ.roa
File: 9ESyzHY3tDwoLy0qTdzIIz35dKQ.roa (raw, json)
Hash identifier: jqOOKsXrn7t0ZH3AYn6ArJKblZkGHsI4rkiKFVYX+aw=
Subject key identifier: F4:44:B2:CC:76:37:B4:3C:28:2F:2D:2A:4D:DC:C8:23:3D:F9:74:A4
Certificate issuer: /CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Certificate serial: 0196F80DC82F70610D91D988ADF80DBDB6D7
Authority key identifier: B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/9ESyzHY3tDwoLy0qTdzIIz35dKQ.roa
Signing time: Thu 22 May 2025 12:52:54 +0000
ROA not before: Thu 22 May 2025 12:52:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24776
IP address blocks: 194.2.74.0/24 maxlen: 24
194.3.136.0/24 maxlen: 24
194.29.206.0/24 maxlen: 24
194.187.192.0/22 maxlen: 22
213.161.192.0/19 maxlen: 19
217.25.176.0/20 maxlen: 20
2001:1650::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/ueJzyLoLCvsgXQCzFw5puBZ0M5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/ueJzyLoLCvsgXQCzFw5puBZ0M5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:0d:c8:2f:70:61:0d:91:d9:88:ad:f8:0d:bd:b6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Validity
Not Before: May 22 12:52:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f444b2cc7637b43c282f2d2a4ddcc8233df974a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3a:c6:af:f1:02:3e:b2:21:75:55:c1:76:e7:
3a:64:ab:32:93:1b:77:f2:b6:9f:97:68:dd:aa:d5:
1c:31:72:67:97:64:3b:86:7e:77:ab:47:4f:41:1a:
43:fa:27:48:7c:33:c3:b3:8d:da:7e:c2:47:b2:7b:
c0:7a:9f:36:99:62:91:1f:65:3f:dd:67:c9:ed:fa:
c1:ff:2b:c0:89:6b:10:4f:6e:a1:33:c1:d7:d5:81:
37:8b:8b:a3:72:07:86:ba:2a:b8:7b:a9:03:f1:b1:
9e:53:13:36:16:77:ff:33:f9:9f:aa:fd:7c:31:45:
49:5b:0a:7f:97:02:2f:b1:9d:7c:1d:9b:5a:b9:e3:
8d:79:b6:96:1a:81:69:25:79:16:39:d8:f1:2b:d7:
28:e9:7e:ab:a2:14:a4:57:29:a5:fa:01:3c:da:9e:
95:ff:d9:89:f0:e7:6a:a7:f8:e5:7f:9b:53:0e:3c:
c7:af:77:c9:96:c2:f3:c5:cd:59:41:24:4c:6a:39:
49:5f:17:4d:37:b5:33:55:93:e1:39:9b:48:b1:b8:
61:e8:88:be:d9:ae:3f:ea:6d:05:e9:28:fa:f9:52:
0c:1b:49:c7:a5:76:75:d8:52:ec:d4:5f:85:b7:a5:
ec:d7:cc:80:b4:be:cd:4c:24:0f:bb:f6:d8:cb:36:
6b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:44:B2:CC:76:37:B4:3C:28:2F:2D:2A:4D:DC:C8:23:3D:F9:74:A4
X509v3 Authority Key Identifier:
keyid:B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/9ESyzHY3tDwoLy0qTdzIIz35dKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/ueJzyLoLCvsgXQCzFw5puBZ0M5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.2.74.0/24
194.3.136.0/24
194.29.206.0/24
194.187.192.0/22
213.161.192.0/19
217.25.176.0/20
IPv6:
2001:1650::/29
Signature Algorithm: sha256WithRSAEncryption
36:1b:65:74:bb:44:a7:a5:85:ad:79:cf:d5:09:6d:c0:7a:69:
70:ee:42:84:01:5e:ee:3f:7b:5a:05:c8:66:dc:49:bf:2a:97:
4f:d3:26:bd:d2:65:e3:ce:5d:a4:02:1b:3e:a0:39:16:15:49:
55:6a:c0:a1:a7:29:9b:66:81:a2:a6:eb:92:85:f7:d9:ab:ce:
b2:0b:d4:c1:cb:b2:d8:a1:55:9b:a8:a6:59:f2:fe:72:57:b1:
36:6f:71:c7:75:e2:8c:ab:3d:78:44:8f:1f:ce:ea:8d:d1:ab:
09:07:f5:9f:bd:70:5b:d3:9e:a2:17:97:18:d5:f2:d3:40:31:
c6:f8:1e:b3:f1:6b:d9:1e:09:9b:62:af:93:21:aa:a2:be:e6:
a9:4c:0a:21:ae:61:47:76:7c:5f:c0:29:b6:7b:af:27:e0:09:
30:fb:7a:55:0f:85:88:e7:fd:38:9d:14:5d:ed:41:34:cf:11:
6c:b0:1e:66:7e:82:21:f0:aa:ee:ab:c4:49:b6:38:18:7f:32:
8c:16:84:0b:4c:3e:94:65:56:f2:67:10:97:c4:94:95:40:99:
9e:98:4b:c2:8b:b3:67:57:e7:ae:02:1e:e2:aa:e2:71:71:30:
76:64:8d:52:29:cd:c3:1c:64:9b:35:bf:a9:94:f5:0c:e3:9f:
8f:77:cf:87
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZb4DcgvcGENkdmIrfgNvbbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTI3M2M4YmEwYjBhZmIyMDVkMDBiMzE3MGU2OWI4MTY3
NDMzOTcwHhcNMjUwNTIyMTI1MjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQ0YjJjYzc2MzdiNDNjMjgyZjJkMmE0ZGRjYzgyMzNkZjk3NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TrGr/ECPrIhdVXBduc6ZKsykxt3
8rafl2jdqtUcMXJnl2Q7hn53q0dPQRpD+idIfDPDs43afsJHsnvAep82mWKRH2U/
3WfJ7frB/yvAiWsQT26hM8HX1YE3i4ujcgeGuiq4e6kD8bGeUxM2Fnf/M/mfqv18
MUVJWwp/lwIvsZ18HZtaueONebaWGoFpJXkWOdjxK9co6X6rohSkVyml+gE82p6V
/9mJ8Odqp/jlf5tTDjzHr3fJlsLzxc1ZQSRMajlJXxdNN7UzVZPhOZtIsbhh6Ii+
2a4/6m0F6Sj6+VIMG0nHpXZ12FLs1F+Ft6Xs18yAtL7NTCQPu/bYyzZr+wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPREssx2N7Q8KC8tKk3cyCM9+XSkMB8GA1UdIwQY
MBaAFLnic8i6Cwr7IF0AsxcOabgWdDOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVKenlMb0xDdnNnWFFDekZ3NXB1QlowTTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83NzgxZmUtMTMwNC00M2Y4LWI3N2Mt
M2Q5NmJkM2U3ODUzLzEvOUVTeXpIWTN0RHdvTHkwcVRkeklJejM1ZEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83NzgxZmUtMTMwNC00M2Y4LWI3N2MtM2Q5NmJkM2U3ODUz
LzEvdWVKenlMb0xDdnNnWFFDekZ3NXB1QlowTTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAwgJKAwQA
wgOIAwQAwh3OAwQCwrvAAwQF1aHAAwQE2RmwMA0EAgACMAcDBQMgARZQMA0GCSqG
SIb3DQEBCwUAA4IBAQA2G2V0u0SnpYWtec/VCW3Aemlw7kKEAV7uP3taBchm3Em/
KpdP0ya90mXjzl2kAhs+oDkWFUlVasChpymbZoGipuuShffZq86yC9TBy7LYoVWb
qKZZ8v5yV7E2b3HHdeKMqz14RI8fzuqN0asJB/WfvXBb056iF5cY1fLTQDHG+B6z
8WvZHgmbYq+TIaqivuapTAohrmFHdnxfwCm2e68n4Akw+3pVD4WI5/04nRRd7UE0
zxFssB5mfoIh8Kruq8RJtjgYfzKMFoQLTD6UZVbyZxCXxJSVQJmemEvCi7NnV+eu
Ah7iquJxcTB2ZI1SKc3DHGSbNb+plPUM45+Pd8+H
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:52:06 2025 by rpki-client