Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/49D7wT7ULKiWyqZtxMxOqTeg3V8.roa
File: 49D7wT7ULKiWyqZtxMxOqTeg3V8.roa (raw, json)
Hash identifier: RCt2BsbRAKe++Y4u76/MXl119ya6VLDYvtbk7m5vX08=
Subject key identifier: E3:D0:FB:C1:3E:D4:2C:A8:96:CA:A6:6D:C4:CC:4E:A9:37:A0:DD:5F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0197454632743F9A94B93BC1B9914E1CCE61
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/49D7wT7ULKiWyqZtxMxOqTeg3V8.roa
Signing time: Fri 06 Jun 2025 12:45:17 +0000
ROA not before: Fri 06 Jun 2025 12:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
213.254.162.0/24 maxlen: 24
213.254.172.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:46:32:74:3f:9a:94:b9:3b:c1:b9:91:4e:1c:ce:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 6 12:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3d0fbc13ed42ca896caa66dc4cc4ea937a0dd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a1:20:15:48:27:43:48:d3:ca:98:d4:55:fb:
58:47:7b:8d:45:7c:f4:b9:13:71:ff:29:f6:b9:0d:
de:d4:56:f6:a4:ac:8b:c3:4b:7c:cf:a1:6b:4e:b3:
64:5c:5b:88:f2:4b:ba:96:2d:b3:70:2b:e3:58:ea:
4f:ef:05:a3:a2:45:24:8a:d8:1e:13:60:68:da:9b:
8e:12:ee:a7:1a:5d:09:2a:f3:1d:b8:ad:00:1d:16:
12:2d:56:4a:76:0a:96:af:55:4e:96:47:ff:13:c3:
3a:29:da:a0:38:69:45:e9:87:41:ab:30:28:f6:ea:
eb:e3:c6:5e:59:ac:6a:28:2a:da:89:1a:bd:9a:e0:
a3:52:d2:18:69:aa:6a:e0:c0:39:fb:1a:48:37:ec:
c3:71:46:d3:35:bf:e5:b0:5a:72:d2:b4:8f:37:8a:
48:d9:ec:82:9b:c9:4c:d3:d1:47:e4:82:ca:96:b5:
3f:4f:5d:4d:8a:9d:cf:8b:6c:62:3e:1d:8e:da:59:
0a:08:97:ff:d7:51:26:42:71:ca:a4:47:b8:ed:c8:
d5:f0:ee:ea:49:1d:bf:b4:aa:f4:00:20:e3:4f:fa:
5b:4a:c5:f3:42:33:51:27:74:60:15:93:5a:3a:e7:
b0:19:29:52:90:fe:ef:d8:01:00:e1:ed:27:47:bd:
01:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D0:FB:C1:3E:D4:2C:A8:96:CA:A6:6D:C4:CC:4E:A9:37:A0:DD:5F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/49D7wT7ULKiWyqZtxMxOqTeg3V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
192.253.211.0/24
203.188.173.0-203.188.174.255
203.188.180.0/24
213.254.162.0/24
213.254.172.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:f1:bf:1b:72:d9:7d:08:96:b0:af:64:8e:3b:a9:b0:a8:36:
d3:50:cf:88:7d:3b:a1:78:93:06:03:9d:b0:ae:ac:94:e8:95:
59:19:9a:ef:ee:2b:14:a5:3c:18:b3:97:89:37:0b:12:e6:92:
8a:36:60:c6:7d:b8:29:78:aa:aa:72:54:a4:dd:4e:71:2b:5f:
29:6b:f1:fe:7b:59:ec:88:36:6c:ec:89:e9:a0:0a:05:70:5f:
8c:f3:96:10:89:c5:61:21:96:5e:32:50:32:49:7c:ab:10:9c:
c6:e4:07:0d:ee:a1:ff:ca:19:a5:36:5c:1f:54:0d:16:68:24:
42:de:1b:be:e4:7f:20:1f:8e:29:a7:35:47:cb:21:d4:38:21:
bd:2e:4c:5c:10:92:3a:b0:a0:f0:ca:29:33:97:1e:c9:14:91:
c6:91:e8:e3:32:bd:bc:a7:05:b9:98:8e:9c:9f:f9:b3:4f:36:
ef:f2:51:c5:ba:db:62:a8:b1:33:be:f1:5d:4a:62:97:a8:36:
43:66:e4:7a:09:f4:bb:d8:45:6e:33:87:96:fc:98:bb:e2:c7:
7b:c9:8b:40:21:d1:a2:d8:91:7a:66:4e:42:d6:0c:be:e4:60:
c8:ec:e4:9f:34:b8:eb:f7:83:5c:b0:78:7b:0e:48:99:6d:7c:
72:4e:17:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZdFRjJ0P5qUuTvBuZFOHM5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA2MTI0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2QwZmJjMTNlZDQyY2E4OTZjYWE2NmRjNGNjNGVhOTM3YTBkZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaEgFUgnQ0jTypjUVftYR3uNRXz0
uRNx/yn2uQ3e1Fb2pKyLw0t8z6FrTrNkXFuI8ku6li2zcCvjWOpP7wWjokUkitge
E2Bo2puOEu6nGl0JKvMduK0AHRYSLVZKdgqWr1VOlkf/E8M6KdqgOGlF6YdBqzAo
9urr48ZeWaxqKCraiRq9muCjUtIYaapq4MA5+xpIN+zDcUbTNb/lsFpy0rSPN4pI
2eyCm8lM09FH5ILKlrU/T11Nip3Pi2xiPh2O2lkKCJf/11EmQnHKpEe47cjV8O7q
SR2/tKr0ACDjT/pbSsXzQjNRJ3RgFZNaOuewGSlSkP7v2AEA4e0nR70B/wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOPQ+8E+1CyolsqmbcTMTqk3oN1fMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNDlEN3dUN1VMS2lXeXFadHhNeE9xVGVnM1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCqj5gAwQA
qj5lAwQAqj5pAwQAqj5tAwQAwP3TMAwDBADLvK0DBADLvK4DBADLvLQDBADV/qID
BAHV/qwwDQYJKoZIhvcNAQELBQADggEBAHvxvxty2X0IlrCvZI47qbCoNtNQz4h9
O6F4kwYDnbCurJTolVkZmu/uKxSlPBizl4k3CxLmkoo2YMZ9uCl4qqpyVKTdTnEr
Xylr8f57WeyINmzsiemgCgVwX4zzlhCJxWEhll4yUDJJfKsQnMbkBw3uof/KGaU2
XB9UDRZoJELeG77kfyAfjimnNUfLIdQ4Ib0uTFwQkjqwoPDKKTOXHskUkcaR6OMy
vbynBbmYjpyf+bNPNu/yUcW622KosTO+8V1KYpeoNkNm5HoJ9LvYRW4zh5b8mLvi
x3vJi0Ah0aLYkXpmTkLWDL7kYMjs5J80uOv3g1yweHsOSJltfHJOFxc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:38:36 2025 by rpki-client