Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rFazsWWAPHiTpjN3xxjMGtHfbRg.roa
File: rFazsWWAPHiTpjN3xxjMGtHfbRg.roa (raw, json)
Hash identifier: zRIGGnYRjgUcevciGf3/fdvQ4mn1ILC/OE27kBlKmUA=
Subject key identifier: AC:56:B3:B1:65:80:3C:78:93:A6:33:77:C7:18:CC:1A:D1:DF:6D:18
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0196FBC6D96BDB769942BE32FADB140778EE
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rFazsWWAPHiTpjN3xxjMGtHfbRg.roa
Signing time: Fri 23 May 2025 06:13:54 +0000
ROA not before: Fri 23 May 2025 06:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 14.102.60.0/24 maxlen: 24
81.95.48.0/24 maxlen: 24
81.95.49.0/24 maxlen: 24
92.51.236.0/24 maxlen: 24
92.51.237.0/24 maxlen: 24
103.125.76.0/24 maxlen: 24
192.140.222.0/24 maxlen: 24
192.140.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fb:c6:d9:6b:db:76:99:42:be:32:fa:db:14:07:78:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: May 23 06:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac56b3b165803c7893a63377c718cc1ad1df6d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:2d:d9:69:4f:6a:de:b0:de:31:b8:fe:dd:
d4:54:42:00:1b:d6:39:33:f3:cb:4a:c8:86:e9:37:
05:77:e2:b6:9f:c8:dd:15:ba:ac:b3:3e:85:b7:5a:
de:f0:b5:77:98:69:5b:2b:08:c4:62:80:6b:d6:3f:
6f:a2:6e:cb:16:27:af:6a:95:35:09:0f:c2:69:f3:
b3:58:51:3a:28:58:c9:24:dd:f3:0b:a6:2b:1c:de:
66:84:5d:fc:f7:76:14:27:25:30:87:e5:cf:c3:7e:
8d:f3:7b:f4:bd:4d:d5:a2:51:65:29:d8:25:d6:47:
3f:c2:d5:15:36:44:7b:3b:60:74:be:93:81:06:4f:
a3:33:bc:6d:28:b8:aa:84:47:94:68:d8:cb:bf:eb:
7e:c3:e1:91:29:77:97:7e:a7:04:23:8e:eb:f7:2a:
fb:f1:43:66:cc:46:cc:a8:a7:10:91:6a:cd:80:23:
bd:9a:43:82:0f:ed:32:0f:fe:93:83:0c:b4:b8:b4:
93:52:81:4f:84:99:1b:75:74:f0:85:4b:b5:ea:6e:
76:6e:66:20:ff:ad:4e:ec:05:c1:96:c4:be:70:7a:
74:e9:fa:0b:27:4d:31:d2:52:21:67:ce:60:0e:1b:
80:0e:fb:f1:18:b4:b8:98:5d:9b:dd:1b:24:e6:56:
c6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:56:B3:B1:65:80:3C:78:93:A6:33:77:C7:18:CC:1A:D1:DF:6D:18
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/rFazsWWAPHiTpjN3xxjMGtHfbRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.60.0/24
81.95.48.0/23
92.51.236.0/23
103.125.76.0/24
192.140.222.0/23
Signature Algorithm: sha256WithRSAEncryption
91:2f:dd:93:f5:0b:b7:d7:64:f2:89:4c:cc:6a:36:0e:67:3d:
71:1a:90:15:ef:5a:21:d2:b7:e8:7b:a1:da:0f:2b:26:33:7c:
1b:14:1d:0b:18:9c:7e:80:5a:83:ee:ab:9c:70:71:ec:16:00:
ae:66:48:77:55:e8:b2:e7:fc:1e:d7:4d:9e:c9:37:c0:7d:d5:
c3:91:86:51:f6:53:2d:83:0c:d7:64:fd:8a:98:e4:ee:68:15:
72:ac:c0:24:b0:e4:9b:ce:ab:f5:aa:b2:fd:50:ce:ac:d8:89:
a1:1e:e2:b7:81:59:aa:de:04:84:ac:b1:c2:c1:9e:78:53:43:
c4:65:20:13:da:ce:8e:f9:dc:d9:56:31:13:e1:69:a5:a3:b5:
ab:09:00:2f:be:49:c2:47:c3:49:b8:ad:19:c1:7b:06:a7:82:
1d:55:52:04:c2:12:2c:d7:81:05:9a:6f:d9:6f:59:e6:9c:82:
f2:c2:7d:7a:9d:04:d1:fe:37:34:36:9e:c6:15:b7:51:b9:e2:
f3:54:07:58:4b:ae:1a:3d:ab:33:14:a1:74:1c:4f:ff:6e:3a:
8f:c7:aa:87:e9:1a:56:73:fd:5f:a9:37:5e:b2:59:d7:ce:31:
77:4f:8f:32:cd:0d:18:2b:ed:ec:49:6d:54:79:44:f7:35:89:
6d:24:61:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZb7xtlr23aZQr4y+tsUB3juMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNTIzMDYxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU2YjNiMTY1ODAzYzc4OTNhNjMzNzdjNzE4Y2MxYWQxZGY2ZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1Ut2WlPat6w3jG4/t3UVEIAG9Y5
M/PLSsiG6TcFd+K2n8jdFbqssz6Ft1re8LV3mGlbKwjEYoBr1j9vom7LFievapU1
CQ/CafOzWFE6KFjJJN3zC6YrHN5mhF3893YUJyUwh+XPw36N83v0vU3VolFlKdgl
1kc/wtUVNkR7O2B0vpOBBk+jM7xtKLiqhEeUaNjLv+t+w+GRKXeXfqcEI47r9yr7
8UNmzEbMqKcQkWrNgCO9mkOCD+0yD/6Tgwy0uLSTUoFPhJkbdXTwhUu16m52bmYg
/61O7AXBlsS+cHp06foLJ00x0lIhZ85gDhuADvvxGLS4mF2b3Rsk5lbGKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKxWs7FlgDx4k6Yzd8cYzBrR320YMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvckZhenNXV0FQSGlUcGpOM3h4ak1HdEhmYlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmY8AwQB
UV8wAwQBXDPsAwQAZ31MAwQBwIzeMA0GCSqGSIb3DQEBCwUAA4IBAQCRL92T9Qu3
12TyiUzMajYOZz1xGpAV71oh0rfoe6HaDysmM3wbFB0LGJx+gFqD7quccHHsFgCu
Zkh3Veiy5/we102eyTfAfdXDkYZR9lMtgwzXZP2KmOTuaBVyrMAksOSbzqv1qrL9
UM6s2ImhHuK3gVmq3gSErLHCwZ54U0PEZSAT2s6O+dzZVjET4Wmlo7WrCQAvvknC
R8NJuK0ZwXsGp4IdVVIEwhIs14EFmm/Zb1nmnILywn16nQTR/jc0Np7GFbdRueLz
VAdYS64aPaszFKF0HE//bjqPx6qH6RpWc/1fqTdeslnXzjF3T48yzQ0YK+3sSW1U
eUT3NYltJGHM
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:44:11 2025 by rpki-client