Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/D3uFNp_uUSHt1YSi-2IaHiDrRag.roa
File: D3uFNp_uUSHt1YSi-2IaHiDrRag.roa (raw, json)
Hash identifier: s8c53hlFJRAlFwJlOpAFaiZbwpviv1EIugwd2PuQcZA=
Subject key identifier: 0F:7B:85:36:9F:EE:51:21:ED:D5:84:A2:FB:62:1A:1E:20:EB:45:A8
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 0196EDE3A62060B65F5A10CF031365357501
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/D3uFNp_uUSHt1YSi-2IaHiDrRag.roa
Signing time: Tue 20 May 2025 13:30:41 +0000
ROA not before: Tue 20 May 2025 13:30:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:e3:a6:20:60:b6:5f:5a:10:cf:03:13:65:35:75:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: May 20 13:30:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f7b85369fee5121edd584a2fb621a1e20eb45a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3d:55:4e:ce:fb:59:4b:aa:be:8c:c8:aa:5d:
f6:e4:75:68:e6:2f:af:bc:7f:14:a8:d9:7d:b8:91:
a6:02:41:00:38:8a:97:50:31:cb:f7:f9:0d:86:1c:
44:4f:50:0b:4b:ab:0e:b3:54:cd:56:3c:52:8e:f8:
84:88:06:e3:05:0a:e7:b7:b0:d1:f1:5a:fb:64:5f:
7e:5b:cd:79:d1:0d:43:bf:82:18:1f:f6:7f:da:87:
88:c7:7e:7f:b6:76:44:1a:8d:62:2b:82:a8:78:d4:
22:10:7a:69:41:cb:e6:c6:94:b5:9c:84:92:d9:f3:
3b:5e:69:cb:62:e2:ad:54:80:22:bb:81:4e:3e:fd:
ff:89:13:c4:aa:85:67:f9:f3:a8:31:b0:d8:c2:7f:
a6:01:ab:31:29:cd:7a:37:03:3b:e8:95:3c:a7:45:
79:d9:b5:0c:ca:06:e3:25:c1:b6:f3:82:4d:e4:d2:
b7:f3:a0:57:50:9a:e1:ae:2b:e1:f0:43:3c:70:77:
9a:57:f1:0e:7b:5e:cc:48:38:50:82:e4:5c:c2:d0:
e1:2e:a6:15:de:d4:a8:3a:e4:a9:16:a7:d4:47:79:
b9:76:8f:8e:dc:e2:2a:82:bb:f7:aa:d4:17:84:96:
e2:0b:72:03:ab:c6:e0:3a:77:0f:30:0d:8f:88:08:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7B:85:36:9F:EE:51:21:ED:D5:84:A2:FB:62:1A:1E:20:EB:45:A8
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/D3uFNp_uUSHt1YSi-2IaHiDrRag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.160.0-178.210.166.255
178.210.168.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
0e:98:81:5a:fd:2f:f4:58:e5:a7:0b:14:9e:ce:84:f3:17:31:
43:bc:08:2e:09:0f:4f:8b:c5:fc:40:c7:82:37:55:29:09:98:
c7:50:e4:01:be:a5:1f:0f:8c:01:dd:c0:8e:7f:b2:d0:96:22:
39:64:09:d4:42:5f:bc:b6:47:8d:0e:8c:e9:8f:da:a9:3f:49:
e3:e4:c3:d7:45:95:da:69:06:04:d8:f9:64:60:04:98:eb:9e:
b7:c2:59:f7:64:f5:9b:98:cd:db:68:04:72:8c:58:77:de:a7:
39:a6:d5:26:17:44:d2:cc:d7:83:df:e9:4e:b9:0f:18:0b:81:
84:23:00:32:e1:6d:2d:ef:c4:4f:c2:73:4a:0d:15:19:d1:7e:
06:e9:91:13:b9:1f:8c:b2:a5:b2:8a:b3:13:d2:9e:24:2b:a8:
cb:a0:5f:95:82:b9:b9:70:45:d1:fc:8e:b8:4f:ed:d2:4a:5a:
f4:f1:89:e9:31:48:1f:eb:ee:fd:08:52:86:e8:ed:72:b6:4e:
f5:3d:a9:75:a4:48:69:83:49:fc:a4:31:43:01:bc:d3:d1:c9:
a7:42:e5:66:3c:a1:20:24:fc:e0:cd:ee:a7:90:e7:01:a5:72:
11:4f:e9:a1:ab:01:2c:c1:d0:e4:d6:f8:dc:e8:39:a7:39:2c:
95:df:c5:f5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbt46YgYLZfWhDPAxNlNXUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjUwNTIwMTMzMDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdiODUzNjlmZWU1MTIxZWRkNTg0YTJmYjYyMWExZTIwZWI0NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz1VTs77WUuqvozIql325HVo5i+v
vH8UqNl9uJGmAkEAOIqXUDHL9/kNhhxET1ALS6sOs1TNVjxSjviEiAbjBQrnt7DR
8Vr7ZF9+W8150Q1Dv4IYH/Z/2oeIx35/tnZEGo1iK4KoeNQiEHppQcvmxpS1nISS
2fM7XmnLYuKtVIAiu4FOPv3/iRPEqoVn+fOoMbDYwn+mAasxKc16NwM76JU8p0V5
2bUMygbjJcG284JN5NK386BXUJrhrivh8EM8cHeaV/EOe17MSDhQguRcwtDhLqYV
3tSoOuSpFqfUR3m5do+O3OIqgrv3qtQXhJbiC3IDq8bgOncPMA2PiAhL6QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA97hTaf7lEh7dWEovtiGh4g60WoMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvRDN1Rk5wX3VVU0h0MVlTaS0ySWFIaURyUmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAWy0qAD
BACy0qYwDAMEA7LSqAMEALLSsjANBgkqhkiG9w0BAQsFAAOCAQEADpiBWv0v9Fjl
pwsUns6E8xcxQ7wILgkPT4vF/EDHgjdVKQmYx1DkAb6lHw+MAd3Ajn+y0JYiOWQJ
1EJfvLZHjQ6M6Y/aqT9J4+TD10WV2mkGBNj5ZGAEmOuet8JZ92T1m5jN22gEcoxY
d96nOabVJhdE0szXg9/pTrkPGAuBhCMAMuFtLe/ET8JzSg0VGdF+BumRE7kfjLKl
soqzE9KeJCuoy6BflYK5uXBF0fyOuE/t0kpa9PGJ6TFIH+vu/QhShujtcrZO9T2p
daRIaYNJ/KQxQwG809HJp0LlZjyhICT84M3up5DnAaVyEU/poasBLMHQ5Nb43Og5
pzksld/F9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:48:27 2025 by rpki-client