Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/3Q4-nm9Afpxwl-rsuAE0uraA2Ho.roa
File: 3Q4-nm9Afpxwl-rsuAE0uraA2Ho.roa (raw, json)
Hash identifier: w0/s8wW3wnSLtMZE2Dd4d4ibLqmaSIOhu54oA3SxPvE=
Subject key identifier: DD:0E:3E:9E:6F:40:7E:9C:70:97:EA:EC:B8:01:34:BA:B6:80:D8:7A
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 0196F85B9989D74895F721279DFE637CAED1
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/3Q4-nm9Afpxwl-rsuAE0uraA2Ho.roa
Signing time: Thu 22 May 2025 14:17:54 +0000
ROA not before: Thu 22 May 2025 14:17:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14340
IP address blocks: 85.222.128.0/19 maxlen: 24
151.106.128.0/20 maxlen: 24
151.106.144.0/20 maxlen: 24
151.106.216.0/22 maxlen: 24
151.106.220.0/22 maxlen: 24
159.92.0.0/16 maxlen: 24
160.8.0.0/16 maxlen: 24
161.71.0.0/17 maxlen: 24
161.71.128.0/17 maxlen: 24
163.76.128.0/17 maxlen: 24
163.79.128.0/17 maxlen: 24
185.79.140.0/22 maxlen: 24
194.145.0.0/20 maxlen: 24
194.145.16.0/21 maxlen: 24
2a03:5d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:5b:99:89:d7:48:95:f7:21:27:9d:fe:63:7c:ae:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: May 22 14:17:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd0e3e9e6f407e9c7097eaecb80134bab680d87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:8f:3f:13:15:3f:0b:a4:a9:a7:ef:21:40:
cc:6a:6f:25:52:9f:b1:f9:72:a2:e4:b9:25:6e:ce:
10:46:e2:35:de:af:0d:f9:81:7e:63:27:85:91:3e:
cd:93:92:90:c2:4e:c8:b8:96:50:57:b4:15:1d:f1:
fb:0d:ca:d9:99:f9:f6:b9:3a:7e:79:33:43:0e:aa:
ef:ab:7b:4d:dc:e8:2d:ae:70:5e:27:fd:68:ed:fe:
ee:33:0e:63:f4:06:7d:a8:c0:ec:7d:7b:79:71:df:
46:24:5a:16:8b:ca:e6:e2:aa:de:87:9c:dd:84:f5:
b1:a1:33:c4:7d:ad:3c:3e:1f:fb:c3:ef:d6:0d:f7:
05:0c:e9:92:2d:e8:67:c8:f3:93:3c:a8:b9:b5:54:
69:81:99:4e:d9:8d:cd:2a:0e:a0:15:e9:5e:2d:f4:
ad:52:d7:51:91:87:32:d6:b9:c5:d6:b3:d4:96:84:
41:74:87:54:ba:74:e2:39:1d:e8:8c:d5:bb:eb:0a:
31:54:25:9e:4b:1e:08:e9:a4:71:df:aa:eb:e0:2a:
0c:12:4c:e4:ef:9e:d7:e2:c2:a6:f3:eb:0d:a5:03:
38:7d:f6:44:ec:cd:99:30:d1:13:12:d4:75:11:c9:
e0:47:97:0a:1a:0c:85:28:df:93:b7:33:42:38:25:
da:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:3E:9E:6F:40:7E:9C:70:97:EA:EC:B8:01:34:BA:B6:80:D8:7A
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/3Q4-nm9Afpxwl-rsuAE0uraA2Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.128.0/19
151.106.128.0/19
151.106.216.0/21
159.92.0.0/16
160.8.0.0/16
161.71.0.0/16
163.76.128.0/17
163.79.128.0/17
185.79.140.0/22
194.145.0.0-194.145.23.255
IPv6:
2a03:5d60::/32
Signature Algorithm: sha256WithRSAEncryption
27:07:f3:92:ca:ef:d2:cd:f9:a9:34:00:ad:e2:f5:a5:82:32:
7a:d1:91:04:2a:93:e8:24:65:d1:27:39:05:1f:82:16:05:a2:
4f:88:b0:1a:5d:f8:99:5e:c8:a9:15:2e:42:17:ac:5c:31:c0:
53:b2:a8:1d:35:b8:c1:2a:4a:77:e0:11:73:52:9c:ef:e9:ca:
b1:49:95:94:b8:e0:ff:5a:37:4a:65:71:62:3f:6a:5d:4c:6e:
9b:c0:b7:2d:c0:2d:41:68:17:48:ca:29:ca:4d:6e:59:88:7e:
63:0f:ba:0c:f9:d4:a3:9b:0b:89:cf:dd:53:9a:78:81:38:f6:
1b:09:a7:f1:68:4e:40:5a:56:da:f4:56:2d:73:eb:06:b0:7f:
c2:c6:6d:a5:3b:35:c9:d1:3d:33:29:e2:73:c3:9b:02:a0:8b:
ec:c7:9d:d8:e2:db:8c:0c:74:4a:18:9b:11:6b:ec:db:98:23:
31:be:a2:fe:0f:7d:1b:42:70:f5:c2:b2:a7:eb:60:87:04:01:
33:e4:60:46:5f:d9:6c:bb:70:9a:d9:ca:46:cc:c9:06:4d:15:
c8:5f:b4:70:4f:70:06:ad:06:94:1d:81:a8:5d:68:e2:ed:a2:
94:ce:1d:bd:11:39:93:fd:19:1d:a2:e1:2c:70:53:3e:cf:55:
de:03:70:69
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZb4W5mJ10iV9yEnnf5jfK7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjUwNTIyMTQxNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlM2U5ZTZmNDA3ZTljNzA5N2VhZWNiODAxMzRiYWI2ODBkODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt6PPxMVPwukqafvIUDMam8lUp+x
+XKi5Lklbs4QRuI13q8N+YF+YyeFkT7Nk5KQwk7IuJZQV7QVHfH7DcrZmfn2uTp+
eTNDDqrvq3tN3OgtrnBeJ/1o7f7uMw5j9AZ9qMDsfXt5cd9GJFoWi8rm4qreh5zd
hPWxoTPEfa08Ph/7w+/WDfcFDOmSLehnyPOTPKi5tVRpgZlO2Y3NKg6gFeleLfSt
UtdRkYcy1rnF1rPUloRBdIdUunTiOR3ojNW76woxVCWeSx4I6aRx36rr4CoMEkzk
757X4sKm8+sNpQM4ffZE7M2ZMNETEtR1EcngR5cKGgyFKN+TtzNCOCXa0QIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFN0OPp5vQH6ccJfq7LgBNLq2gNh6MB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvM1E0LW5tOUFmcHh3bC1yc3VBRTB1cmFBMkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQFVd6AAwQF
l2qAAwQDl2rYAwMAn1wDAwCgCAMDAKFHAwQHo0yAAwQHo0+AAwQCuU+MMAsDAwDC
kQMEA8KREDANBAIAAjAHAwUAKgNdYDANBgkqhkiG9w0BAQsFAAOCAQEAJwfzksrv
0s35qTQAreL1pYIyetGRBCqT6CRl0Sc5BR+CFgWiT4iwGl34mV7IqRUuQhesXDHA
U7KoHTW4wSpKd+ARc1Kc7+nKsUmVlLjg/1o3SmVxYj9qXUxum8C3LcAtQWgXSMop
yk1uWYh+Yw+6DPnUo5sLic/dU5p4gTj2Gwmn8WhOQFpW2vRWLXPrBrB/wsZtpTs1
ydE9Mynic8ObAqCL7Med2OLbjAx0ShibEWvs25gjMb6i/g99G0Jw9cKyp+tghwQB
M+RgRl/ZbLtwmtnKRszJBk0VyF+0cE9wBq0GlB2BqF1o4u2ilM4dvRE5k/0ZHaLh
LHBTPs9V3gNwaQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 18:21:20 2025 by rpki-client