Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/4ASzv8VWMQYFKDY_-XGCbimJW5s.roa
File: 4ASzv8VWMQYFKDY_-XGCbimJW5s.roa (raw, json)
Hash identifier: 4zLzwFIqB9q7XlogNn2GDLJVXFyYSxghGw7cNNnYtt8=
Subject key identifier: E0:04:B3:BF:C5:56:31:06:05:28:36:3F:F9:71:82:6E:29:89:5B:9B
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0196C33E6D4764FF9B87702BED467217D702
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/4ASzv8VWMQYFKDY_-XGCbimJW5s.roa
Signing time: Mon 12 May 2025 06:46:10 +0000
ROA not before: Mon 12 May 2025 06:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212165
IP address blocks: 109.120.147.0/24 maxlen: 24
109.120.159.0/24 maxlen: 24
176.98.186.0/24 maxlen: 24
176.98.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:3e:6d:47:64:ff:9b:87:70:2b:ed:46:72:17:d7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 12 06:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e004b3bfc55631060528363ff971826e29895b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:08:2f:66:2c:fb:8a:0e:d8:72:5b:2d:5a:2a:
19:d3:98:1c:ab:92:36:59:aa:6a:0d:ba:f8:d1:b7:
58:47:cf:01:a2:58:15:74:c7:92:e7:a5:1d:33:68:
dd:05:ad:1c:b9:4b:15:9f:df:a8:3b:a0:1f:34:ba:
f4:25:a4:45:07:4f:09:56:3b:5b:31:9e:9b:13:22:
8e:55:0a:46:4e:d6:32:35:db:4a:18:2f:03:6a:41:
3e:07:85:79:f3:9d:6f:57:30:88:cd:10:05:3e:8d:
44:0a:a9:d9:9e:9a:4e:82:22:05:7c:d1:7c:3a:6e:
b1:50:64:1f:64:99:57:bb:1e:ca:62:5c:da:de:9e:
8c:0e:28:54:b3:68:71:10:27:d0:9a:d2:99:56:2a:
3e:cc:19:8a:42:a4:52:ba:60:78:6e:c2:9f:cf:96:
33:e3:75:48:5b:13:7e:2f:ac:a6:c9:2f:b2:17:d1:
cf:42:62:55:d5:de:fb:da:20:93:33:8c:b2:73:a6:
30:57:95:fb:22:90:73:95:8b:87:d1:68:fc:49:33:
2a:dc:5c:1c:8a:cc:99:07:de:52:7e:f5:fd:ed:4e:
b8:21:60:0c:8f:15:0b:80:df:2e:bb:ce:b0:67:e3:
95:4c:17:af:49:e6:18:5c:4d:65:ee:a5:6d:d2:0c:
f8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:B3:BF:C5:56:31:06:05:28:36:3F:F9:71:82:6E:29:89:5B:9B
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/4ASzv8VWMQYFKDY_-XGCbimJW5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.147.0/24
109.120.159.0/24
176.98.186.0/24
176.98.188.0/24
Signature Algorithm: sha256WithRSAEncryption
87:98:5b:1e:f6:df:d9:4f:db:58:1a:f7:cd:8b:30:61:9c:48:
42:f5:ab:3b:5e:29:e7:82:85:28:df:10:0e:2b:40:c0:d1:7b:
ca:23:84:fc:ca:bd:07:8b:ee:d1:43:19:19:2d:e6:ec:37:86:
2e:b2:81:bc:cb:d2:c4:95:39:6b:09:07:3c:9e:16:ae:91:60:
53:1f:2d:cb:ce:f0:81:e1:76:1d:b1:87:cc:18:dc:b1:64:9c:
12:7a:14:47:01:fd:46:5a:70:18:a4:fc:e9:3c:c0:f4:a5:66:
95:ee:12:86:39:a0:04:85:a6:35:fc:c9:5d:43:49:4a:b1:58:
4e:62:34:3d:7f:09:09:5c:8a:c6:17:37:7f:f3:50:13:fb:ed:
2a:4e:5c:af:ed:cc:40:2f:5e:b3:9b:5f:c3:b7:86:0b:20:1b:
00:c0:9a:e8:61:1f:5f:e9:63:14:cb:8f:02:41:91:b5:03:d1:
33:c2:c2:6b:cc:7a:c0:14:89:64:ec:47:b1:0d:7e:3f:35:09:
69:65:b1:df:f8:12:6b:c3:f5:56:1b:e8:18:5f:9f:e7:c1:14:
18:2c:e2:47:f6:a5:28:62:c1:db:6c:ef:30:68:d7:00:c5:bf:
6d:40:1f:ea:97:74:18:25:e8:5c:51:8e:ac:b9:35:f2:98:63:
e7:01:ef:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbDPm1HZP+bh3Ar7UZyF9cCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwNTEyMDY0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA0YjNiZmM1NTYzMTA2MDUyODM2M2ZmOTcxODI2ZTI5ODk1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AgvZiz7ig7YclstWioZ05gcq5I2
WapqDbr40bdYR88BolgVdMeS56UdM2jdBa0cuUsVn9+oO6AfNLr0JaRFB08JVjtb
MZ6bEyKOVQpGTtYyNdtKGC8DakE+B4V5851vVzCIzRAFPo1ECqnZnppOgiIFfNF8
Om6xUGQfZJlXux7KYlza3p6MDihUs2hxECfQmtKZVio+zBmKQqRSumB4bsKfz5Yz
43VIWxN+L6ymyS+yF9HPQmJV1d772iCTM4yyc6YwV5X7IpBzlYuH0Wj8STMq3Fwc
isyZB95SfvX97U64IWAMjxULgN8uu86wZ+OVTBevSeYYXE1l7qVt0gz4nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOAEs7/FVjEGBSg2P/lxgm4piVubMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvNEFTenY4VldNUVlGS0RZXy1YR0NiaW1KVzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXiTAwQA
bXifAwQAsGK6AwQAsGK8MA0GCSqGSIb3DQEBCwUAA4IBAQCHmFse9t/ZT9tYGvfN
izBhnEhC9as7XinngoUo3xAOK0DA0XvKI4T8yr0Hi+7RQxkZLebsN4YusoG8y9LE
lTlrCQc8nhaukWBTHy3LzvCB4XYdsYfMGNyxZJwSehRHAf1GWnAYpPzpPMD0pWaV
7hKGOaAEhaY1/MldQ0lKsVhOYjQ9fwkJXIrGFzd/81AT++0qTlyv7cxAL16zm1/D
t4YLIBsAwJroYR9f6WMUy48CQZG1A9EzwsJrzHrAFIlk7EexDX4/NQlpZbHf+BJr
w/VWG+gYX5/nwRQYLOJH9qUoYsHbbO8waNcAxb9tQB/ql3QYJehcUY6suTXymGPn
Ae+F
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:13:17 2025 by rpki-client