Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/T7CYYFVfIcXfDZJG7fjiwMp_ObI.roa
File: T7CYYFVfIcXfDZJG7fjiwMp_ObI.roa (raw, json)
Hash identifier: gI0qEQWQ1EuxD4GDmoojm9BYYnFXN5QK+ePpWr33msg=
Subject key identifier: 4F:B0:98:60:55:5F:21:C5:DF:0D:92:46:ED:F8:E2:C0:CA:7F:39:B2
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0196996D2AF5346725841A79C155A7859DBC
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/T7CYYFVfIcXfDZJG7fjiwMp_ObI.roa
Signing time: Sun 04 May 2025 03:53:10 +0000
ROA not before: Sun 04 May 2025 03:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31732
IP address blocks: 188.209.155.0/24 maxlen: 24
188.209.156.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
2001:16c0::/29 maxlen: 29
2001:16c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:99:6d:2a:f5:34:67:25:84:1a:79:c1:55:a7:85:9d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 4 03:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fb09860555f21c5df0d9246edf8e2c0ca7f39b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:5d:9b:f9:0a:3d:14:ff:f4:37:55:68:84:
b6:7f:91:e1:32:f7:a2:9d:6b:aa:57:16:c1:8c:cb:
0e:c1:ad:8a:3d:c3:4a:75:8f:36:33:86:03:bf:1b:
68:6f:90:18:e0:1f:63:72:7c:c3:4e:9f:f2:c3:1b:
cf:10:e5:6c:8d:04:6a:c8:56:c8:bb:43:ee:a2:d4:
d5:5d:01:61:9c:a5:03:97:e9:e2:42:37:94:dd:55:
5a:7b:f3:1d:8c:a2:82:b9:ea:64:a9:08:19:e3:ad:
07:39:37:41:1c:4e:20:4a:38:d8:62:29:45:46:4c:
db:c1:f0:e8:61:49:61:9b:7b:b4:c2:65:79:2f:1c:
04:2f:72:2c:3e:48:bb:eb:72:3b:a5:51:5b:ab:d2:
4d:df:86:28:dc:92:eb:ae:0f:17:5a:0f:09:69:ab:
26:4f:9f:11:fd:19:03:95:30:df:94:eb:4d:42:84:
5d:41:b3:5f:fe:10:61:cd:46:63:c2:0e:e8:69:79:
a3:45:d6:a6:69:b2:47:bc:32:13:2e:9e:45:32:c2:
25:9f:28:51:64:6d:d1:d1:6e:ce:47:1b:3f:4e:ec:
37:07:f7:09:39:d7:54:83:97:23:53:b7:b8:7a:0a:
44:b9:19:9b:b9:00:f8:29:c6:17:79:67:74:e6:f6:
b6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:98:60:55:5F:21:C5:DF:0D:92:46:ED:F8:E2:C0:CA:7F:39:B2
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/T7CYYFVfIcXfDZJG7fjiwMp_ObI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.155.0-188.209.159.255
212.90.100.0/22
213.173.32.0/22
IPv6:
2001:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:95:e1:27:ca:3f:52:24:5a:06:b2:f3:19:7d:d0:34:18:6e:
a1:f2:88:82:b3:b1:ee:28:1e:a6:bb:3d:d8:4c:68:50:32:19:
4b:50:fb:dc:f8:19:ee:c6:c2:69:ab:1e:3f:b1:38:e4:a7:9e:
17:65:84:af:78:78:0f:bd:c8:3b:40:59:1f:c1:24:47:2a:3f:
de:73:9e:5a:98:2f:46:f1:52:2e:06:cc:68:5b:07:af:ec:0e:
0f:6d:01:4c:be:c6:53:d9:0e:03:68:04:2a:49:a7:e7:02:ff:
5f:d6:fe:2c:16:1f:98:d5:bd:c6:8f:67:f0:9d:c0:87:61:a8:
bb:da:03:6b:62:14:c7:bb:28:84:1d:aa:3d:88:a7:8f:78:28:
80:fb:82:66:2f:8e:33:be:90:ca:02:58:77:9a:0d:60:8e:78:
81:86:4f:54:a4:ce:0a:67:a7:5e:9a:cd:f2:6a:b0:ab:95:2c:
38:5e:01:76:88:a4:32:00:60:23:df:dc:cc:c0:0b:f8:0e:a3:
f4:82:17:c0:d7:4c:93:41:8b:ac:7f:71:aa:41:59:91:2b:e5:
1e:31:7e:ee:35:40:59:22:cd:86:21:3a:83:b4:43:46:c7:d6:
8a:a3:14:22:b2:64:5e:15:f9:a1:c7:a6:dc:3e:b2:2b:7c:2e:
2f:98:89:c9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZaZbSr1NGclhBp5wVWnhZ28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNTA0MDM1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmIwOTg2MDU1NWYyMWM1ZGYwZDkyNDZlZGY4ZTJjMGNhN2YzOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwFdm/kKPRT/9DdVaIS2f5HhMvei
nWuqVxbBjMsOwa2KPcNKdY82M4YDvxtob5AY4B9jcnzDTp/ywxvPEOVsjQRqyFbI
u0PuotTVXQFhnKUDl+niQjeU3VVae/MdjKKCuepkqQgZ460HOTdBHE4gSjjYYilF
RkzbwfDoYUlhm3u0wmV5LxwEL3IsPki763I7pVFbq9JN34Yo3JLrrg8XWg8Jaasm
T58R/RkDlTDflOtNQoRdQbNf/hBhzUZjwg7oaXmjRdamabJHvDITLp5FMsIlnyhR
ZG3R0W7ORxs/Tuw3B/cJOddUg5cjU7e4egpEuRmbuQD4KcYXeWd05va2zwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFE+wmGBVXyHF3w2SRu344sDKfzmyMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVDdDWVlGVmZJY1hmRFpKRzdmaml3TXBfT2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAC80ZsD
BAW80YADBALUWmQDBALVrSAwDQQCAAIwBwMFAyABFsAwDQYJKoZIhvcNAQELBQAD
ggEBAKmV4SfKP1IkWgay8xl90DQYbqHyiIKzse4oHqa7PdhMaFAyGUtQ+9z4Ge7G
wmmrHj+xOOSnnhdlhK94eA+9yDtAWR/BJEcqP95znlqYL0bxUi4GzGhbB6/sDg9t
AUy+xlPZDgNoBCpJp+cC/1/W/iwWH5jVvcaPZ/CdwIdhqLvaA2tiFMe7KIQdqj2I
p494KID7gmYvjjO+kMoCWHeaDWCOeIGGT1Skzgpnp16azfJqsKuVLDheAXaIpDIA
YCPf3MzAC/gOo/SCF8DXTJNBi6x/capBWZEr5R4xfu41QFkizYYhOoO0Q0bH1oqj
FCKyZF4V+aHHptw+sit8Li+Yick=
-----END CERTIFICATE-----
Generated at Wed Jun 4 12:22:26 2025 by rpki-client