Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/0zLOEB5vy5c-8Tq5A0mIyET-fGs.roa
File: 0zLOEB5vy5c-8Tq5A0mIyET-fGs.roa (raw, json)
Hash identifier: Mehc6ene1llyetFafCLYX+ACHG4HbBNKN0BRvACi9As=
Subject key identifier: D3:32:CE:10:1E:6F:CB:97:3E:F1:3A:B9:03:49:88:C8:44:FE:7C:6B
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0196F8000CA74093C1DF441996A362D64114
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/0zLOEB5vy5c-8Tq5A0mIyET-fGs.roa
Signing time: Thu 22 May 2025 12:37:54 +0000
ROA not before: Thu 22 May 2025 12:37:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8561
IP address blocks: 185.119.136.0/22 maxlen: 24
194.77.54.0/23 maxlen: 23
195.253.64.0/24 maxlen: 24
195.253.66.0/24 maxlen: 24
195.253.74.0/24 maxlen: 24
195.253.88.0/21 maxlen: 24
195.253.96.0/19 maxlen: 24
2a01:5b0:3::/48 maxlen: 48
2a01:5b0:4::/48 maxlen: 48
2a01:5b0:6::/48 maxlen: 48
2a01:5b0:8::/46 maxlen: 48
2a01:5b0:d::/48 maxlen: 48
2a01:5b0:10::/45 maxlen: 48
2a01:5b0:20::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:00:0c:a7:40:93:c1:df:44:19:96:a3:62:d6:41:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: May 22 12:37:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d332ce101e6fcb973ef13ab9034988c844fe7c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:70:0e:62:0f:7b:ee:6c:a9:03:e6:bf:c2:
65:5a:a7:be:f2:45:cf:09:a8:9e:c1:09:1e:f2:1f:
b2:e6:54:7d:3f:c5:aa:58:8e:11:eb:12:d2:c6:f5:
90:64:d2:d4:e7:2e:8e:03:96:38:fa:0e:2b:db:63:
63:d8:5f:a4:b2:13:e1:fe:c0:a8:2a:d0:03:61:90:
69:70:21:55:38:b1:44:bc:af:06:1a:22:92:e2:0a:
bf:cc:aa:64:7a:5f:3a:48:33:b1:1a:2c:de:87:f2:
2b:b0:02:6d:4e:c4:9b:fb:13:4f:63:6c:1e:30:54:
3d:b6:12:8b:76:02:6a:a8:0a:65:0d:63:56:be:66:
e3:a4:93:42:a6:71:cc:68:c9:5b:e5:28:91:bd:39:
a9:00:32:75:6d:7f:25:fa:15:c9:63:dc:b8:c0:94:
4b:22:70:3c:d1:97:27:e4:9c:61:9b:cd:df:70:99:
5c:2b:77:a2:94:8e:31:fd:23:44:00:1f:b4:5a:a3:
e2:27:46:86:47:b0:fe:db:1f:60:f8:ed:fa:07:28:
70:75:5d:70:83:7f:26:84:e1:79:52:31:3a:90:d1:
c9:a1:1c:fe:4d:9d:23:90:7c:31:a8:dd:ee:3d:8d:
49:f8:a7:5b:14:c3:7f:c5:6b:a4:e3:5c:d4:06:17:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:32:CE:10:1E:6F:CB:97:3E:F1:3A:B9:03:49:88:C8:44:FE:7C:6B
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/0zLOEB5vy5c-8Tq5A0mIyET-fGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
194.77.54.0/23
195.253.64.0/24
195.253.66.0/24
195.253.74.0/24
195.253.88.0-195.253.127.255
IPv6:
2a01:5b0:3::-2a01:5b0:4:ffff:ffff:ffff:ffff:ffff
2a01:5b0:6::/48
2a01:5b0:8::/46
2a01:5b0:d::/48
2a01:5b0:10::/45
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
79:3a:25:6f:1f:cf:0b:93:f4:a6:5e:8a:ad:3a:14:3e:18:32:
b4:6e:47:1b:71:49:b6:ee:46:fd:78:4e:0f:d8:33:13:4b:ec:
a9:02:0e:ac:30:be:18:19:b2:b5:6b:1c:64:94:e7:00:fc:b5:
bf:33:30:98:6a:10:c3:a4:bb:56:c8:97:c1:a9:86:8f:ec:3c:
40:6a:78:45:55:53:22:6d:bb:96:bb:ad:30:51:d2:26:13:12:
38:7d:b1:55:3a:14:00:43:26:6a:66:51:41:dc:b5:d1:12:6c:
75:c8:27:57:d4:ea:6a:a6:be:03:49:8c:aa:29:4f:e1:00:a6:
93:5e:23:65:31:c7:3f:5e:e3:bf:51:09:ad:eb:35:7f:48:51:
72:fb:4f:16:92:37:53:d7:02:9a:ca:01:68:cc:5b:12:33:30:
ef:56:c5:ab:b8:59:70:df:93:02:a2:a3:ad:3b:56:8f:1d:2a:
44:21:a5:b9:30:af:8d:e6:e5:44:2b:e9:83:7a:a3:d2:ab:78:
41:c7:14:07:22:a0:bc:0a:bd:fe:c1:8b:ab:b9:ca:0b:7d:12:
00:59:79:b3:69:c8:c9:51:f2:e6:f3:27:61:fe:1e:6f:91:a1:
b0:ed:13:a7:55:5d:87:15:09:91:68:87:15:b1:6d:fc:1f:c4:
a0:4b:c9:f2
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZb4AAynQJPB30QZlqNi1kEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwNTIyMTIzNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzMyY2UxMDFlNmZjYjk3M2VmMTNhYjkwMzQ5ODhjODQ0ZmU3YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJxwDmIPe+5sqQPmv8JlWqe+8kXP
CaiewQke8h+y5lR9P8WqWI4R6xLSxvWQZNLU5y6OA5Y4+g4r22Nj2F+kshPh/sCo
KtADYZBpcCFVOLFEvK8GGiKS4gq/zKpkel86SDOxGizeh/IrsAJtTsSb+xNPY2we
MFQ9thKLdgJqqAplDWNWvmbjpJNCpnHMaMlb5SiRvTmpADJ1bX8l+hXJY9y4wJRL
InA80Zcn5Jxhm83fcJlcK3eilI4x/SNEAB+0WqPiJ0aGR7D+2x9g+O36ByhwdV1w
g38mhOF5UjE6kNHJoRz+TZ0jkHwxqN3uPY1J+KdbFMN/xWuk41zUBhfc0wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFNMyzhAeb8uXPvE6uQNJiMhE/nxrMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvMHpMT0VCNXZ5NWMtOFRxNUEwbUl5RVQtZkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wMgQCAAEwLAMEArl3iAME
AcJNNgMEAMP9QAMEAMP9QgMEAMP9SjAMAwQDw/1YAwQHw/0AMEcEAgACMEEwEgMH
ACoBBbAAAwMHACoBBbAABAMHACoBBbAABgMHAioBBbAACAMHACoBBbAADQMHAyoB
BbAAEAMHBSoBBbAAIDANBgkqhkiG9w0BAQsFAAOCAQEAeTolbx/PC5P0pl6KrToU
PhgytG5HG3FJtu5G/XhOD9gzE0vsqQIOrDC+GBmytWscZJTnAPy1vzMwmGoQw6S7
VsiXwamGj+w8QGp4RVVTIm27lrutMFHSJhMSOH2xVToUAEMmamZRQdy10RJsdcgn
V9Tqaqa+A0mMqilP4QCmk14jZTHHP17jv1EJres1f0hRcvtPFpI3U9cCmsoBaMxb
EjMw71bFq7hZcN+TAqKjrTtWjx0qRCGluTCvjeblRCvpg3qj0qt4QccUByKgvAq9
/sGLq7nKC30SAFl5s2nIyVHy5vMnYf4eb5GhsO0Tp1VdhxUJkWiHFbFt/B/EoEvJ
8g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:05:27 2025 by rpki-client