Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/1zvPd2_EHz87evVZPp5Zcl60nXM.roa
File: 1zvPd2_EHz87evVZPp5Zcl60nXM.roa (raw, json)
Hash identifier: JkS5NetwxNa8UNzzUzRnMLY7xY87jgayjSZioghgvkg=
Subject key identifier: D7:3B:CF:77:6F:C4:1F:3F:3B:7A:F5:59:3E:9E:59:72:5E:B4:9D:73
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 0196CF0542005BB24176841F601A4F9655DE
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/1zvPd2_EHz87evVZPp5Zcl60nXM.roa
Signing time: Wed 14 May 2025 13:39:10 +0000
ROA not before: Wed 14 May 2025 13:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.195.242.0/23 maxlen: 24
139.66.0.0/16 maxlen: 24
194.39.128.0/21 maxlen: 24
194.39.136.0/22 maxlen: 24
194.45.236.0/23 maxlen: 24
194.55.88.0/22 maxlen: 24
2a00:fe00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Jun 2025 19:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:05:42:00:5b:b2:41:76:84:1f:60:1a:4f:96:55:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: May 14 13:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d73bcf776fc41f3f3b7af5593e9e59725eb49d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:28:85:14:97:7f:e2:0f:d7:2a:73:ff:46:c9:
12:33:35:06:b4:91:02:50:83:43:f4:47:fc:c0:b0:
25:b8:a9:5c:7f:db:9d:7e:e4:12:dd:ae:18:e5:55:
0d:eb:b8:2a:b4:fb:d1:94:81:0f:59:13:0d:e3:df:
24:2d:b6:99:a5:fe:b0:04:ea:ed:45:95:fe:04:bd:
20:4b:a6:ff:83:3e:03:02:cf:14:2a:7f:f9:61:e5:
b9:2e:a8:80:ee:00:b2:e1:9d:c6:a8:ef:e0:aa:ec:
bb:d9:1d:29:49:f8:2b:96:f5:1b:89:58:f2:f5:b8:
42:01:bf:2e:ea:41:23:49:60:45:e5:f2:60:74:03:
96:42:17:ea:6f:e9:82:9e:4b:cb:2d:48:da:4c:f7:
5a:af:65:8d:9e:7c:9f:fe:a3:8f:77:9d:50:61:64:
17:a3:84:48:d1:af:02:b5:e6:33:fe:47:e7:25:eb:
45:d7:0a:25:63:c7:35:30:aa:d5:c4:98:12:21:d6:
0e:d9:cd:37:06:10:ce:19:46:2a:cf:2b:0e:9d:7f:
1b:4a:0f:61:79:41:d8:e6:97:6f:51:c9:44:72:a3:
67:6f:54:e0:3d:ab:b5:03:c5:56:8a:91:81:57:48:
89:38:a7:06:c4:f6:02:0f:2a:db:01:e6:97:03:79:
fa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3B:CF:77:6F:C4:1F:3F:3B:7A:F5:59:3E:9E:59:72:5E:B4:9D:73
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/1zvPd2_EHz87evVZPp5Zcl60nXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.242.0/23
139.66.0.0/16
194.39.128.0-194.39.139.255
194.45.236.0/23
194.55.88.0/22
IPv6:
2a00:fe00::/32
Signature Algorithm: sha256WithRSAEncryption
03:d3:ed:1b:19:e6:58:5d:a4:16:b9:d5:9d:d0:c3:eb:b4:a0:
f5:d1:3d:6f:cd:d7:bf:fe:f7:fb:0a:c1:3e:8e:4f:f2:60:a9:
ec:b2:1e:87:8c:85:09:10:e5:89:27:5d:9b:ce:98:ac:38:ff:
92:f2:72:d1:15:0e:a3:f3:b6:c5:16:b9:87:79:10:cd:02:a1:
af:05:0c:0e:9f:fe:71:6c:a0:f1:35:1e:34:8e:03:07:52:41:
bc:81:4a:1a:1d:b6:29:fb:23:d4:59:64:95:68:75:bd:6c:39:
4d:e0:44:8d:58:1b:69:d9:18:92:8b:b6:93:78:12:cc:4a:d5:
87:d7:50:32:75:af:68:91:06:5d:fa:31:77:2b:f9:ee:70:83:
2b:f1:02:6d:3e:5d:e1:f8:72:77:c1:d4:e6:5c:c8:a8:79:a5:
60:77:eb:ec:1d:bf:7d:92:7e:93:cf:09:fb:8b:03:2b:6f:3f:
39:f1:e7:ba:33:4b:12:56:cc:c8:46:cd:f5:0c:d3:5e:c7:10:
b7:4f:69:78:43:fa:39:a6:c4:80:9e:e2:e4:db:d9:43:5c:67:
30:6b:64:29:28:2f:5a:5c:0d:af:c8:05:f4:bf:54:0a:6c:d4:
b5:14:c1:d5:bc:30:53:17:37:da:5c:84:f7:21:ea:52:6e:97:
4c:76:ca:b8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZbPBUIAW7JBdoQfYBpPllXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwNTE0MTMzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNiY2Y3NzZmYzQxZjNmM2I3YWY1NTkzZTllNTk3MjVlYjQ5ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSiFFJd/4g/XKnP/RskSMzUGtJEC
UIND9Ef8wLAluKlcf9udfuQS3a4Y5VUN67gqtPvRlIEPWRMN498kLbaZpf6wBOrt
RZX+BL0gS6b/gz4DAs8UKn/5YeW5LqiA7gCy4Z3GqO/gquy72R0pSfgrlvUbiVjy
9bhCAb8u6kEjSWBF5fJgdAOWQhfqb+mCnkvLLUjaTPdar2WNnnyf/qOPd51QYWQX
o4RI0a8CteYz/kfnJetF1wolY8c1MKrVxJgSIdYO2c03BhDOGUYqzysOnX8bSg9h
eUHY5pdvUclEcqNnb1TgPau1A8VWipGBV0iJOKcGxPYCDyrbAeaXA3n6WQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNc7z3dvxB8/O3r1WT6eWXJetJ1zMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvMXp2UGQyX0VIejg3ZXZWWlBwNVpjbDYwblhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQBW8PyAwMA
i0IwDAMEB8IngAMEAsIniAMEAcIt7AMEAsI3WDANBAIAAjAHAwUAKgD+ADANBgkq
hkiG9w0BAQsFAAOCAQEAA9PtGxnmWF2kFrnVndDD67Sg9dE9b83Xv/73+wrBPo5P
8mCp7LIeh4yFCRDliSddm86YrDj/kvJy0RUOo/O2xRa5h3kQzQKhrwUMDp/+cWyg
8TUeNI4DB1JBvIFKGh22Kfsj1FlklWh1vWw5TeBEjVgbadkYkou2k3gSzErVh9dQ
MnWvaJEGXfoxdyv57nCDK/ECbT5d4fhyd8HU5lzIqHmlYHfr7B2/fZJ+k88J+4sD
K28/OfHnujNLElbMyEbN9QzTXscQt09peEP6OabEgJ7i5NvZQ1xnMGtkKSgvWlwN
r8gF9L9UCmzUtRTB1bwwUxc32lyE9yHqUm6XTHbKuA==
-----END CERTIFICATE-----
Generated at Sun Jun 1 03:07:43 2025 by rpki-client