Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/D3KzOuSHnINj7YsYIxZhKw2tJLI.roa
File: D3KzOuSHnINj7YsYIxZhKw2tJLI.roa (raw, json)
Hash identifier: TArdMR0dUk5iRwDg/3JrhTXVptyyPyGKyBf2Jxa6esk=
Subject key identifier: 0F:72:B3:3A:E4:87:9C:83:63:ED:8B:18:23:16:61:2B:0D:AD:24:B2
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 0196C347945891B1341E19A6E82D8FF39A7C
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/D3KzOuSHnINj7YsYIxZhKw2tJLI.roa
Signing time: Mon 12 May 2025 06:56:10 +0000
ROA not before: Mon 12 May 2025 06:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48108
IP address blocks: 31.222.227.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
176.53.146.0/23 maxlen: 23
176.116.0.0/24 maxlen: 24
185.235.230.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
2a0a:2e80::/32 maxlen: 32
2a0a:2e82::/32 maxlen: 32
2a11:7e40::/48 maxlen: 48
2a11:7e40:1::/48 maxlen: 48
2a11:7e40:2::/48 maxlen: 48
2a11:8480::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
2a11:8482::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:47:94:58:91:b1:34:1e:19:a6:e8:2d:8f:f3:9a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: May 12 06:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f72b33ae4879c8363ed8b182316612b0dad24b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:d2:f1:85:3c:42:f3:e5:98:fb:47:2b:b9:
29:8c:d2:43:25:18:30:85:64:e5:1f:e7:15:5f:83:
62:62:0b:78:91:28:40:c3:48:9f:a5:89:5a:93:91:
e7:d2:57:b6:97:f7:ab:1e:a7:ce:2e:69:6d:15:26:
be:87:d7:50:0c:9b:12:19:99:32:17:8a:8b:cf:99:
48:62:f8:4c:9b:76:25:ba:0c:1b:2f:c6:22:70:45:
6b:23:b2:41:2f:a5:13:ac:2d:d2:c7:b0:c4:35:11:
75:ca:3c:e2:ff:ad:b5:8f:a9:0c:a3:e1:ef:eb:ce:
7d:71:f5:81:6b:34:26:d5:d9:06:d9:3a:fe:24:7b:
02:da:7c:07:cd:87:42:21:5e:bd:08:20:fb:57:74:
74:ae:1e:f4:7e:67:90:d3:95:1a:f9:81:6e:4c:ea:
50:1d:97:81:75:43:23:f2:6c:de:31:21:ee:07:63:
4c:82:82:a4:c8:42:c1:68:c5:7e:3a:d8:d1:b7:1d:
52:a8:d8:b9:61:60:bf:ea:a3:d0:a7:13:3c:1d:ec:
61:e0:4e:0c:db:a9:a9:dc:ff:8d:ee:83:49:ce:0b:
4b:22:6c:be:2c:5b:38:90:a0:27:de:91:8c:11:d2:
b0:d5:f0:e2:65:82:bd:24:75:f5:1e:34:ab:af:9d:
94:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:72:B3:3A:E4:87:9C:83:63:ED:8B:18:23:16:61:2B:0D:AD:24:B2
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/D3KzOuSHnINj7YsYIxZhKw2tJLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
176.53.146.0/23
176.116.0.0/24
185.235.230.0/24
IPv6:
2001:678:e30::/48
2a0a:2e80::/32
2a0a:2e82::/32
2a11:7e40::-2a11:7e40:2:ffff:ffff:ffff:ffff:ffff
2a11:8480::-2a11:8482:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
97:96:33:be:b2:01:e6:b3:26:44:b8:7a:5a:b4:d9:4a:e6:94:
c4:e8:5b:55:91:40:10:03:79:43:2e:31:b9:19:fd:ea:7f:89:
39:29:8c:82:9c:09:47:11:b2:7c:67:5a:12:e9:b6:66:62:06:
03:5c:3b:2f:4c:af:f8:3a:9d:a5:e6:52:e6:aa:cf:fd:81:8c:
a3:09:05:0a:fc:15:67:96:e5:04:72:0f:61:e6:13:0b:1c:cd:
66:fc:d0:92:e1:82:dc:eb:a2:7b:bd:29:8b:10:a9:6e:97:b0:
e5:a5:bb:7b:50:d3:2e:1f:ed:6d:67:11:4a:1d:3f:f6:c0:99:
73:63:2c:7f:de:a5:19:42:e4:26:ae:a2:35:a7:26:e8:df:e8:
d8:a1:6c:b5:a3:75:4b:71:7f:87:92:d5:61:81:1b:f5:4c:4a:
67:c8:f7:41:b3:a8:13:bd:e8:25:dc:a7:9f:66:e5:58:51:be:
89:d9:8a:e8:ba:76:7f:46:07:44:f2:c4:85:61:1b:c5:06:69:
0e:0e:ee:84:0d:db:d3:fb:23:ae:8a:f7:82:8b:5d:d3:fa:3d:
a4:e9:df:81:8f:85:f7:51:c9:cf:51:c2:33:ec:0d:75:92:87:
90:ca:6f:ca:7a:d4:86:3a:2c:6b:95:da:4f:05:a4:c3:87:f4:
12:68:01:2c
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZbDR5RYkbE0Hhmm6C2P85p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwNTEyMDY1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjcyYjMzYWU0ODc5YzgzNjNlZDhiMTgyMzE2NjEyYjBkYWQyNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPnS8YU8QvPlmPtHK7kpjNJDJRgw
hWTlH+cVX4NiYgt4kShAw0ifpYlak5Hn0le2l/erHqfOLmltFSa+h9dQDJsSGZky
F4qLz5lIYvhMm3YlugwbL8YicEVrI7JBL6UTrC3Sx7DENRF1yjzi/621j6kMo+Hv
6859cfWBazQm1dkG2Tr+JHsC2nwHzYdCIV69CCD7V3R0rh70fmeQ05Ua+YFuTOpQ
HZeBdUMj8mzeMSHuB2NMgoKkyELBaMV+OtjRtx1SqNi5YWC/6qPQpxM8Hexh4E4M
26mp3P+N7oNJzgtLImy+LFs4kKAn3pGMEdKw1fDiZYK9JHX1HjSrr52UsQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFA9yszrkh5yDY+2LGCMWYSsNrSSyMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvRDNLek91U0huSU5qN1lzWUl4WmhLdzJ0SkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAkBAIAATAeAwQAH97jAwQA
XveJAwQBsDWSAwQAsHQAAwQAuevmMD8EAgACMDkDBwAgAQZ4DjADBQAqCi6AAwUA
KgougjAQAwUGKhF+QAMHACoRfkAAAjAOAwUHKhGEgAMFACoRhIIwDQYJKoZIhvcN
AQELBQADggEBAJeWM76yAeazJkS4elq02UrmlMToW1WRQBADeUMuMbkZ/ep/iTkp
jIKcCUcRsnxnWhLptmZiBgNcOy9Mr/g6naXmUuaqz/2BjKMJBQr8FWeW5QRyD2Hm
EwsczWb80JLhgtzronu9KYsQqW6XsOWlu3tQ0y4f7W1nEUodP/bAmXNjLH/epRlC
5CauojWnJujf6NihbLWjdUtxf4eS1WGBG/VMSmfI90GzqBO96CXcp59m5VhRvonZ
iui6dn9GB0TyxIVhG8UGaQ4O7oQN29P7I66K94KLXdP6PaTp34GPhfdRyc9RwjPs
DXWSh5DKb8p61IY6LGuV2k8FpMOH9BJoASw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:42:06 2025 by rpki-client