Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/4D3wEAaKaO-VNYMegevp2dIDiZA.roa
File: 4D3wEAaKaO-VNYMegevp2dIDiZA.roa (raw, json)
Hash identifier: Pboeq/VEw/fEiNcfqVmPGeRB5EfnZp8myD9JUVRtoS4=
Subject key identifier: E0:3D:F0:10:06:8A:68:EF:95:35:83:1E:81:EB:E9:D9:D2:03:89:90
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 01973560ADA6E7586044ECB360903E48571F
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/4D3wEAaKaO-VNYMegevp2dIDiZA.roa
Signing time: Tue 03 Jun 2025 10:40:17 +0000
ROA not before: Tue 03 Jun 2025 10:40:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57324
IP address blocks: 79.132.195.0/24 maxlen: 24
79.132.196.0/24 maxlen: 24
79.132.197.0/24 maxlen: 24
79.132.198.0/24 maxlen: 24
79.132.199.0/24 maxlen: 24
86.111.144.0/24 maxlen: 24
86.111.145.0/24 maxlen: 24
86.111.146.0/24 maxlen: 24
86.111.147.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.114.0/24 maxlen: 24
109.230.115.0/24 maxlen: 24
109.230.120.0/24 maxlen: 24
109.230.123.0/24 maxlen: 24
109.230.126.0/24 maxlen: 24
122.102.117.0/24 maxlen: 24
122.102.118.0/24 maxlen: 24
185.113.105.0/24 maxlen: 24
185.113.107.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
202.164.193.0/24 maxlen: 24
202.164.194.0/24 maxlen: 24
202.164.195.0/24 maxlen: 24
202.164.197.0/24 maxlen: 24
202.164.198.0/24 maxlen: 24
202.164.199.0/24 maxlen: 24
202.164.200.0/24 maxlen: 24
202.164.201.0/24 maxlen: 24
202.164.202.0/24 maxlen: 24
202.164.203.0/24 maxlen: 24
202.164.204.0/24 maxlen: 24
202.164.205.0/24 maxlen: 24
2a03:c340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:60:ad:a6:e7:58:60:44:ec:b3:60:90:3e:48:57:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Jun 3 10:40:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e03df010068a68ef9535831e81ebe9d9d2038990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:f1:2f:30:bb:8b:82:58:20:49:89:37:33:
e5:dc:2a:0a:9e:ad:82:da:40:86:0b:68:25:4b:68:
29:7f:a8:c6:58:dc:b1:f1:73:a6:8e:e3:09:71:8d:
e3:51:a4:4b:9f:d0:7b:4d:2c:ab:1e:d0:c6:4a:99:
a6:d4:5b:bf:5c:c4:b0:8b:85:27:0b:45:9e:f9:f2:
f2:73:f2:ff:89:82:d9:74:7e:2e:02:5c:a8:2c:b8:
35:db:c0:db:69:71:60:9d:08:4f:23:4f:59:8b:87:
e3:e2:d6:f4:67:36:f7:f5:b6:f6:c8:62:f4:29:30:
62:da:87:07:ec:77:39:38:aa:0a:f9:cf:67:ac:12:
9d:31:50:31:af:7c:6a:a2:ab:cc:52:98:0d:48:bd:
d2:9b:4e:ed:74:8a:10:0b:46:4e:ad:45:61:6b:44:
ad:1a:f4:eb:f0:21:f1:78:a7:b4:8b:a0:1d:6b:8b:
eb:9a:d1:13:42:27:7b:c5:4a:35:b1:4d:11:5a:35:
44:57:73:d5:d5:2f:b4:6b:0c:b3:71:91:29:54:22:
30:e4:6d:46:57:92:84:43:8e:6e:92:23:63:76:f1:
57:10:c4:50:0c:07:7e:a7:cd:37:7a:f7:bf:af:22:
66:5a:eb:58:67:5f:1e:e1:9d:91:87:c6:90:e5:f8:
60:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3D:F0:10:06:8A:68:EF:95:35:83:1E:81:EB:E9:D9:D2:03:89:90
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/4D3wEAaKaO-VNYMegevp2dIDiZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.195.0-79.132.199.255
86.111.144.0/22
109.230.112.0/24
109.230.114.0/23
109.230.120.0/24
109.230.123.0/24
109.230.126.0/24
122.102.117.0-122.102.118.255
185.113.105.0/24
185.113.107.0/24
202.164.192.0/22
202.164.197.0-202.164.205.255
IPv6:
2a03:c340::/32
Signature Algorithm: sha256WithRSAEncryption
a0:de:78:36:af:ca:74:ba:43:c0:87:64:96:3f:4d:1f:00:4d:
55:56:05:5a:7f:fb:c9:7f:3b:1c:02:e0:dc:2f:29:30:27:6f:
33:0e:03:7b:cc:b0:0f:0b:01:84:5a:a2:ab:0d:85:90:ec:04:
0a:87:a1:e7:82:bf:73:32:a7:a0:3c:17:61:14:ff:02:3b:dc:
dd:5c:8a:b1:ba:4c:4f:28:1d:38:ea:c1:99:89:6e:76:be:d3:
94:54:7c:ae:a3:5d:be:87:e5:05:3b:69:af:b6:c3:17:55:73:
05:0a:0b:8b:12:7c:f7:ac:bc:0a:5a:f0:c3:a2:0a:26:4c:74:
ab:a1:0a:76:28:1f:1f:a0:a8:f5:63:5b:52:fe:c5:9a:84:eb:
79:41:aa:8e:47:ff:4f:26:3d:47:1b:67:3b:29:53:54:65:1c:
14:10:6d:0e:b6:b8:98:a9:da:b9:64:36:8a:58:10:06:b2:64:
a1:e3:ea:1b:0f:fc:86:33:38:a0:fe:ca:5e:a4:3e:63:3c:e1:
97:3b:05:57:54:03:98:8b:88:96:d6:9a:e6:09:2e:33:1b:18:
de:04:0d:b5:74:c6:74:19:da:ec:c8:fc:1d:aa:a6:32:a8:19:
2f:ea:3c:20:a5:1b:37:3b:bd:bc:e8:77:5f:a0:c0:73:23:42:
14:2c:3d:92
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZc1YK2m51hgROyzYJA+SFcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjUwNjAzMTA0MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNkZjAxMDA2OGE2OGVmOTUzNTgzMWU4MWViZTlkOWQyMDM4OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9bxLzC7i4JYIEmJNzPl3CoKnq2C
2kCGC2glS2gpf6jGWNyx8XOmjuMJcY3jUaRLn9B7TSyrHtDGSpmm1Fu/XMSwi4Un
C0We+fLyc/L/iYLZdH4uAlyoLLg128DbaXFgnQhPI09Zi4fj4tb0Zzb39bb2yGL0
KTBi2ocH7Hc5OKoK+c9nrBKdMVAxr3xqoqvMUpgNSL3Sm07tdIoQC0ZOrUVha0St
GvTr8CHxeKe0i6Ada4vrmtETQid7xUo1sU0RWjVEV3PV1S+0awyzcZEpVCIw5G1G
V5KEQ45ukiNjdvFXEMRQDAd+p803eve/ryJmWutYZ18e4Z2Rh8aQ5fhg1QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFOA98BAGimjvlTWDHoHr6dnSA4mQMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvNEQzd0VBYUthTy1WTllNZWdldnAyZElEaVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYDAMAwQAT4TD
AwQDT4TAAwQCVm+QAwQAbeZwAwQBbeZyAwQAbeZ4AwQAbeZ7AwQAbeZ+MAwDBAB6
ZnUDBAB6ZnYDBAC5cWkDBAC5cWsDBALKpMAwDAMEAMqkxQMEAcqkzDANBAIAAjAH
AwUAKgPDQDANBgkqhkiG9w0BAQsFAAOCAQEAoN54Nq/KdLpDwIdklj9NHwBNVVYF
Wn/7yX87HALg3C8pMCdvMw4De8ywDwsBhFqiqw2FkOwECoeh54K/czKnoDwXYRT/
Ajvc3VyKsbpMTygdOOrBmYludr7TlFR8rqNdvoflBTtpr7bDF1VzBQoLixJ896y8
Clrww6IKJkx0q6EKdigfH6Co9WNbUv7FmoTreUGqjkf/TyY9RxtnOylTVGUcFBBt
Dra4mKnauWQ2ilgQBrJkoePqGw/8hjM4oP7KXqQ+YzzhlzsFV1QDmIuIltaa5gku
MxsY3gQNtXTGdBna7Mj8HaqmMqgZL+o8IKUbNzu9vOh3X6DAcyNCFCw9kg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 12:35:12 2025 by rpki-client