Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/V2EVjCh2XvTTuPUY0Ak-ADU0N0o.roa
File: V2EVjCh2XvTTuPUY0Ak-ADU0N0o.roa (raw, json)
Hash identifier: VWCe010VtFOUbqTmIo3pVm3sseFcd/9FPMczSAveexo=
Subject key identifier: 57:61:15:8C:28:76:5E:F4:D3:B8:F5:18:D0:09:3E:00:35:34:37:4A
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 01971274348D05FC6250F432BE1CF5BEB67B
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/V2EVjCh2XvTTuPUY0Ak-ADU0N0o.roa
Signing time: Tue 27 May 2025 15:54:54 +0000
ROA not before: Tue 27 May 2025 15:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208172
IP address blocks: 159.26.96.0/24 maxlen: 24
159.26.97.0/24 maxlen: 24
159.26.98.0/24 maxlen: 24
159.26.99.0/24 maxlen: 24
159.26.100.0/24 maxlen: 24
159.26.101.0/24 maxlen: 24
159.26.102.0/24 maxlen: 24
159.26.103.0/24 maxlen: 24
159.26.104.0/24 maxlen: 24
159.26.105.0/24 maxlen: 24
159.26.106.0/24 maxlen: 24
159.26.107.0/24 maxlen: 24
159.26.108.0/24 maxlen: 24
159.26.109.0/24 maxlen: 24
159.26.110.0/24 maxlen: 24
159.26.111.0/24 maxlen: 24
159.26.112.0/24 maxlen: 24
159.26.113.0/24 maxlen: 24
159.26.114.0/24 maxlen: 24
159.26.115.0/24 maxlen: 24
159.26.116.0/24 maxlen: 24
159.26.117.0/24 maxlen: 24
159.26.118.0/24 maxlen: 24
159.26.119.0/24 maxlen: 24
159.26.120.0/24 maxlen: 24
159.26.121.0/24 maxlen: 24
159.26.122.0/24 maxlen: 24
159.26.123.0/24 maxlen: 24
159.26.124.0/24 maxlen: 24
159.26.125.0/24 maxlen: 24
159.26.126.0/24 maxlen: 24
159.26.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft
rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:74:34:8d:05:fc:62:50:f4:32:be:1c:f5:be:b6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: May 27 15:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5761158c28765ef4d3b8f518d0093e003534374a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:17:63:73:00:2c:d6:08:57:8c:21:08:ba:3b:
3e:71:5b:f1:d2:b9:db:d5:ba:c8:f1:ee:c6:30:44:
b6:8a:f1:03:28:32:80:58:4a:0c:98:0d:2e:81:8b:
01:1b:35:1a:29:1e:d0:cc:51:1c:ca:77:22:23:5d:
c6:f5:a7:c3:77:d2:35:43:22:be:a3:f6:de:50:38:
99:aa:dc:22:84:2d:21:84:23:80:d3:46:58:3b:5e:
1c:89:f1:c7:93:9f:bb:fc:6b:70:2f:dc:24:cf:d2:
31:9d:29:da:a7:4d:ce:4c:06:c7:b7:13:84:0d:8e:
bf:26:a8:e9:33:3b:73:c4:96:bd:d1:8a:2f:8e:09:
ff:26:a0:de:3f:cb:65:6d:1a:bf:90:81:f6:ec:b2:
9a:dd:a2:17:a7:8b:3e:51:69:f5:31:3e:c4:c1:6a:
5f:be:ca:dc:27:26:2c:91:39:57:d1:af:9e:68:d5:
85:9a:2a:c7:f0:28:00:37:0b:6c:61:d4:df:4d:fd:
9b:97:8f:b7:4a:05:23:23:69:4b:13:2d:d3:62:f3:
ac:00:ec:cc:37:51:40:ba:5e:33:13:3d:37:a8:45:
1c:64:c5:dc:da:af:2d:29:32:5b:9a:13:86:12:bf:
8c:e5:84:2d:07:67:d3:ac:af:bc:32:7a:de:89:42:
76:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:61:15:8C:28:76:5E:F4:D3:B8:F5:18:D0:09:3E:00:35:34:37:4A
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/V2EVjCh2XvTTuPUY0Ak-ADU0N0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.26.96.0/19
Signature Algorithm: sha256WithRSAEncryption
41:f0:32:64:8b:e0:39:b6:f8:65:c4:d2:12:03:51:6e:a6:5f:
ac:c6:6f:b5:70:40:12:20:66:3e:dc:7f:ff:33:35:f4:2a:63:
63:cc:a0:86:42:92:6d:02:34:c8:55:30:3a:3c:ba:86:f0:5a:
42:8c:15:48:d7:a2:73:f6:ef:52:23:75:bd:bd:29:3c:24:b1:
97:89:e0:6c:7d:5c:f0:8b:5d:b0:db:03:0f:52:13:b9:3e:35:
fc:74:0f:b5:99:f1:c3:99:b6:45:7f:33:ef:75:cd:ac:f2:6c:
34:98:8f:a6:68:48:cc:5c:ad:f6:1b:2b:70:5e:dd:44:cf:1d:
3d:80:68:9d:ec:97:e4:e8:42:92:7b:23:b6:28:fd:2b:52:bb:
42:6e:30:a5:11:ee:57:54:91:e0:95:3a:c9:1b:19:bd:16:a3:
b8:04:2e:80:38:f9:d2:1a:37:6a:a7:f5:8b:3e:e2:9d:96:42:
5c:68:d2:01:1f:3b:a2:96:53:9b:a9:6d:7d:11:14:df:9c:b1:
9f:28:eb:8d:11:45:58:77:02:df:d5:f5:50:4e:44:60:89:e2:
c1:9e:e9:1c:da:11:5f:8f:be:08:61:e2:7e:b6:db:76:d6:22:
da:d9:93:44:a4:8d:d3:fe:a2:b1:72:e6:50:d5:71:61:68:79:
73:2a:84:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcSdDSNBfxiUPQyvhz1vrZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjUwNTI3MTU1NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzYxMTU4YzI4NzY1ZWY0ZDNiOGY1MThkMDA5M2UwMDM1MzQzNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBdjcwAs1ghXjCEIujs+cVvx0rnb
1brI8e7GMES2ivEDKDKAWEoMmA0ugYsBGzUaKR7QzFEcynciI13G9afDd9I1QyK+
o/beUDiZqtwihC0hhCOA00ZYO14cifHHk5+7/GtwL9wkz9IxnSnap03OTAbHtxOE
DY6/JqjpMztzxJa90Yovjgn/JqDeP8tlbRq/kIH27LKa3aIXp4s+UWn1MT7EwWpf
vsrcJyYskTlX0a+eaNWFmirH8CgANwtsYdTfTf2bl4+3SgUjI2lLEy3TYvOsAOzM
N1FAul4zEz03qEUcZMXc2q8tKTJbmhOGEr+M5YQtB2fTrK+8MnreiUJ2IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdhFYwodl7007j1GNAJPgA1NDdKMB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvVjJFVmpDaDJYdlRUdVBVWTBBay1BRFUwTjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnxpgMA0G
CSqGSIb3DQEBCwUAA4IBAQBB8DJki+A5tvhlxNISA1Fupl+sxm+1cEASIGY+3H//
MzX0KmNjzKCGQpJtAjTIVTA6PLqG8FpCjBVI16Jz9u9SI3W9vSk8JLGXieBsfVzw
i12w2wMPUhO5PjX8dA+1mfHDmbZFfzPvdc2s8mw0mI+maEjMXK32GytwXt1Ezx09
gGid7Jfk6EKSeyO2KP0rUrtCbjClEe5XVJHglTrJGxm9FqO4BC6AOPnSGjdqp/WL
PuKdlkJcaNIBHzuillObqW19ERTfnLGfKOuNEUVYdwLf1fVQTkRgieLBnukc2hFf
j74IYeJ+ttt21iLa2ZNEpI3T/qKxcuZQ1XFhaHlzKoTx
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:27:34 2025 by rpki-client