Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ezUtH-P92i1KDGmi6ivu28NNnlU.roa
File: ezUtH-P92i1KDGmi6ivu28NNnlU.roa (raw, json)
Hash identifier: pJXfog8pbI7CqjqZz4qvsqnzL26qoe61RUhO9tDRHgo=
Subject key identifier: 7B:35:2D:1F:E3:FD:DA:2D:4A:0C:69:A2:EA:2B:EE:DB:C3:4D:9E:55
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01973BACEFC391B0DF1F9B0F6B28C6AE6F08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ezUtH-P92i1KDGmi6ivu28NNnlU.roa
Signing time: Wed 04 Jun 2025 16:01:18 +0000
ROA not before: Wed 04 Jun 2025 16:01:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:ac:ef:c3:91:b0:df:1f:9b:0f:6b:28:c6:ae:6f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 16:01:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b352d1fe3fdda2d4a0c69a2ea2beedbc34d9e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5f:f0:37:00:a9:df:94:c6:0d:7d:c5:c1:c5:
8a:82:89:f0:15:78:20:06:94:09:e2:f8:6d:64:b3:
e4:6f:9f:a6:4e:c1:32:f3:63:30:bf:18:b3:e7:b0:
78:6b:94:f1:42:3e:b9:c8:2a:d0:66:ee:e7:ab:e2:
03:44:4c:a5:c2:84:69:01:e8:ff:55:a2:91:96:f3:
20:43:d3:a2:05:4b:54:ba:fe:94:dd:59:f3:06:c5:
22:77:09:61:da:6a:80:f0:00:7e:74:68:49:f0:80:
e2:c1:f1:46:b2:39:6c:95:02:fa:16:c3:a3:e8:05:
d4:f8:bf:6a:4b:a9:5e:45:28:71:d7:8d:94:fb:c5:
14:66:2f:a3:87:4e:3d:dd:ba:3a:ef:bf:ca:bb:45:
8a:dc:f1:c9:d5:41:5a:ce:4a:28:45:ea:ac:0c:e8:
b4:a7:9e:a0:70:b6:fa:34:69:eb:af:ba:83:f5:4f:
20:24:c3:55:49:de:16:6a:7d:29:63:35:9f:1f:e7:
b3:67:6f:d8:4f:b3:4d:75:2b:68:c9:11:75:ed:0d:
35:d1:c3:90:54:97:61:21:78:f1:c4:f7:ed:4a:d6:
20:17:0b:ad:7c:26:3b:e8:15:a2:c3:61:0d:7d:84:
be:2c:1f:4b:36:97:19:a4:d5:5c:7e:04:50:78:84:
26:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:35:2D:1F:E3:FD:DA:2D:4A:0C:69:A2:EA:2B:EE:DB:C3:4D:9E:55
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ezUtH-P92i1KDGmi6ivu28NNnlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.63.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0/24
Signature Algorithm: sha256WithRSAEncryption
04:cf:ab:7f:af:ae:16:29:57:ba:50:b9:b6:e9:46:91:e6:12:
f4:f8:d4:36:c8:8a:e3:65:cf:fc:c6:e5:35:c9:7a:63:7c:46:
40:a2:c7:ac:c9:55:d5:f5:25:86:aa:d0:2c:10:fc:4b:40:e0:
54:aa:2f:f6:e5:01:5d:77:92:c4:2b:33:fb:9a:93:2c:ad:ad:
a6:a8:47:11:b6:b4:5a:4e:16:57:ef:96:65:7a:e8:b1:ca:2e:
02:92:84:fe:61:3e:4f:22:d5:9e:ac:3b:08:97:23:97:c9:d0:
01:19:3a:cf:95:7e:62:84:f5:fc:0c:96:3a:f7:c7:2c:d6:ad:
d9:f4:0b:85:6c:a1:5e:35:86:8f:f6:c9:ae:4d:87:d9:68:10:
7c:32:7a:18:8b:2d:37:35:15:71:e3:fb:a6:33:9a:25:e2:f8:
08:41:0f:00:d4:9b:79:89:54:2a:d5:28:5c:bc:e6:c5:76:bb:
bf:dc:42:45:a6:d1:62:87:43:25:d4:20:6d:2c:64:5a:cb:b1:
38:9f:55:e8:22:a2:ba:e0:c5:38:d7:b3:eb:3b:4c:41:dd:98:
85:e1:65:cb:88:e2:1d:e4:cd:9c:26:a6:b4:22:2b:61:91:52:
64:77:51:db:f1:7b:29:33:63:fe:51:15:af:82:27:38:e6:58:
a8:8b:26:04
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZc7rO/DkbDfH5sPayjGrm8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjA0MTYwMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM1MmQxZmUzZmRkYTJkNGEwYzY5YTJlYTJiZWVkYmMzNGQ5ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul/wNwCp35TGDX3FwcWKgonwFXgg
BpQJ4vhtZLPkb5+mTsEy82Mwvxiz57B4a5TxQj65yCrQZu7nq+IDREylwoRpAej/
VaKRlvMgQ9OiBUtUuv6U3VnzBsUidwlh2mqA8AB+dGhJ8IDiwfFGsjlslQL6FsOj
6AXU+L9qS6leRShx142U+8UUZi+jh0493bo677/Ku0WK3PHJ1UFazkooReqsDOi0
p56gcLb6NGnrr7qD9U8gJMNVSd4Wan0pYzWfH+ezZ2/YT7NNdStoyRF17Q010cOQ
VJdhIXjxxPftStYgFwutfCY76BWiw2ENfYS+LB9LNpcZpNVcfgRQeIQmCwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHs1LR/j/dotSgxpouor7tvDTZ5VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZXpVdEgtUDkyaTFLREdtaTZpdnUyOE5ObmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdU/AwQAWdVrAwQBWdVwAwQAWdV0AwQAWdV5AwQA
WdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYMA0GCSqGSIb3DQEBCwUAA4IBAQAE
z6t/r64WKVe6ULm26UaR5hL0+NQ2yIrjZc/8xuU1yXpjfEZAosesyVXV9SWGqtAs
EPxLQOBUqi/25QFdd5LEKzP7mpMsra2mqEcRtrRaThZX75Zleuixyi4CkoT+YT5P
ItWerDsIlyOXydABGTrPlX5ihPX8DJY698cs1q3Z9AuFbKFeNYaP9smuTYfZaBB8
MnoYiy03NRVx4/umM5ol4vgIQQ8A1Jt5iVQq1ShcvObFdru/3EJFptFih0Ml1CBt
LGRay7E4n1XoIqK64MU417PrO0xB3ZiF4WXLiOId5M2cJqa0IithkVJkd1Hb8Xsp
M2P+URWvgic45lioiyYE
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:39:05 2025 by rpki-client