Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/Z48A1_I47mYSHVTo4XpKWd1w_wY.roa
File: Z48A1_I47mYSHVTo4XpKWd1w_wY.roa (raw, json)
Hash identifier: NvJ6V/CehduL5Zgko7xVcI92EacH0CBv0m1gyVIWLQM=
Subject key identifier: 67:8F:00:D7:F2:38:EE:66:12:1D:54:E8:E1:7A:4A:59:DD:70:FF:06
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 019717F448D79C1F1F4F491E53FFF013FC59
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/Z48A1_I47mYSHVTo4XpKWd1w_wY.roa
Signing time: Wed 28 May 2025 17:32:54 +0000
ROA not before: Wed 28 May 2025 17:32:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48648
IP address blocks: 91.198.233.0/24 maxlen: 24
91.211.120.0/24 maxlen: 24
91.211.122.0/24 maxlen: 24
185.190.151.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
194.28.100.0/24 maxlen: 24
194.28.103.0/24 maxlen: 24
195.12.56.0/22 maxlen: 22
2a0a:2c0::/48 maxlen: 48
2a0a:2c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:f4:48:d7:9c:1f:1f:4f:49:1e:53:ff:f0:13:fc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: May 28 17:32:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=678f00d7f238ee66121d54e8e17a4a59dd70ff06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5c:9b:f6:1a:d6:0d:36:11:77:c4:32:2b:47:
de:d4:3a:19:5a:be:1d:46:e4:a8:13:42:08:5f:cb:
95:15:73:83:6e:a2:e1:d6:24:47:a7:d3:b9:44:80:
c2:1c:62:6b:39:35:36:0a:81:7f:70:d6:14:15:9d:
d9:9f:f7:ff:d5:aa:90:ce:fe:1e:dd:ef:97:a4:66:
87:ce:21:87:8f:5e:53:8e:38:69:7f:4a:0c:8a:72:
b8:46:52:fc:d1:9a:92:ef:bc:c6:04:78:eb:43:14:
ef:6e:65:1f:7a:89:37:59:2b:04:9a:87:6c:1e:b6:
4f:be:f0:16:ba:53:3e:28:9c:ab:42:97:84:dd:5c:
3a:54:00:3f:f5:70:d3:df:b4:d3:84:06:58:e1:6e:
c7:d9:74:dc:8a:39:3d:4e:58:f0:0a:a5:55:7e:ac:
7d:91:61:30:b9:9f:1c:cb:e6:06:5f:67:6b:45:f6:
0a:31:8a:69:40:bc:7d:4c:74:03:df:53:7b:57:b7:
1b:3f:b0:45:6e:cf:39:89:b7:57:ca:47:35:07:4b:
2c:9f:a5:c3:59:50:63:61:a9:d1:23:eb:d1:80:61:
1e:53:f6:55:ee:3d:63:60:0c:0d:fe:01:be:16:9b:
2f:c9:0b:fa:7d:cd:2a:63:f4:d9:66:a0:e0:ad:c4:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8F:00:D7:F2:38:EE:66:12:1D:54:E8:E1:7A:4A:59:DD:70:FF:06
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/Z48A1_I47mYSHVTo4XpKWd1w_wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.233.0/24
91.211.120.0/24
91.211.122.0/24
185.190.151.0/24
193.107.80.0/24
194.28.100.0/24
194.28.103.0/24
195.12.56.0/22
IPv6:
2a0a:2c0::/48
2a0a:2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
46:ae:b0:7e:20:24:5d:ad:e2:f9:a3:66:14:fc:84:af:41:54:
71:1a:2d:8c:9d:19:0c:a5:f4:e8:8e:87:45:08:bc:f5:56:d4:
51:87:3f:f1:a7:73:0d:8c:47:d2:66:e4:19:b5:14:00:b3:e1:
b0:37:87:bd:cb:61:37:40:06:e3:ac:49:3b:57:61:f0:56:fd:
a4:ad:ce:64:ef:da:95:da:69:42:0c:9a:af:27:fb:4f:fe:99:
62:3e:00:83:da:d2:85:fd:ea:c9:06:58:e4:ca:d4:96:fa:06:
14:62:07:94:09:2d:dc:cd:7b:81:e8:fa:7a:f2:7d:bb:73:42:
7d:9d:c9:5f:18:f6:90:5e:9a:e1:87:f7:53:27:6c:16:18:6e:
e4:e0:1e:35:fb:fd:d0:17:81:6e:ec:45:a0:9f:c1:37:ca:78:
6d:9e:dc:0f:78:8d:fb:f4:a2:12:00:8a:64:4f:b4:d7:7c:ed:
b9:16:bf:bf:c3:d1:87:e6:e4:5e:b8:64:30:83:20:7e:20:50:
56:15:30:4a:19:be:6a:55:35:73:6d:18:ca:ee:1e:30:52:0f:
82:8b:4d:56:57:b5:87:a8:61:09:81:99:33:26:81:9a:58:40:
2a:6b:8c:9e:a0:ab:59:d2:70:6a:cc:e2:b7:ac:9b:a0:a8:f9:
0f:2b:89:77
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZcX9EjXnB8fT0keU//wE/xZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjUwNTI4MTczMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhmMDBkN2YyMzhlZTY2MTIxZDU0ZThlMTdhNGE1OWRkNzBmZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFyb9hrWDTYRd8QyK0fe1DoZWr4d
RuSoE0IIX8uVFXODbqLh1iRHp9O5RIDCHGJrOTU2CoF/cNYUFZ3Zn/f/1aqQzv4e
3e+XpGaHziGHj15Tjjhpf0oMinK4RlL80ZqS77zGBHjrQxTvbmUfeok3WSsEmods
HrZPvvAWulM+KJyrQpeE3Vw6VAA/9XDT37TThAZY4W7H2XTcijk9TljwCqVVfqx9
kWEwuZ8cy+YGX2drRfYKMYppQLx9THQD31N7V7cbP7BFbs85ibdXykc1B0ssn6XD
WVBjYanRI+vRgGEeU/ZV7j1jYAwN/gG+FpsvyQv6fc0qY/TZZqDgrcQl1wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGePANfyOO5mEh1U6OF6SlndcP8GMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvWjQ4QTFfSTQ3bVlTSFZUbzRYcEtXZDF3X3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA2BAIAATAwAwQAW8bpAwQA
W9N4AwQAW9N6AwQAub6XAwQAwWtQAwQAwhxkAwQAwhxnAwQCwww4MBgEAgACMBID
BwAqCgLAAAADBwAqCgLAAAIwDQYJKoZIhvcNAQELBQADggEBAEausH4gJF2t4vmj
ZhT8hK9BVHEaLYydGQyl9OiOh0UIvPVW1FGHP/Gncw2MR9Jm5Bm1FACz4bA3h73L
YTdABuOsSTtXYfBW/aStzmTv2pXaaUIMmq8n+0/+mWI+AIPa0oX96skGWOTK1Jb6
BhRiB5QJLdzNe4Ho+nryfbtzQn2dyV8Y9pBemuGH91MnbBYYbuTgHjX7/dAXgW7s
RaCfwTfKeG2e3A94jfv0ohIAimRPtNd87bkWv7/D0Yfm5F64ZDCDIH4gUFYVMEoZ
vmpVNXNtGMruHjBSD4KLTVZXtYeoYQmBmTMmgZpYQCprjJ6gq1nScGrM4resm6Co
+Q8riXc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:27:04 2025 by rpki-client