Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/3Q5YOz_BI10ve__t3IetYuqaGUA.roa
File: 3Q5YOz_BI10ve__t3IetYuqaGUA.roa (raw, json)
Hash identifier: ZILL1qGL3E11+bnE750yzGJ+LQfFTIO6h5xfluweBiQ=
Subject key identifier: DD:0E:58:3B:3F:C1:23:5D:2F:7B:FF:ED:DC:87:AD:62:EA:9A:19:40
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01973F0B59C3CAC544B210BB341C779F4D08
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/3Q5YOz_BI10ve__t3IetYuqaGUA.roa
Signing time: Thu 05 Jun 2025 07:43:17 +0000
ROA not before: Thu 05 Jun 2025 07:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 178.157.104.0/24 maxlen: 24
178.157.105.0/24 maxlen: 24
185.76.61.0/24 maxlen: 24
185.76.63.0/24 maxlen: 24
188.74.129.0/24 maxlen: 24
188.74.132.0/24 maxlen: 24
188.74.133.0/24 maxlen: 24
188.74.134.0/24 maxlen: 24
188.74.135.0/24 maxlen: 24
188.119.180.0/24 maxlen: 24
188.119.182.0/23 maxlen: 24
188.119.182.0/24 maxlen: 24
188.119.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 04:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:0b:59:c3:ca:c5:44:b2:10:bb:34:1c:77:9f:4d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jun 5 07:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd0e583b3fc1235d2f7bffeddc87ad62ea9a1940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:15:10:26:e1:07:ee:bc:25:c0:fa:3b:09:8b:
5c:16:a3:72:85:60:e6:d5:1f:f0:71:5c:eb:b7:4d:
c1:ad:63:8b:b1:37:40:70:85:48:3e:5f:ca:e6:35:
18:9a:5c:ec:fb:1b:0d:34:01:46:74:9d:67:d6:09:
fb:94:c2:c8:96:00:b8:de:a1:b2:80:f1:ae:11:b3:
6c:d8:a6:7a:59:c2:77:b2:62:87:27:55:b0:b3:0d:
45:46:7a:ce:2a:ca:2f:d9:de:4d:85:72:11:69:94:
52:7f:a3:26:19:92:0e:4c:e1:65:cb:a8:1a:f3:e5:
45:04:e4:a5:b2:40:22:00:a7:f4:71:c7:dd:86:a0:
16:72:d5:93:20:b7:7c:05:c8:3b:8f:e1:68:e6:0d:
0e:23:52:4a:c8:51:91:07:d6:a8:15:b8:8f:af:75:
c2:27:4a:b5:9d:f5:a4:d2:04:46:1a:5a:a6:83:53:
d9:08:14:41:5e:f6:0d:e0:77:d9:b3:b0:30:bc:f6:
ab:7d:6f:eb:0c:85:24:08:3c:d9:23:f4:4c:8c:0c:
63:68:d9:27:4e:c5:a8:23:66:ea:dd:04:9a:9f:91:
02:c2:7e:29:a9:61:51:35:eb:7f:c4:c9:81:b2:fd:
95:bb:3e:37:b6:27:db:44:a7:ae:c6:0a:15:41:28:
9b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:58:3B:3F:C1:23:5D:2F:7B:FF:ED:DC:87:AD:62:EA:9A:19:40
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/3Q5YOz_BI10ve__t3IetYuqaGUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.104.0/23
185.76.61.0/24
185.76.63.0/24
188.74.129.0/24
188.74.132.0/22
188.119.180.0/24
188.119.182.0/23
Signature Algorithm: sha256WithRSAEncryption
27:7e:e9:12:f6:7d:b3:27:bc:1f:08:bd:21:88:00:7d:17:f3:
01:67:b6:e9:b7:a6:5a:fc:66:93:db:13:e5:fd:81:13:80:42:
71:36:69:8d:dc:c0:91:0d:2c:0e:49:34:a3:b2:94:68:9a:8d:
90:a4:6f:f9:d7:30:af:24:6d:70:d5:69:c7:a0:a2:9d:89:d0:
4a:fc:09:a9:d0:b4:5f:60:54:c6:37:c0:93:38:c6:da:33:25:
48:cf:bd:47:5d:0a:72:ef:6b:71:ad:28:bc:1e:51:1b:ca:63:
b3:46:18:e2:e2:2f:d3:ff:25:bc:4c:8b:35:af:f6:5a:df:0f:
79:75:ea:98:11:7d:de:22:33:3f:89:b4:53:93:1d:94:97:5d:
f7:a9:e2:32:ab:c9:32:c4:d5:c8:25:71:5d:c0:2f:7b:7f:a0:
d2:83:85:8a:e7:ce:86:9f:69:61:cf:a8:62:74:9a:a4:bc:a8:
0d:f6:0c:ce:19:86:94:3e:ea:90:92:7a:bd:49:87:e3:91:57:
5d:3a:f3:13:9f:61:f3:79:22:3f:88:f0:c2:b9:3c:9a:c5:3f:
d9:1e:ce:96:11:21:e2:fc:82:a6:04:bb:77:34:30:17:3f:af:
f6:52:c9:08:82:53:24:e8:80:eb:45:e8:c6:c7:de:50:6b:99:
b5:a7:7e:62
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZc/C1nDysVEshC7NBx3n00IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNjA1MDc0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlNTgzYjNmYzEyMzVkMmY3YmZmZWRkYzg3YWQ2MmVhOWExOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxUQJuEH7rwlwPo7CYtcFqNyhWDm
1R/wcVzrt03BrWOLsTdAcIVIPl/K5jUYmlzs+xsNNAFGdJ1n1gn7lMLIlgC43qGy
gPGuEbNs2KZ6WcJ3smKHJ1Wwsw1FRnrOKsov2d5NhXIRaZRSf6MmGZIOTOFly6ga
8+VFBOSlskAiAKf0ccfdhqAWctWTILd8Bcg7j+Fo5g0OI1JKyFGRB9aoFbiPr3XC
J0q1nfWk0gRGGlqmg1PZCBRBXvYN4HfZs7AwvParfW/rDIUkCDzZI/RMjAxjaNkn
TsWoI2bq3QSan5ECwn4pqWFRNet/xMmBsv2Vuz43tifbRKeuxgoVQSib2wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN0OWDs/wSNdL3v/7dyHrWLqmhlAMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvM1E1WU96X0JJMTB2ZV9fdDNJZXRZdXFhR1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBsp1oAwQA
uUw9AwQAuUw/AwQAvEqBAwQCvEqEAwQAvHe0AwQBvHe2MA0GCSqGSIb3DQEBCwUA
A4IBAQAnfukS9n2zJ7wfCL0hiAB9F/MBZ7bpt6Za/GaT2xPl/YETgEJxNmmN3MCR
DSwOSTSjspRomo2QpG/51zCvJG1w1WnHoKKdidBK/Amp0LRfYFTGN8CTOMbaMyVI
z71HXQpy72txrSi8HlEbymOzRhji4i/T/yW8TIs1r/Za3w95deqYEX3eIjM/ibRT
kx2Ul133qeIyq8kyxNXIJXFdwC97f6DSg4WK586Gn2lhz6hidJqkvKgN9gzOGYaU
PuqQknq9SYfjkVddOvMTn2HzeSI/iPDCuTyaxT/ZHs6WESHi/IKmBLt3NDAXP6/2
UskIglMk6IDrRejGx95Qa5m1p35i
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:52:17 2025 by rpki-client