
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/CT0vQDDLHzxy-DZhmH5lfMDO1AE.roa
File: CT0vQDDLHzxy-DZhmH5lfMDO1AE.roa (raw, json)
Hash identifier: 2wJnl0vc/QlliM5JtS0mPybzQY83w0RW1qmvqeBag7k=
Subject key identifier: 09:3D:2F:40:30:CB:1F:3C:72:F8:36:61:98:7E:65:7C:C0:CE:D4:01
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019707EB10439089E07F97FB1499003567C7
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/CT0vQDDLHzxy-DZhmH5lfMDO1AE.roa
Signing time: Sun 25 May 2025 14:48:54 +0000
ROA not before: Sun 25 May 2025 14:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214361
IP address blocks: 178.239.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 11:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:eb:10:43:90:89:e0:7f:97:fb:14:99:00:35:67:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 25 14:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=093d2f4030cb1f3c72f83661987e657cc0ced401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:69:c6:f0:95:42:dc:a7:72:af:7c:85:ce:f7:
f1:31:dd:58:ac:40:90:45:97:d2:24:f9:98:ae:c7:
90:5a:bf:01:d7:1d:70:bc:17:3b:89:9c:02:d6:94:
b9:0e:22:f2:8a:99:14:5f:68:31:4c:86:07:fd:ac:
25:98:3d:d4:4a:d6:1b:85:c0:dc:c2:e8:5e:c3:0f:
1c:6a:bc:21:c0:f2:2e:84:66:1a:c1:91:aa:b4:e4:
36:50:a5:49:82:d9:b0:65:62:de:d1:bb:35:f9:69:
a8:d2:e0:2d:d0:b2:77:14:55:c7:2c:cb:c7:86:2a:
dd:f1:aa:ed:11:d9:32:b4:ba:34:30:93:3f:36:7c:
23:e1:f7:b9:79:4b:17:ee:8a:69:1d:b3:3a:a7:79:
42:38:47:90:e1:42:8f:53:85:59:e4:87:80:e9:f1:
17:c8:11:68:53:33:1b:b5:1a:38:af:1b:7e:ce:ad:
f4:de:5f:99:0b:ba:29:b4:93:5a:ef:7f:8f:ac:cf:
fd:58:e8:9b:44:46:01:24:7b:3d:38:98:79:00:fb:
24:22:f3:78:c7:5e:e7:64:73:83:6b:92:97:69:79:
14:f3:d7:06:47:73:29:da:6d:70:83:1d:d0:07:d7:
77:08:80:7b:94:eb:51:a5:69:74:4e:11:49:a1:5b:
37:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3D:2F:40:30:CB:1F:3C:72:F8:36:61:98:7E:65:7C:C0:CE:D4:01
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/CT0vQDDLHzxy-DZhmH5lfMDO1AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.146.0/24
Signature Algorithm: sha256WithRSAEncryption
69:51:47:f5:17:b2:b2:83:9a:48:7e:8f:17:c6:96:5d:96:80:
9a:cf:c2:ef:f3:36:de:7f:ef:3c:b2:4e:51:e6:bc:65:98:5b:
07:5a:af:8f:de:d0:1c:58:c9:9f:a2:7c:ad:98:8a:a0:bb:53:
18:60:ef:34:00:f7:ee:e1:fb:80:66:24:0c:8c:8c:b9:00:3b:
39:d2:87:df:25:d3:70:b5:87:ac:33:65:63:f0:26:fa:a3:da:
b4:90:29:ce:e5:9d:8a:32:60:ad:be:b2:93:7b:69:b7:e0:8d:
e3:50:72:42:f6:1b:0e:3e:5e:d8:c5:d6:fc:e3:82:53:4e:be:
1f:d6:fd:de:bf:a1:df:77:f5:8e:78:33:97:34:a6:47:75:55:
4f:0f:5d:ff:28:f7:16:16:45:39:5c:64:e8:21:59:c1:47:12:
14:3e:4e:7f:ea:76:79:8b:82:b2:00:cd:9f:69:40:3d:9b:86:
4f:c9:69:7b:84:fa:9a:e9:27:e6:e8:2a:09:12:09:1e:97:43:
e0:2d:70:7b:48:6b:47:c4:a9:3a:90:c3:2c:09:77:80:c9:82:
3b:dc:73:9b:1f:cb:ab:a0:78:8e:f0:52:7f:6c:78:c3:b5:7c:
2e:84:e9:ba:a9:f9:c2:5a:f5:a8:ed:f0:80:5d:ea:59:20:87:
48:2e:6a:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcH6xBDkIngf5f7FJkANWfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwNTI1MTQ0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNkMmY0MDMwY2IxZjNjNzJmODM2NjE5ODdlNjU3Y2MwY2VkNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWnG8JVC3Kdyr3yFzvfxMd1YrECQ
RZfSJPmYrseQWr8B1x1wvBc7iZwC1pS5DiLyipkUX2gxTIYH/awlmD3UStYbhcDc
wuheww8carwhwPIuhGYawZGqtOQ2UKVJgtmwZWLe0bs1+Wmo0uAt0LJ3FFXHLMvH
hird8artEdkytLo0MJM/Nnwj4fe5eUsX7oppHbM6p3lCOEeQ4UKPU4VZ5IeA6fEX
yBFoUzMbtRo4rxt+zq303l+ZC7optJNa73+PrM/9WOibREYBJHs9OJh5APskIvN4
x17nZHODa5KXaXkU89cGR3Mp2m1wgx3QB9d3CIB7lOtRpWl0ThFJoVs3KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAk9L0Awyx88cvg2YZh+ZXzAztQBMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvQ1QwdlFERExIenh5LURaaG1INWxmTURPMUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu+SMA0G
CSqGSIb3DQEBCwUAA4IBAQBpUUf1F7Kyg5pIfo8XxpZdloCaz8Lv8zbef+88sk5R
5rxlmFsHWq+P3tAcWMmfonytmIqgu1MYYO80APfu4fuAZiQMjIy5ADs50offJdNw
tYesM2Vj8Cb6o9q0kCnO5Z2KMmCtvrKTe2m34I3jUHJC9hsOPl7Yxdb844JTTr4f
1v3ev6Hfd/WOeDOXNKZHdVVPD13/KPcWFkU5XGToIVnBRxIUPk5/6nZ5i4KyAM2f
aUA9m4ZPyWl7hPqa6Sfm6CoJEgkel0PgLXB7SGtHxKk6kMMsCXeAyYI73HObH8ur
oHiO8FJ/bHjDtXwuhOm6qfnCWvWo7fCAXepZIIdILmo4
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:48:00 2025 by rpki-client