Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pNsCjNi1CrEF-ApEFWTyY-EF45k.roa
File: pNsCjNi1CrEF-ApEFWTyY-EF45k.roa (raw, json)
Hash identifier: 4Apfi52LOsjp/TW+Oynxxit0JJ0eMvm57psSkKQ+T2U=
Subject key identifier: A4:DB:02:8C:D8:B5:0A:B1:05:F8:0A:44:15:64:F2:63:E1:05:E3:99
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0197598FFC28476AA613C9E47FBAD18C229E
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pNsCjNi1CrEF-ApEFWTyY-EF45k.roa
Signing time: Tue 10 Jun 2025 11:18:17 +0000
ROA not before: Tue 10 Jun 2025 11:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213775
IP address blocks: 5.57.36.0/24 maxlen: 24
37.32.46.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
178.239.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:8f:fc:28:47:6a:a6:13:c9:e4:7f:ba:d1:8c:22:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 10 11:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4db028cd8b50ab105f80a441564f263e105e399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:19:f1:75:bd:03:59:a5:75:30:52:7b:c2:92:
ce:b1:21:19:59:c3:66:87:9a:90:d8:7e:ef:2a:46:
bf:f7:46:1d:9f:f3:42:2c:8d:72:07:c1:6c:4d:21:
48:a4:cd:7a:42:7e:c4:35:fa:8e:09:c7:64:a0:de:
cc:1d:49:d6:13:12:5f:f5:2f:44:3d:3d:8e:a8:31:
10:4f:78:db:c1:03:fa:9d:20:23:fa:96:ce:c5:b3:
62:95:a2:87:b3:05:1d:f9:05:0e:c9:fe:ea:ea:87:
54:d3:0f:84:db:0e:94:5d:63:0d:a0:fe:42:68:88:
7b:d0:1f:83:7d:1c:10:f3:6f:16:99:80:f5:d2:95:
ec:03:1d:ed:7d:3e:34:bf:ba:13:13:de:07:6b:4a:
22:9b:47:dd:52:35:e7:e2:eb:dd:a6:5b:00:4e:58:
c2:1d:35:8b:4e:79:ab:74:62:8f:6f:9e:09:8f:a9:
1a:fb:4d:91:11:5c:1a:1a:b5:bd:77:1f:ec:c4:d6:
75:2f:e4:e0:44:c3:fd:66:dd:d0:c6:7a:8f:62:ca:
3a:aa:bb:f0:3e:fb:12:12:ed:c3:42:09:f8:5d:3b:
aa:80:2a:c8:e7:2c:ef:8b:21:c3:c9:b8:f4:e9:3f:
0e:21:16:ee:44:dd:bd:78:4c:c8:e0:c7:ba:55:37:
dd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DB:02:8C:D8:B5:0A:B1:05:F8:0A:44:15:64:F2:63:E1:05:E3:99
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pNsCjNi1CrEF-ApEFWTyY-EF45k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.36.0/24
37.32.46.0/24
178.239.154.0/24
178.239.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:cf:b1:1b:2c:ab:97:1b:d3:ee:20:02:20:3a:d1:3f:46:ae:
89:ec:31:4a:43:b3:32:66:74:4c:36:c5:d7:be:32:87:94:7e:
53:a5:69:4b:f2:fa:8a:6e:7b:11:c7:e3:0f:7f:e1:54:97:97:
45:c3:77:63:d8:6b:99:ea:f6:8a:3a:62:56:51:86:4b:a9:d3:
fa:8d:09:ce:fc:51:a1:2a:a4:35:4a:92:8b:48:80:2c:b0:7e:
a7:df:08:e4:25:4d:eb:4e:4c:1c:64:c8:47:02:b8:70:bf:2f:
85:f8:d1:bd:47:51:ba:1d:66:9a:c4:a1:20:d4:4b:b8:2d:9a:
77:82:8a:ee:f0:97:fd:e7:9b:9e:0f:76:62:3d:ae:7e:84:1b:
1c:db:c9:3f:bd:9f:ed:49:78:be:8b:37:85:5d:3d:d3:9c:22:
8e:3d:3d:30:9b:f7:c5:96:f1:a4:97:09:f6:85:0f:68:63:96:
67:24:c9:cc:c7:3e:b8:81:e5:e6:88:d8:bf:4c:7d:85:11:a1:
ab:61:6e:40:a9:c5:e2:d3:fd:42:72:92:ba:25:7e:8e:5c:cb:
d6:3a:70:cf:77:fc:6a:ca:dd:09:49:f6:ee:c7:f7:a9:55:68:
0a:60:ab:bd:8d:b3:bd:2e:a9:ff:f7:d9:3c:56:20:e9:92:df:
3f:9b:6c:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdZj/woR2qmE8nkf7rRjCKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwNjEwMTExODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRiMDI4Y2Q4YjUwYWIxMDVmODBhNDQxNTY0ZjI2M2UxMDVlMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Bnxdb0DWaV1MFJ7wpLOsSEZWcNm
h5qQ2H7vKka/90Ydn/NCLI1yB8FsTSFIpM16Qn7ENfqOCcdkoN7MHUnWExJf9S9E
PT2OqDEQT3jbwQP6nSAj+pbOxbNilaKHswUd+QUOyf7q6odU0w+E2w6UXWMNoP5C
aIh70B+DfRwQ828WmYD10pXsAx3tfT40v7oTE94Ha0oim0fdUjXn4uvdplsATljC
HTWLTnmrdGKPb54Jj6ka+02REVwaGrW9dx/sxNZ1L+TgRMP9Zt3QxnqPYso6qrvw
PvsSEu3DQgn4XTuqgCrI5yzviyHDybj06T8OIRbuRN29eEzI4Me6VTfdFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTbAozYtQqxBfgKRBVk8mPhBeOZMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvcE5zQ2pOaTFDckVGLUFwRUZXVHlZLUVGNDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkkAwQA
JSAuAwQAsu+aAwQAsu+dMA0GCSqGSIb3DQEBCwUAA4IBAQCaz7EbLKuXG9PuIAIg
OtE/Rq6J7DFKQ7MyZnRMNsXXvjKHlH5TpWlL8vqKbnsRx+MPf+FUl5dFw3dj2GuZ
6vaKOmJWUYZLqdP6jQnO/FGhKqQ1SpKLSIAssH6n3wjkJU3rTkwcZMhHArhwvy+F
+NG9R1G6HWaaxKEg1Eu4LZp3goru8Jf955ueD3ZiPa5+hBsc28k/vZ/tSXi+izeF
XT3TnCKOPT0wm/fFlvGklwn2hQ9oY5ZnJMnMxz64geXmiNi/TH2FEaGrYW5AqcXi
0/1CcpK6JX6OXMvWOnDPd/xqyt0JSfbux/epVWgKYKu9jbO9Lqn/99k8ViDpkt8/
m2xw
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:03:26 2025 by rpki-client