Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/4yNv1AmPL0eETqaVsG5JTwwRl3A.roa
File: 4yNv1AmPL0eETqaVsG5JTwwRl3A.roa (raw, json)
Hash identifier: eTktrEnbGg3fLOei98QUmpv9AxL2dhvENDzZ4cYi6lk=
Subject key identifier: E3:23:6F:D4:09:8F:2F:47:84:4E:A6:95:B0:6E:49:4F:0C:11:97:70
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 0197497ADBDBFBEE974BA2ED0E9580A1862E
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/4yNv1AmPL0eETqaVsG5JTwwRl3A.roa
Signing time: Sat 07 Jun 2025 08:21:17 +0000
ROA not before: Sat 07 Jun 2025 08:21:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12993
IP address blocks: 37.203.32.0/21 maxlen: 21
37.203.32.0/23 maxlen: 23
37.203.37.0/24 maxlen: 24
37.203.38.0/24 maxlen: 24
37.203.39.0/24 maxlen: 24
81.94.224.0/20 maxlen: 20
81.94.229.0/24 maxlen: 24
89.111.0.0/18 maxlen: 18
89.111.22.0/24 maxlen: 24
89.111.25.0/24 maxlen: 24
89.111.26.0/24 maxlen: 24
89.111.38.0/24 maxlen: 24
178.16.16.0/20 maxlen: 20
185.34.24.0/22 maxlen: 22
185.34.24.0/23 maxlen: 23
185.34.26.0/23 maxlen: 23
185.219.156.0/22 maxlen: 22
193.108.144.0/22 maxlen: 24
193.108.144.0/23 maxlen: 23
193.108.185.0/24 maxlen: 24
194.9.175.0/24 maxlen: 24
2a00:17c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:7a:db:db:fb:ee:97:4b:a2:ed:0e:95:80:a1:86:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Jun 7 08:21:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3236fd4098f2f47844ea695b06e494f0c119770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:40:e1:03:db:a3:24:30:a7:fc:1a:59:3f:b0:
3b:2e:7e:89:05:3e:4a:cf:e7:35:25:10:b5:e1:c5:
73:58:e7:00:02:14:9e:eb:fa:b5:d0:ec:cf:d5:f6:
e5:de:ac:89:d2:92:88:9f:98:ee:14:95:58:75:23:
27:1f:e4:ae:6b:b3:a1:0b:73:68:48:ab:51:f8:0a:
ef:c5:58:db:68:11:c7:74:5d:1f:82:b4:02:00:76:
c4:9f:c3:51:9c:9e:24:24:77:26:1c:fd:90:df:6d:
f3:37:2d:2a:37:e8:8f:e0:77:d7:da:c2:4a:7d:97:
b3:5e:b9:01:4f:61:76:59:bd:67:a8:ea:22:5e:81:
c5:c9:c5:ad:f2:62:61:1f:98:5a:a0:f4:b3:42:d4:
3e:b8:65:51:d8:c0:dc:03:39:12:c1:97:d1:7f:23:
d5:9b:d1:dc:b5:4d:08:b7:a4:d7:fc:ef:b1:57:4f:
7c:9c:d5:70:82:fd:1f:48:99:5c:56:17:66:f6:31:
53:61:a4:e2:7c:0f:e0:80:fb:20:2a:92:cc:01:cd:
66:82:a8:b5:c3:b6:a7:f3:dd:e0:f2:c7:f6:af:88:
1d:9b:0b:89:1d:a0:e6:4b:8c:88:78:bc:9d:06:c6:
18:e0:82:e8:6e:1e:c5:2d:5c:51:ea:f1:3f:f6:c7:
0e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:23:6F:D4:09:8F:2F:47:84:4E:A6:95:B0:6E:49:4F:0C:11:97:70
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/4yNv1AmPL0eETqaVsG5JTwwRl3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.32.0/21
81.94.224.0/20
89.111.0.0/18
178.16.16.0/20
185.34.24.0/22
185.219.156.0/22
193.108.144.0/22
193.108.185.0/24
194.9.175.0/24
IPv6:
2a00:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:57:1e:4c:d4:9e:6f:46:05:ec:2a:a0:18:63:f4:72:a0:cc:
f3:44:29:13:cc:91:57:17:3d:58:a7:15:47:82:7b:5f:7d:03:
93:cb:fb:28:d8:64:39:a5:e5:7e:f1:c5:a1:94:b8:e4:a5:d1:
00:19:3d:82:1e:f0:d9:1b:02:45:91:09:ba:6e:da:cc:f9:9d:
b8:42:5d:49:2b:77:92:6b:0b:17:15:7e:c9:dc:42:a4:49:05:
53:8d:ca:3e:db:c3:32:99:4d:5c:c7:20:b0:40:06:96:c8:f7:
3d:33:06:b4:c6:b0:b5:78:1c:14:f3:58:38:85:44:1b:45:d2:
dd:74:47:87:50:b7:86:d3:16:1f:9d:ca:aa:df:f6:a9:b0:cd:
ca:87:e4:35:63:6f:ab:a6:8f:1e:57:b3:e3:fe:da:8b:5f:5d:
a7:0b:dd:df:bf:39:02:42:a5:68:11:e9:59:2b:e9:c4:b5:bf:
59:65:ea:43:bd:6f:c7:38:da:73:c1:4b:cc:ba:5a:29:a8:62:
0d:f7:14:3e:78:e5:52:e3:c2:53:6c:ef:81:99:36:44:77:2a:
17:25:32:35:52:24:71:c2:bd:df:6c:03:90:19:3d:05:7b:66:
4d:a4:e9:b2:8f:df:24:70:f2:2d:b8:7b:4e:56:8b:7b:f8:f9:
b9:04:d1:f6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZdJetvb++6XS6LtDpWAoYYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjUwNjA3MDgyMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIzNmZkNDA5OGYyZjQ3ODQ0ZWE2OTViMDZlNDk0ZjBjMTE5NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUDhA9ujJDCn/BpZP7A7Ln6JBT5K
z+c1JRC14cVzWOcAAhSe6/q10OzP1fbl3qyJ0pKIn5juFJVYdSMnH+Sua7OhC3No
SKtR+ArvxVjbaBHHdF0fgrQCAHbEn8NRnJ4kJHcmHP2Q323zNy0qN+iP4HfX2sJK
fZezXrkBT2F2Wb1nqOoiXoHFycWt8mJhH5haoPSzQtQ+uGVR2MDcAzkSwZfRfyPV
m9HctU0It6TX/O+xV098nNVwgv0fSJlcVhdm9jFTYaTifA/ggPsgKpLMAc1mgqi1
w7an893g8sf2r4gdmwuJHaDmS4yIeLydBsYY4ILobh7FLVxR6vE/9scOpQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOMjb9QJjy9HhE6mlbBuSU8MEZdwMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvNHlOdjFBbVBMMGVFVHFhVnNHNUpUd3dSbDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJcsgAwQE
UV7gAwQGWW8AAwQEshAQAwQCuSIYAwQCuducAwQCwWyQAwQAwWy5AwQAwgmvMA0E
AgACMAcDBQAqABfAMA0GCSqGSIb3DQEBCwUAA4IBAQBJVx5M1J5vRgXsKqAYY/Ry
oMzzRCkTzJFXFz1YpxVHgntffQOTy/so2GQ5peV+8cWhlLjkpdEAGT2CHvDZGwJF
kQm6btrM+Z24Ql1JK3eSawsXFX7J3EKkSQVTjco+28MymU1cxyCwQAaWyPc9Mwa0
xrC1eBwU81g4hUQbRdLddEeHULeG0xYfncqq3/apsM3Kh+Q1Y2+rpo8eV7Pj/tqL
X12nC93fvzkCQqVoEelZK+nEtb9ZZepDvW/HONpzwUvMulopqGIN9xQ+eOVS48JT
bO+BmTZEdyoXJTI1UiRxwr3fbAOQGT0Fe2ZNpOmyj98kcPItuHtOVot7+Pm5BNH2
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:24:42 2025 by rpki-client