Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/P33SSWlpyqijB0gHEOLaoCaM5OM.roa
File: P33SSWlpyqijB0gHEOLaoCaM5OM.roa (raw, json)
Hash identifier: 7b5pymjGWkYqf8q+lDaj/5SKIALqOGUwKbQhUuKpSQo=
Subject key identifier: 3F:7D:D2:49:69:69:CA:A8:A3:07:48:07:10:E2:DA:A0:26:8C:E4:E3
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 01973F4A8680A80B7DBF9F6A1B49ED3FFBE2
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/P33SSWlpyqijB0gHEOLaoCaM5OM.roa
Signing time: Thu 05 Jun 2025 08:52:18 +0000
ROA not before: Thu 05 Jun 2025 08:52:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56430
IP address blocks: 77.81.64.0/24 maxlen: 24
86.105.152.0/23 maxlen: 23
86.105.155.0/24 maxlen: 24
89.36.18.0/24 maxlen: 24
89.36.93.0/24 maxlen: 24
89.40.214.0/24 maxlen: 24
89.42.42.0/24 maxlen: 24
89.43.174.0/24 maxlen: 24
91.193.53.0/24 maxlen: 24
185.82.172.0/22 maxlen: 22
188.212.250.0/24 maxlen: 24
188.241.13.0/24 maxlen: 24
193.33.200.0/23 maxlen: 23
193.105.218.0/24 maxlen: 24
2a05:91c0::/32 maxlen: 32
2a05:91c4::/32 maxlen: 32
2a09:1340::/29 maxlen: 29
2a0f:8b80::/29 maxlen: 29
2a12:aec0::/29 maxlen: 29
2a12:ec40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:4a:86:80:a8:0b:7d:bf:9f:6a:1b:49:ed:3f:fb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jun 5 08:52:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f7dd2496969caa8a307480710e2daa0268ce4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:84:bc:d4:08:90:88:b5:78:22:10:32:2a:59:
7f:52:a2:fe:eb:9e:d8:1e:c4:cb:6a:19:ee:7d:43:
26:58:fc:d7:83:a4:86:bc:e7:dc:ef:80:61:55:ce:
a5:e1:c7:9d:ec:de:f8:86:c5:a5:bc:da:57:62:f8:
45:21:85:b3:43:83:14:33:89:47:f8:50:6c:33:1e:
44:e0:7d:73:85:1b:e5:7a:7b:c4:30:52:f5:e3:5a:
da:01:43:95:7e:d2:f9:51:a3:08:54:3d:9a:80:5f:
55:03:31:a4:ad:68:c7:d4:24:f1:6f:99:4f:95:ed:
26:b3:dc:38:f6:10:20:08:6b:86:6f:43:ce:b7:17:
e5:12:c2:f3:fc:fa:ce:58:90:c8:a2:dc:a3:f8:26:
88:2b:6e:aa:26:c3:50:39:6b:41:99:c7:ef:97:5c:
94:d3:44:ac:7d:ef:2f:0f:5b:ac:18:68:8a:c4:b7:
75:c9:67:39:a6:94:15:4d:14:3c:a7:77:5f:bd:cf:
dd:7a:be:9e:6f:9b:2c:6b:cd:ca:b5:b6:54:fe:f9:
86:0d:a4:20:8e:79:a2:39:58:0b:c9:69:49:f6:a5:
25:d5:60:83:6d:ed:9d:e8:82:48:9c:c6:5a:5e:39:
48:e1:d1:e5:6b:3b:f5:14:44:f6:49:cc:b2:4b:8c:
90:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7D:D2:49:69:69:CA:A8:A3:07:48:07:10:E2:DA:A0:26:8C:E4:E3
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/P33SSWlpyqijB0gHEOLaoCaM5OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.64.0/24
86.105.152.0/23
86.105.155.0/24
89.36.18.0/24
89.36.93.0/24
89.40.214.0/24
89.42.42.0/24
89.43.174.0/24
91.193.53.0/24
185.82.172.0/22
188.212.250.0/24
188.241.13.0/24
193.33.200.0/23
193.105.218.0/24
IPv6:
2a05:91c0::/32
2a05:91c4::/32
2a09:1340::/29
2a0f:8b80::/29
2a12:aec0::/29
2a12:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:13:29:96:c1:6f:51:49:fa:1e:1d:18:ae:91:4e:43:bc:4f:
42:dc:8d:c9:86:e5:af:0e:ea:11:8b:e4:a6:af:d5:db:3d:66:
81:dd:67:85:a7:1f:ab:c4:2f:8f:b1:11:04:67:1a:69:9f:d4:
5b:e4:64:14:8b:07:20:48:da:47:46:cf:ae:18:9e:c4:2a:b8:
9c:6c:1a:e0:cb:20:55:0c:d1:99:4c:c9:cd:cd:77:60:2f:6b:
e3:c1:67:6a:57:d3:42:6a:c5:5f:b8:1c:a1:10:79:fd:87:78:
72:80:07:f0:88:19:52:56:fb:00:0b:00:58:b0:22:07:b1:4f:
a1:c8:2c:00:1c:79:b8:8a:60:e3:d6:cc:68:57:94:c5:70:d9:
cf:4e:7a:e8:ce:af:80:1f:f5:40:30:82:18:8b:0e:29:c4:b4:
60:23:18:19:a2:8d:43:66:89:ab:94:ef:78:58:5b:c9:fd:c5:
87:aa:ce:7e:b2:57:d9:54:62:63:ad:9b:e6:5b:5a:1c:2d:71:
fd:38:91:dd:80:a5:e6:e4:84:37:58:9d:32:d3:a3:6d:8f:4d:
6c:83:fe:06:82:b4:e5:fd:df:d1:68:15:65:08:a2:bd:6d:77:
d4:76:51:ad:1b:25:af:e4:c3:02:96:36:ec:e3:e3:7c:66:9b:
55:2f:36:39
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZc/SoaAqAt9v59qG0ntP/viMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjUwNjA1MDg1MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdkZDI0OTY5NjljYWE4YTMwNzQ4MDcxMGUyZGFhMDI2OGNlNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoS81AiQiLV4IhAyKll/UqL+657Y
HsTLahnufUMmWPzXg6SGvOfc74BhVc6l4ced7N74hsWlvNpXYvhFIYWzQ4MUM4lH
+FBsMx5E4H1zhRvlenvEMFL141raAUOVftL5UaMIVD2agF9VAzGkrWjH1CTxb5lP
le0ms9w49hAgCGuGb0POtxflEsLz/PrOWJDIotyj+CaIK26qJsNQOWtBmcfvl1yU
00Ssfe8vD1usGGiKxLd1yWc5ppQVTRQ8p3dfvc/der6eb5ssa83KtbZU/vmGDaQg
jnmiOVgLyWlJ9qUl1WCDbe2d6IJInMZaXjlI4dHlazv1FET2ScyyS4yQmwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFD990klpacqoowdIBxDi2qAmjOTjMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvUDMzU1NXbHB5cWlqQjBnSEVPTGFvQ2FNNU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBaBAIAATBUAwQATVFA
AwQBVmmYAwQAVmmbAwQAWSQSAwQAWSRdAwQAWSjWAwQAWSoqAwQAWSuuAwQAW8E1
AwQCuVKsAwQAvNT6AwQAvPENAwQBwSHIAwQAwWnaMDAEAgACMCoDBQAqBZHAAwUA
KgWRxAMFAyoJE0ADBQMqD4uAAwUDKhKuwAMFAyoS7EAwDQYJKoZIhvcNAQELBQAD
ggEBAKgTKZbBb1FJ+h4dGK6RTkO8T0LcjcmG5a8O6hGL5Kav1ds9ZoHdZ4WnH6vE
L4+xEQRnGmmf1FvkZBSLByBI2kdGz64YnsQquJxsGuDLIFUM0ZlMyc3Nd2Ava+PB
Z2pX00JqxV+4HKEQef2HeHKAB/CIGVJW+wALAFiwIgexT6HILAAcebiKYOPWzGhX
lMVw2c9OeujOr4Af9UAwghiLDinEtGAjGBmijUNmiauU73hYW8n9xYeqzn6yV9lU
YmOtm+ZbWhwtcf04kd2ApebkhDdYnTLTo22PTWyD/gaCtOX939FoFWUIor1td9R2
Ua0bJa/kwwKWNuzj43xmm1UvNjk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:18:38 2025 by rpki-client