Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1FJeVgZId139knZgMTYZmAnwLDs.roa
File: 1FJeVgZId139knZgMTYZmAnwLDs.roa (raw, json)
Hash identifier: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=
Subject key identifier: D4:52:5E:56:06:48:77:5D:FD:92:76:60:31:36:19:98:09:F0:2C:3B
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0197365D5D7C5220A3629B68A4E3AD2D93EA
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1FJeVgZId139knZgMTYZmAnwLDs.roa
Signing time: Tue 03 Jun 2025 15:16:17 +0000
ROA not before: Tue 03 Jun 2025 15:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
103.118.16.0/24 maxlen: 24
103.118.17.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
195.250.30.0/24 maxlen: 24
195.250.31.0/24 maxlen: 24
198.38.81.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
198.38.84.0/24 maxlen: 24
198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 15:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:5d:5d:7c:52:20:a3:62:9b:68:a4:e3:ad:2d:93:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jun 3 15:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4525e560648775dfd9276603136199809f02c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:62:c3:49:d6:67:a2:fc:9d:8c:00:b0:65:62:
b5:8c:cb:5f:24:1c:55:78:ec:ea:e6:71:9f:20:5f:
5c:e2:ff:66:a4:6e:a7:bf:0c:50:d0:61:83:77:4f:
7e:b5:5a:96:75:a2:c4:0f:d9:06:06:18:13:e4:ca:
60:30:59:ba:c5:89:a2:a2:70:cc:91:b7:54:6d:c7:
f4:2f:25:76:96:77:52:0d:94:6e:87:9c:dd:14:61:
9c:f7:8d:45:85:a3:8e:e2:f3:5b:80:6c:a1:2d:db:
25:db:11:c4:38:eb:ef:93:3f:4c:d5:9d:5d:be:b7:
4e:88:19:65:a2:ee:7e:bb:4b:28:e7:95:c9:89:16:
ed:33:10:5e:8c:f0:a5:2c:e7:e3:83:d8:31:fa:55:
1f:c4:b8:e3:ed:21:75:85:d5:f2:02:dd:8a:f5:b8:
0c:3f:e2:a5:bc:71:99:41:e3:98:ca:6e:37:73:4a:
83:22:28:36:a9:58:ef:02:24:ae:32:85:5c:d3:49:
3a:c0:d7:33:34:aa:15:bb:e7:74:c3:a1:b9:dd:6a:
11:bd:45:68:80:8e:d1:f1:e7:8f:37:7a:08:62:ef:
bf:b9:a4:e9:03:52:35:2a:5d:1c:70:93:87:1a:f7:
46:9b:4b:1e:ee:82:0d:8e:da:7f:7a:65:b7:30:c9:
60:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:52:5E:56:06:48:77:5D:FD:92:76:60:31:36:19:98:09:F0:2C:3B
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1FJeVgZId139knZgMTYZmAnwLDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
103.118.16.0/23
190.92.174.0/23
195.250.20.0-195.250.22.255
195.250.30.0/23
198.38.81.0/24
198.38.83.0-198.38.89.255
Signature Algorithm: sha256WithRSAEncryption
37:e0:29:45:e1:cd:b6:47:15:29:4e:97:cf:bc:c9:ab:b7:05:
fe:ab:e1:76:12:66:56:8b:3c:f5:12:fe:5a:81:d3:a7:64:b9:
dc:74:92:ea:29:b0:11:c0:a3:61:3b:0c:b2:b4:23:11:db:bf:
6a:70:cd:84:47:2f:4f:49:a7:68:c8:ae:54:cf:df:29:86:95:
a7:8f:e1:16:ac:e6:5e:7f:3f:a2:e8:5f:d5:62:c0:70:cd:eb:
78:aa:a2:91:4b:a3:ae:d1:66:6a:3a:79:17:84:84:68:7b:66:
c9:c9:5c:ac:eb:be:94:e0:de:d8:1d:ea:86:53:14:94:3c:0a:
57:22:09:c5:6c:49:86:b2:62:34:be:a1:c4:38:19:be:35:d3:
b7:1b:c3:4b:dc:33:7e:6f:81:91:43:8c:49:35:40:2b:3d:5a:
25:a7:70:b9:c8:07:dd:8f:25:87:1a:e4:ad:e4:ed:63:9d:1a:
a9:17:cd:30:18:b9:7b:c6:63:fa:fe:58:b5:ef:73:f7:60:99:
1c:ca:41:5b:06:26:e3:4a:26:b0:4e:86:e9:97:66:b2:53:7c:
55:13:ff:8c:99:47:36:32:2a:af:8f:c8:61:6d:78:98:65:7d:
a7:55:51:55:1e:79:b5:01:46:4b:7c:50:fd:ce:eb:49:06:71:
dd:3e:2d:9b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZc2XV18UiCjYptopOOtLZPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNjAzMTUxNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUyNWU1NjA2NDg3NzVkZmQ5Mjc2NjAzMTM2MTk5ODA5ZjAyYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GLDSdZnovydjACwZWK1jMtfJBxV
eOzq5nGfIF9c4v9mpG6nvwxQ0GGDd09+tVqWdaLED9kGBhgT5MpgMFm6xYmionDM
kbdUbcf0LyV2lndSDZRuh5zdFGGc941FhaOO4vNbgGyhLdsl2xHEOOvvkz9M1Z1d
vrdOiBllou5+u0so55XJiRbtMxBejPClLOfjg9gx+lUfxLjj7SF1hdXyAt2K9bgM
P+KlvHGZQeOYym43c0qDIig2qVjvAiSuMoVc00k6wNczNKoVu+d0w6G53WoRvUVo
gI7R8eePN3oIYu+/uaTpA1I1Kl0ccJOHGvdGm0se7oINjtp/emW3MMlgWwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNRSXlYGSHdd/ZJ2YDE2GZgJ8Cw7MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMUZKZVZnWklkMTM5a25aZ01UWVptQW53TERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQARTmsAwQB
Z3YQAwQBvlyuMAwDBALD+hQDBADD+hYDBAHD+h4DBADGJlEwDAMEAMYmUwMEAcYm
WDANBgkqhkiG9w0BAQsFAAOCAQEAN+ApReHNtkcVKU6Xz7zJq7cF/qvhdhJmVos8
9RL+WoHTp2S53HSS6imwEcCjYTsMsrQjEdu/anDNhEcvT0mnaMiuVM/fKYaVp4/h
FqzmXn8/ouhf1WLAcM3reKqikUujrtFmajp5F4SEaHtmyclcrOu+lODe2B3qhlMU
lDwKVyIJxWxJhrJiNL6hxDgZvjXTtxvDS9wzfm+BkUOMSTVAKz1aJadwucgH3Y8l
hxrkreTtY50aqRfNMBi5e8Zj+v5Yte9z92CZHMpBWwYm40omsE6G6ZdmslN8VRP/
jJlHNjIqr4/IYW14mGV9p1VRVR55tQFGS3xQ/c7rSQZx3T4tmw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 01:33:47 2025 by rpki-client