Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/lASkSWhNSFerShHIOly6CM5etwY.roa
File: lASkSWhNSFerShHIOly6CM5etwY.roa (raw, json)
Hash identifier: eTZvYlddER+/7D2hoV0jNRxfkb0vM+l4ayTlpERiEYI=
Subject key identifier: 94:04:A4:49:68:4D:48:57:AB:4A:11:C8:3A:5C:BA:08:CE:5E:B7:06
Certificate issuer: /CN=476065d71f1e98f9a7ca78e614ecf5f46d5a643c
Certificate serial: 01971C15B844C2BB52A6059D5F9182BA60AB
Authority key identifier: 47:60:65:D7:1F:1E:98:F9:A7:CA:78:E6:14:EC:F5:F4:6D:5A:64:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/lASkSWhNSFerShHIOly6CM5etwY.roa
Signing time: Thu 29 May 2025 12:47:54 +0000
ROA not before: Thu 29 May 2025 12:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42484
IP address blocks: 81.13.111.0/24 maxlen: 24
81.13.112.0/24 maxlen: 24
194.67.129.0/24 maxlen: 24
194.67.139.0/24 maxlen: 24
213.252.101.0/24 maxlen: 24
213.252.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:15:b8:44:c2:bb:52:a6:05:9d:5f:91:82:ba:60:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=476065d71f1e98f9a7ca78e614ecf5f46d5a643c
Validity
Not Before: May 29 12:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9404a449684d4857ab4a11c83a5cba08ce5eb706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:52:a6:6a:00:f0:97:4b:57:2e:f7:1c:1c:ea:
22:c2:91:70:6a:74:91:9a:7c:20:49:07:3a:41:a3:
c0:ff:7f:b5:1f:5b:dc:98:63:83:04:98:98:0c:50:
c6:74:35:b6:e9:5b:07:8b:64:dc:66:6a:09:2c:a4:
ae:61:4d:29:11:23:2b:ae:c5:49:16:d0:62:12:ef:
8c:68:05:79:03:44:8b:25:7b:f1:c3:e6:5e:da:71:
39:ab:c3:56:2b:15:96:fe:7d:56:c0:83:2a:1b:2c:
87:c1:c7:f5:c1:3c:fb:c8:25:2f:a2:3f:79:9c:0c:
4c:69:f7:72:79:eb:ce:40:d0:1b:2b:62:d9:23:58:
9c:56:0f:5f:92:01:37:cd:d5:cc:aa:5b:ad:e6:9f:
d8:41:e3:e1:6f:51:50:a5:66:ad:a6:fa:e3:cf:76:
c3:41:38:09:5f:4b:a9:1b:25:6a:72:56:17:86:0c:
8e:45:04:a3:60:17:8e:92:00:55:6b:db:15:bc:a7:
b9:67:f8:b2:f3:0a:7f:3c:61:46:5f:25:f3:3d:2f:
fa:74:52:a5:4e:69:e1:c6:1f:d5:e6:8c:2d:38:81:
dc:86:93:41:da:63:03:3b:62:c6:fb:bf:56:14:c3:
62:99:47:17:45:e3:04:a2:54:5e:72:f1:10:e6:23:
39:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:04:A4:49:68:4D:48:57:AB:4A:11:C8:3A:5C:BA:08:CE:5E:B7:06
X509v3 Authority Key Identifier:
keyid:47:60:65:D7:1F:1E:98:F9:A7:CA:78:E6:14:EC:F5:F4:6D:5A:64:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/lASkSWhNSFerShHIOly6CM5etwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.13.111.0-81.13.112.255
194.67.129.0/24
194.67.139.0/24
213.252.101.0/24
213.252.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8c:a4:0c:3b:cb:32:44:56:7b:80:27:1e:cd:58:64:4b:73:
9d:7d:bf:72:4b:a0:0d:5f:57:04:70:2e:57:e3:c1:de:f4:50:
1b:75:f5:14:0c:66:5e:24:ee:8c:a5:19:2d:19:61:a7:8d:74:
9e:9e:b0:56:fd:10:3a:e4:d6:61:2b:38:c7:72:73:77:de:67:
f4:92:ec:c3:ec:91:2a:96:58:dd:64:02:f3:54:60:51:99:c9:
c9:b9:ba:79:1c:51:4a:3b:ca:48:d7:bc:77:b1:6e:89:9c:2a:
85:4f:2b:bc:07:1a:50:d9:f9:61:11:2c:da:e6:e5:02:94:27:
05:b1:6e:75:70:9e:b3:2a:e3:a2:d6:e4:b7:7e:2b:26:0c:d7:
40:0d:fc:a0:8a:a9:41:fd:ca:69:d3:37:71:28:d4:65:00:e4:
81:6d:dd:89:40:0f:5e:e4:21:f7:9e:85:3d:4b:62:d4:61:6c:
43:2a:f9:3a:be:47:82:40:92:c2:95:35:00:58:4b:e3:66:e3:
5c:f1:aa:d1:af:f5:2a:e4:c5:49:e4:5e:ce:fb:96:a5:0c:b9:
68:27:98:1b:7c:13:70:3f:c3:62:2f:ea:99:f7:15:4d:d9:ed:
69:fe:a7:72:76:79:97:c8:72:2f:88:08:4c:58:b9:5e:55:44:
91:1b:8d:bc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZccFbhEwrtSpgWdX5GCumCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjA2NWQ3MWYxZTk4ZjlhN2NhNzhlNjE0ZWNmNWY0NmQ1
YTY0M2MwHhcNMjUwNTI5MTI0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA0YTQ0OTY4NGQ0ODU3YWI0YTExYzgzYTVjYmEwOGNlNWViNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lKmagDwl0tXLvccHOoiwpFwanSR
mnwgSQc6QaPA/3+1H1vcmGODBJiYDFDGdDW26VsHi2TcZmoJLKSuYU0pESMrrsVJ
FtBiEu+MaAV5A0SLJXvxw+Ze2nE5q8NWKxWW/n1WwIMqGyyHwcf1wTz7yCUvoj95
nAxMafdyeevOQNAbK2LZI1icVg9fkgE3zdXMqlut5p/YQePhb1FQpWatpvrjz3bD
QTgJX0upGyVqclYXhgyORQSjYBeOkgBVa9sVvKe5Z/iy8wp/PGFGXyXzPS/6dFKl
Tmnhxh/V5owtOIHchpNB2mMDO2LG+79WFMNimUcXReMEolRecvEQ5iM5XQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJQEpEloTUhXq0oRyDpcugjOXrcGMB8GA1UdIwQY
MBaAFEdgZdcfHpj5p8p45hTs9fRtWmQ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJCbDF4OGVtUG1ueW5qbUZPejE5RzFhWkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81MjZmM2UtODkyNC00OGJkLWE3NzIt
YjUxOTUzMDM3OTkzLzEvbEFTa1NXaE5TRmVyU2hISU9seTZDTTVldHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81MjZmM2UtODkyNC00OGJkLWE3NzItYjUxOTUzMDM3OTkz
LzEvUjJCbDF4OGVtUG1ueW5qbUZPejE5RzFhWkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABRDW8D
BABRDXADBADCQ4EDBADCQ4sDBADV/GUDBADV/GwwDQYJKoZIhvcNAQELBQADggEB
ACuMpAw7yzJEVnuAJx7NWGRLc519v3JLoA1fVwRwLlfjwd70UBt19RQMZl4k7oyl
GS0ZYaeNdJ6esFb9EDrk1mErOMdyc3feZ/SS7MPskSqWWN1kAvNUYFGZycm5unkc
UUo7ykjXvHexbomcKoVPK7wHGlDZ+WERLNrm5QKUJwWxbnVwnrMq46LW5Ld+KyYM
10AN/KCKqUH9ymnTN3Eo1GUA5IFt3YlAD17kIfeehT1LYtRhbEMq+Tq+R4JAksKV
NQBYS+Nm41zxqtGv9SrkxUnkXs77lqUMuWgnmBt8E3A/w2Iv6pn3FU3Z7Wn+p3J2
eZfIci+ICExYuV5VRJEbjbw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 20:37:17 2025 by rpki-client