Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/peVRzfk7a5kMcnIN5l0vfDJAjV4.roa
File: peVRzfk7a5kMcnIN5l0vfDJAjV4.roa (raw, json)
Hash identifier: BZZQzoUGU3SVXNptLeHk5DArDqOJYETbuht6S7O+La0=
Subject key identifier: A5:E5:51:CD:F9:3B:6B:99:0C:72:72:0D:E6:5D:2F:7C:32:40:8D:5E
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 019716B0320B0FA4A1C21F3CC64F44A985FD
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/peVRzfk7a5kMcnIN5l0vfDJAjV4.roa
Signing time: Wed 28 May 2025 11:38:55 +0000
ROA not before: Wed 28 May 2025 11:38:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29167
IP address blocks: 37.209.128.0/19 maxlen: 21
84.39.160.0/20 maxlen: 21
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:b0:32:0b:0f:a4:a1:c2:1f:3c:c6:4f:44:a9:85:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: May 28 11:38:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5e551cdf93b6b990c72720de65d2f7c32408d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:0a:79:af:2e:6d:5d:bb:89:53:1d:d7:9f:
70:7e:41:37:79:06:f7:a0:ba:d1:22:b9:7e:9a:a4:
ea:44:75:57:cf:09:fe:53:1a:67:6c:fb:90:20:e3:
f7:82:42:47:17:ff:16:d3:3f:88:df:e8:7f:f8:dd:
16:69:95:00:88:64:23:11:72:96:81:f9:13:2f:0c:
78:b7:c1:ea:8d:b1:51:c1:3f:29:b5:7b:60:c7:16:
dd:99:d7:4d:d1:c7:17:bc:ae:86:32:98:19:ae:75:
e4:43:f5:4c:c3:91:2f:0d:8b:24:04:a4:60:72:c2:
d4:23:21:9e:77:ad:38:5a:4c:08:af:a0:70:d7:af:
95:29:8a:6b:2f:35:40:67:54:9c:26:72:4c:1e:ee:
8e:57:92:3f:c8:fa:c4:57:74:bd:54:77:84:78:38:
14:4b:1c:c7:fc:30:41:b0:db:f7:64:06:65:d5:c6:
34:fc:57:c9:0c:b3:e6:d4:0b:de:fd:e6:f5:02:47:
5f:84:5b:2a:7d:cc:af:a3:0b:09:65:04:ca:c9:42:
cc:ce:06:8c:46:1e:31:fb:84:10:ea:b0:5d:13:4e:
ff:2c:6f:3a:39:61:ba:00:f7:a8:ea:1f:d0:17:f0:
b4:cf:eb:e8:91:64:0d:f6:52:dd:6b:8b:c4:a0:c6:
f5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E5:51:CD:F9:3B:6B:99:0C:72:72:0D:E6:5D:2F:7C:32:40:8D:5E
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/peVRzfk7a5kMcnIN5l0vfDJAjV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.128.0/19
84.39.160.0/20
93.154.128.0/17
151.248.32.0/20
Signature Algorithm: sha256WithRSAEncryption
11:1b:75:b3:9f:3b:80:ef:fa:03:0b:88:34:7d:ec:68:cf:f9:
3f:ba:7f:b0:35:4c:a3:84:c2:7c:73:9e:06:67:f9:72:00:1d:
66:06:e6:0e:4d:cd:1f:57:bf:22:5f:5f:01:92:99:44:42:4d:
3c:5a:96:ee:f1:7d:be:c7:b2:50:f9:70:14:0d:f8:02:88:a7:
cf:9f:78:c5:ea:2c:e4:c9:a4:f8:6a:dc:c8:da:e9:cb:17:af:
1e:29:4b:f7:84:66:e2:16:d3:ea:8e:3a:25:54:d7:42:75:57:
e8:a0:de:25:28:af:c8:89:86:59:ab:ba:ee:8b:a1:c2:c0:56:
1a:c3:94:db:d0:06:b1:cd:06:ae:56:6c:ee:98:68:c1:5d:41:
65:11:c2:51:7d:9b:8c:2e:3a:06:3d:75:26:90:7f:30:d9:75:
e5:05:cf:40:17:a6:de:12:f9:27:cf:61:58:d0:12:8f:1d:df:
c3:7a:8f:97:6e:4f:eb:2e:9a:64:a8:39:3b:b6:49:48:5e:a5:
66:44:e5:e4:02:63:05:55:9d:49:fa:3b:e7:65:5d:00:af:79:
04:73:ad:65:59:07:24:ea:e1:2d:94:98:49:2b:b1:8c:bf:d6:
b0:06:e8:80:13:8a:55:c1:28:49:49:86:04:cf:75:81:ee:44:
88:5c:e7:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZcWsDILD6Shwh88xk9EqYX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjUwNTI4MTEzODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU1NTFjZGY5M2I2Yjk5MGM3MjcyMGRlNjVkMmY3YzMyNDA4ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18oKea8ubV27iVMd159wfkE3eQb3
oLrRIrl+mqTqRHVXzwn+UxpnbPuQIOP3gkJHF/8W0z+I3+h/+N0WaZUAiGQjEXKW
gfkTLwx4t8HqjbFRwT8ptXtgxxbdmddN0ccXvK6GMpgZrnXkQ/VMw5EvDYskBKRg
csLUIyGed604WkwIr6Bw16+VKYprLzVAZ1ScJnJMHu6OV5I/yPrEV3S9VHeEeDgU
SxzH/DBBsNv3ZAZl1cY0/FfJDLPm1Ave/eb1AkdfhFsqfcyvowsJZQTKyULMzgaM
Rh4x+4QQ6rBdE07/LG86OWG6APeo6h/QF/C0z+vokWQN9lLda4vEoMb1HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKXlUc35O2uZDHJyDeZdL3wyQI1eMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvcGVWUnpmazdhNWtNY25JTjVsMHZmREpBalY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFJdGAAwQE
VCegAwQHXZqAAwQEl/ggMA0GCSqGSIb3DQEBCwUAA4IBAQARG3WznzuA7/oDC4g0
fexoz/k/un+wNUyjhMJ8c54GZ/lyAB1mBuYOTc0fV78iX18BkplEQk08Wpbu8X2+
x7JQ+XAUDfgCiKfPn3jF6izkyaT4atzI2unLF68eKUv3hGbiFtPqjjolVNdCdVfo
oN4lKK/IiYZZq7rui6HCwFYaw5Tb0AaxzQauVmzumGjBXUFlEcJRfZuMLjoGPXUm
kH8w2XXlBc9AF6beEvknz2FY0BKPHd/Deo+Xbk/rLppkqDk7tklIXqVmROXkAmMF
VZ1J+jvnZV0Ar3kEc61lWQck6uEtlJhJK7GMv9awBuiAE4pVwShJSYYEz3WB7kSI
XOeB
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:35:46 2025 by rpki-client