Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/PX5qL5TwsFhf-09OufUwOC6nOEo.roa
File: PX5qL5TwsFhf-09OufUwOC6nOEo.roa (raw, json)
Hash identifier: VELgMvcmhCqoQ+EySyYZqoEGcBD6C3/Z95zGs7MadCg=
Subject key identifier: 3D:7E:6A:2F:94:F0:B0:58:5F:FB:4F:4E:B9:F5:30:38:2E:A7:38:4A
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019717E68D6A8422BD1DF58E31CA6B94B881
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/PX5qL5TwsFhf-09OufUwOC6nOEo.roa
Signing time: Wed 28 May 2025 17:17:54 +0000
ROA not before: Wed 28 May 2025 17:17:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 64.188.98.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:e6:8d:6a:84:22:bd:1d:f5:8e:31:ca:6b:94:b8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 28 17:17:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d7e6a2f94f0b0585ffb4f4eb9f530382ea7384a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:6b:e9:a8:8e:a5:e7:4a:24:5b:84:ac:c2:
35:06:4c:df:b5:04:ea:b6:72:02:8a:07:24:06:0f:
fa:c3:47:91:89:90:82:df:0b:b6:a5:42:19:7d:86:
81:fe:2c:2a:d0:ca:02:3b:6d:38:ac:e9:ac:0e:cd:
74:19:cd:8c:32:34:d8:e0:06:cc:b9:e6:e1:ca:50:
a7:29:e4:7c:50:ec:ae:c5:f7:c3:80:57:99:c7:10:
5f:dd:84:1b:20:d4:aa:34:8d:34:65:29:a7:a1:fe:
f2:3a:71:8b:e0:5f:e9:63:72:e7:1b:d4:26:86:46:
11:f7:96:41:01:3d:fd:48:f6:d7:8e:5b:43:b8:b6:
59:4a:03:3c:f6:da:b9:86:93:58:12:0c:3e:38:2f:
2c:bc:05:f1:6e:07:c6:a7:ef:6d:f8:4f:ad:60:ae:
9f:a4:2c:44:fa:28:e7:69:53:15:e6:5a:6e:37:e2:
0d:9a:3a:09:e8:68:7c:ac:f8:cd:f4:0e:26:c3:94:
46:70:cd:30:09:2b:07:a6:63:8c:8e:3e:83:c7:71:
40:bc:67:e2:38:58:88:77:d2:57:17:d4:e0:7b:7c:
57:99:0d:2e:99:1e:22:62:38:64:07:ee:a2:88:ea:
8a:f9:4c:e1:ab:a8:21:4a:b6:f2:db:48:1f:b6:2d:
cd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7E:6A:2F:94:F0:B0:58:5F:FB:4F:4E:B9:F5:30:38:2E:A7:38:4A
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/PX5qL5TwsFhf-09OufUwOC6nOEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.98.0/24
77.239.107.0/24
185.170.153.0-185.170.154.255
Signature Algorithm: sha256WithRSAEncryption
0f:be:03:09:fd:4d:9c:68:80:5d:e5:30:91:ad:b9:1f:42:1c:
12:ee:90:53:13:cf:29:39:ed:b1:fb:98:0b:b4:3b:33:a7:46:
d4:b3:29:7c:77:d3:26:fd:5b:38:90:9e:a6:cf:18:a2:6b:ff:
74:dc:a8:06:13:c8:5f:46:0f:d7:94:b6:ec:de:7a:df:b5:e1:
fa:07:74:2d:6e:af:80:6b:bc:a2:56:b5:5d:e2:7b:d6:04:7c:
fc:0c:8a:32:0d:7a:13:1c:94:d4:e7:70:94:4f:81:5c:16:2a:
98:92:c6:83:f9:11:99:72:f2:82:65:ee:44:1d:f4:bc:f4:53:
25:42:e1:e4:bf:7b:36:fd:ae:41:5a:bf:c4:f8:27:6a:f1:b3:
e4:81:0a:8f:cf:b8:14:42:b6:a6:4d:bb:a5:2d:48:81:57:62:
c0:74:f1:ef:90:43:f7:11:be:0e:36:5f:bf:ab:11:e6:7d:6a:
29:3e:88:72:34:bd:35:d0:85:ad:9e:56:af:f7:dc:3d:1f:a6:
20:c4:db:a5:a7:49:90:9b:d5:59:24:bc:95:01:1b:19:fd:e9:
1c:78:1a:1e:96:06:da:0d:64:9a:02:70:88:5d:52:c5:2b:d4:
83:43:5b:ce:81:61:48:7d:f8:08:02:e1:01:9b:a3:49:fa:31:
32:25:95:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZcX5o1qhCK9HfWOMcprlLiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTI4MTcxNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdlNmEyZjk0ZjBiMDU4NWZmYjRmNGViOWY1MzAzODJlYTczODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudJr6aiOpedKJFuErMI1BkzftQTq
tnICigckBg/6w0eRiZCC3wu2pUIZfYaB/iwq0MoCO204rOmsDs10Gc2MMjTY4AbM
uebhylCnKeR8UOyuxffDgFeZxxBf3YQbINSqNI00ZSmnof7yOnGL4F/pY3LnG9Qm
hkYR95ZBAT39SPbXjltDuLZZSgM89tq5hpNYEgw+OC8svAXxbgfGp+9t+E+tYK6f
pCxE+ijnaVMV5lpuN+INmjoJ6Gh8rPjN9A4mw5RGcM0wCSsHpmOMjj6Dx3FAvGfi
OFiId9JXF9Tge3xXmQ0umR4iYjhkB+6iiOqK+Uzhq6ghSrby20gfti3NCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD1+ai+U8LBYX/tPTrn1MDgupzhKMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvUFg1cUw1VHdzRmhmLTA5T3VmVXdPQzZuT0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAQLxiAwQA
Te9rMAwDBAC5qpkDBAC5qpowDQYJKoZIhvcNAQELBQADggEBAA++Awn9TZxogF3l
MJGtuR9CHBLukFMTzyk57bH7mAu0OzOnRtSzKXx30yb9WziQnqbPGKJr/3TcqAYT
yF9GD9eUtuzeet+14foHdC1ur4BrvKJWtV3ie9YEfPwMijINehMclNTncJRPgVwW
KpiSxoP5EZly8oJl7kQd9Lz0UyVC4eS/ezb9rkFav8T4J2rxs+SBCo/PuBRCtqZN
u6UtSIFXYsB08e+QQ/cRvg42X7+rEeZ9aik+iHI0vTXQha2eVq/33D0fpiDE26Wn
SZCb1VkkvJUBGxn96Rx4Gh6WBtoNZJoCcIhdUsUr1INDW86BYUh9+AgC4QGbo0n6
MTIllSw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:01:06 2025 by rpki-client