Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/alsuRe4zIZd9zoPDISZt1Bveg70.roa
File: alsuRe4zIZd9zoPDISZt1Bveg70.roa (raw, json)
Hash identifier: EWpeZ5riJCjW/KG77BSV/gky0WcGkW9H+LHjXXYnpDU=
Subject key identifier: 6A:5B:2E:45:EE:33:21:97:7D:CE:83:C3:21:26:6D:D4:1B:DE:83:BD
Certificate issuer: /CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Certificate serial: 019736C967ED7EE1297BCF05EB28D81EC519
Authority key identifier: F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/alsuRe4zIZd9zoPDISZt1Bveg70.roa
Signing time: Tue 03 Jun 2025 17:14:18 +0000
ROA not before: Tue 03 Jun 2025 17:14:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210892
IP address blocks: 5.1.45.0/24 maxlen: 24
79.135.124.0/24 maxlen: 24
79.135.125.0/24 maxlen: 24
79.135.126.0/24 maxlen: 24
79.135.127.0/24 maxlen: 24
94.198.80.0/23 maxlen: 23
94.198.82.0/23 maxlen: 23
94.198.84.0/23 maxlen: 23
94.198.86.0/23 maxlen: 23
109.224.223.0/24 maxlen: 24
109.224.232.0/24 maxlen: 24
213.254.180.0/24 maxlen: 24
213.254.181.0/24 maxlen: 24
213.254.182.0/24 maxlen: 24
213.254.183.0/24 maxlen: 24
2a11:2b07:1::/48 maxlen: 48
2a11:2b07:f000::/48 maxlen: 48
2a11:2b07:f001::/48 maxlen: 48
2a11:2b07:f002::/48 maxlen: 48
2a11:2b07:f003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:c9:67:ed:7e:e1:29:7b:cf:05:eb:28:d8:1e:c5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Validity
Not Before: Jun 3 17:14:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5b2e45ee3321977dce83c321266dd41bde83bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:ed:4f:57:99:56:e5:da:03:5a:d5:e8:38:
f9:6c:5f:f9:db:16:4c:3a:33:d1:06:5a:3e:0d:99:
42:5d:f7:22:44:80:72:a2:b1:37:93:75:a6:d7:42:
50:eb:4f:99:ed:42:3c:3c:ce:e5:0e:b6:2d:88:ab:
b2:2a:db:1f:67:19:c7:44:73:4c:3f:46:c4:21:7b:
e8:11:68:1d:cf:d9:ea:ac:0e:37:81:04:50:1f:61:
ed:e2:de:e7:b7:69:24:40:a4:6c:4a:6c:d6:f3:3b:
61:83:f0:28:54:19:9e:23:21:6d:db:ef:12:f7:75:
0a:c2:17:dc:dc:bb:87:c4:54:d7:27:f8:84:49:84:
ca:c0:63:a5:52:ae:e9:c5:d8:51:be:39:c2:8e:57:
70:73:c8:ce:58:c1:9f:43:83:e8:8f:68:1e:66:a9:
af:4c:22:30:20:88:2c:0e:24:a1:7c:06:62:12:4e:
b3:b4:d1:17:a7:c5:b3:2b:fe:54:16:d6:ec:66:8c:
db:d0:2c:2d:0d:47:c5:fb:ca:5d:b3:b2:12:29:3e:
a3:d0:ab:c7:c0:cb:6c:05:2f:b3:7f:2d:b3:de:16:
a4:fc:5f:54:d4:96:95:1f:af:be:36:ae:4c:5c:79:
c4:5f:2c:a6:25:9b:a4:a7:2e:7d:d9:c0:22:c4:a8:
9d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5B:2E:45:EE:33:21:97:7D:CE:83:C3:21:26:6D:D4:1B:DE:83:BD
X509v3 Authority Key Identifier:
keyid:F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/alsuRe4zIZd9zoPDISZt1Bveg70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.45.0/24
79.135.124.0/22
94.198.80.0/21
109.224.223.0/24
109.224.232.0/24
213.254.180.0/22
IPv6:
2a11:2b07:1::/48
2a11:2b07:f000::/46
Signature Algorithm: sha256WithRSAEncryption
49:2e:df:60:87:fc:9b:be:19:72:ac:4e:2a:9f:5f:d7:42:d6:
27:0d:d6:cf:a8:6a:cc:c1:4b:80:81:24:f2:47:71:7d:21:5e:
cc:bb:66:d9:28:f0:15:de:11:36:ef:2f:c0:39:5d:be:17:18:
27:cd:14:7b:0e:06:23:d3:6f:b6:69:42:3a:18:16:a8:c3:4d:
ea:57:21:c5:20:11:d3:f1:6e:08:b3:fc:db:85:95:e6:06:08:
05:cb:81:8b:e7:b1:47:d7:58:10:00:44:c9:a3:e1:f3:a9:bb:
cf:d4:d4:cf:1f:44:69:13:ed:57:83:1e:88:ab:87:6c:60:78:
31:19:4c:9d:88:b8:c7:1d:02:4c:fb:ae:ab:38:5b:10:ff:13:
55:f6:40:78:cc:4d:ce:39:8b:d4:f7:8f:58:7b:e3:c9:ed:bd:
a9:7e:50:4a:7d:40:bd:7c:50:6b:e3:22:e0:7a:5e:2e:93:70:
7b:42:46:53:55:07:9a:4b:8a:54:1f:08:42:2a:da:ad:2e:63:
dc:22:00:29:1f:0e:f0:0c:08:63:04:f5:45:0b:5c:12:29:d8:
b1:4f:3b:d5:26:93:5f:69:58:b1:26:62:a7:e5:6e:0c:7b:5a:
ce:b2:fe:b3:bd:b1:b1:df:53:de:a1:9f:97:47:7e:d8:a3:d2:
01:b7:c6:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZc2yWftfuEpe88F6yjYHsUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZDU5M2IxYzg3YjgxNzM5ZWM0MTkxMDI5NWJmMzg1ZjJj
OWE5OTIwHhcNMjUwNjAzMTcxNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTViMmU0NWVlMzMyMTk3N2RjZTgzYzMyMTI2NmRkNDFiZGU4M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI7tT1eZVuXaA1rV6Dj5bF/52xZM
OjPRBlo+DZlCXfciRIByorE3k3Wm10JQ60+Z7UI8PM7lDrYtiKuyKtsfZxnHRHNM
P0bEIXvoEWgdz9nqrA43gQRQH2Ht4t7nt2kkQKRsSmzW8zthg/AoVBmeIyFt2+8S
93UKwhfc3LuHxFTXJ/iESYTKwGOlUq7pxdhRvjnCjldwc8jOWMGfQ4Poj2geZqmv
TCIwIIgsDiShfAZiEk6ztNEXp8WzK/5UFtbsZozb0CwtDUfF+8pds7ISKT6j0KvH
wMtsBS+zfy2z3hak/F9U1JaVH6++Nq5MXHnEXyymJZukpy592cAixKidWwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGpbLkXuMyGXfc6DwyEmbdQb3oO9MB8GA1UdIwQY
MBaAFPLVk7HIe4FznsQZEClb84XyyamSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTIt
OWI4ZDY4ZWU4N2ZjLzEvYWxzdVJlNHpJWmQ5em9QRElTWnQxQnZlZzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTItOWI4ZDY4ZWU4N2Zj
LzEvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQABQEtAwQC
T4d8AwQDXsZQAwQAbeDfAwQAbeDoAwQC1f60MBgEAgACMBIDBwAqESsHAAEDBwIq
ESsH8AAwDQYJKoZIhvcNAQELBQADggEBAEku32CH/Ju+GXKsTiqfX9dC1icN1s+o
aszBS4CBJPJHcX0hXsy7Ztko8BXeETbvL8A5Xb4XGCfNFHsOBiPTb7ZpQjoYFqjD
TepXIcUgEdPxbgiz/NuFleYGCAXLgYvnsUfXWBAARMmj4fOpu8/U1M8fRGkT7VeD
Hoirh2xgeDEZTJ2IuMcdAkz7rqs4WxD/E1X2QHjMTc45i9T3j1h748ntval+UEp9
QL18UGvjIuB6Xi6TcHtCRlNVB5pLilQfCEIq2q0uY9wiACkfDvAMCGME9UULXBIp
2LFPO9Umk19pWLEmYqflbgx7Ws6y/rO9sbHfU96hn5dHftij0gG3xkQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:10:04 2025 by rpki-client