Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/39eMlym5-vUY7eWOJGWxfmeXbRY.roa
File: 39eMlym5-vUY7eWOJGWxfmeXbRY.roa (raw, json)
Hash identifier: WY0sOOmZNXOfMNrzfd1Jh0Sr1ckGzWAuxPnTphEkb9w=
Subject key identifier: DF:D7:8C:97:29:B9:FA:F5:18:ED:E5:8E:24:65:B1:7E:67:97:6D:16
Certificate issuer: /CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
Certificate serial: 01971C2F5A5EA1071C317F601AB0799D09E2
Authority key identifier: C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/39eMlym5-vUY7eWOJGWxfmeXbRY.roa
Signing time: Thu 29 May 2025 13:15:54 +0000
ROA not before: Thu 29 May 2025 13:15:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 141.138.72.0/24 maxlen: 24
141.138.73.0/24 maxlen: 24
141.138.75.0/24 maxlen: 24
141.138.76.0/24 maxlen: 24
141.138.77.0/24 maxlen: 24
141.138.78.0/24 maxlen: 24
141.138.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:2f:5a:5e:a1:07:1c:31:7f:60:1a:b0:79:9d:09:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
Validity
Not Before: May 29 13:15:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd78c9729b9faf518ede58e2465b17e67976d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:2f:3e:68:5e:81:30:80:86:e6:32:9d:67:
1d:eb:3d:8a:d5:a1:85:42:f0:fc:d7:17:93:c8:b4:
fa:06:1c:c8:26:13:37:f0:7c:b0:16:bc:41:32:80:
6e:e6:31:96:5e:d7:13:0d:0e:da:50:5c:12:8e:59:
22:05:7e:f5:ee:d7:d8:5f:6b:15:9c:2a:ce:bc:14:
11:0c:98:85:15:8c:3a:48:49:18:b9:0f:b5:07:79:
34:08:5d:d3:63:4b:30:45:dd:05:59:a7:03:90:8d:
df:a6:b8:8f:92:82:e0:f3:84:79:2e:7e:45:cf:6d:
b7:88:49:04:ea:00:d4:b4:55:f6:ac:22:41:56:16:
8d:13:3a:80:55:6d:52:e8:fe:68:4c:e0:cd:1d:08:
e0:20:27:1d:b0:7f:83:c4:5c:cc:92:4f:2c:8b:5a:
21:9b:77:52:5c:cf:08:fe:f3:dd:01:48:60:02:33:
58:1b:10:3d:ab:57:32:ed:5f:0a:e8:33:61:30:91:
4c:4c:4d:ed:ee:df:85:35:4b:a7:65:b3:29:f4:74:
59:26:03:d4:2e:69:80:58:2a:10:fe:20:34:de:35:
8d:ca:d7:60:01:25:0d:8d:cb:ea:6a:0d:81:ee:49:
78:a1:8a:d2:f9:c6:4f:a8:29:6d:1f:08:1b:cb:58:
92:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D7:8C:97:29:B9:FA:F5:18:ED:E5:8E:24:65:B1:7E:67:97:6D:16
X509v3 Authority Key Identifier:
keyid:C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/39eMlym5-vUY7eWOJGWxfmeXbRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.72.0/23
141.138.75.0-141.138.79.255
Signature Algorithm: sha256WithRSAEncryption
4a:58:ab:be:c4:f3:84:e5:11:e5:cb:51:8a:57:e2:71:a2:f8:
f5:3d:50:a0:3e:69:8d:89:25:92:9b:6e:e0:83:7e:ef:57:8f:
9c:9e:77:af:72:83:5c:75:88:5e:71:8d:d1:54:45:ba:ca:e5:
54:51:e0:0d:13:91:f2:a1:80:63:45:05:8e:cd:88:2e:52:a2:
11:0b:fa:e8:e4:80:bf:f8:94:e6:99:8b:de:8f:25:e7:01:c9:
50:9b:30:88:f9:33:16:62:fa:f3:8f:24:29:8c:14:68:7a:79:
c7:3e:0d:1e:f9:20:6b:fc:9b:9c:62:6f:c9:88:1c:32:d8:a8:
e4:19:67:6c:9d:19:db:05:eb:3a:6d:7d:ed:71:24:7e:44:07:
d3:28:cb:69:0f:5c:19:49:e7:fd:2d:d9:3c:77:c0:c5:3c:8a:
7d:83:18:3d:90:a8:f6:de:02:24:b5:39:75:3d:9e:70:f2:63:
07:de:d2:9b:21:f2:27:a5:68:77:9e:97:cf:0f:23:f5:3b:31:
5f:10:69:63:74:1b:fa:15:c3:26:f1:4a:6f:24:ad:34:2f:61:
c2:d4:45:4a:8c:69:aa:0e:fe:68:67:ad:70:98:e9:48:3e:4f:
01:c4:c9:2e:2a:2a:b5:ad:dd:1f:43:47:77:62:84:fa:00:76:
ad:eb:fe:c8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZccL1peoQccMX9gGrB5nQniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGFkYWZiMWYzMWY5ODg5YWE0NzM1NzkyYjZlM2RiNDY5
MzFiYjkwHhcNMjUwNTI5MTMxNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ3OGM5NzI5YjlmYWY1MThlZGU1OGUyNDY1YjE3ZTY3OTc2ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszYvPmhegTCAhuYynWcd6z2K1aGF
QvD81xeTyLT6BhzIJhM38HywFrxBMoBu5jGWXtcTDQ7aUFwSjlkiBX717tfYX2sV
nCrOvBQRDJiFFYw6SEkYuQ+1B3k0CF3TY0swRd0FWacDkI3fpriPkoLg84R5Ln5F
z223iEkE6gDUtFX2rCJBVhaNEzqAVW1S6P5oTODNHQjgICcdsH+DxFzMkk8si1oh
m3dSXM8I/vPdAUhgAjNYGxA9q1cy7V8K6DNhMJFMTE3t7t+FNUunZbMp9HRZJgPU
LmmAWCoQ/iA03jWNytdgASUNjcvqag2B7kl4oYrS+cZPqCltHwgby1iS2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN/XjJcpufr1GO3ljiRlsX5nl20WMB8GA1UdIwQY
MBaAFMmK2vsfMfmImqRzV5K249tGkxu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYt
M2IxMDNkNWE2OTBhLzEvMzllTWx5bTUtdlVZN2VXT0pHV3hmbWVYYlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYtM2IxMDNkNWE2OTBh
LzEveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBjYpIMAwD
BACNiksDBASNikAwDQYJKoZIhvcNAQELBQADggEBAEpYq77E84TlEeXLUYpX4nGi
+PU9UKA+aY2JJZKbbuCDfu9Xj5yed69yg1x1iF5xjdFURbrK5VRR4A0TkfKhgGNF
BY7NiC5SohEL+ujkgL/4lOaZi96PJecByVCbMIj5MxZi+vOPJCmMFGh6ecc+DR75
IGv8m5xib8mIHDLYqOQZZ2ydGdsF6zptfe1xJH5EB9Moy2kPXBlJ5/0t2Tx3wMU8
in2DGD2QqPbeAiS1OXU9nnDyYwfe0psh8ielaHeel88PI/U7MV8QaWN0G/oVwybx
Sm8krTQvYcLURUqMaaoO/mhnrXCY6Ug+TwHEyS4qKrWt3R9DR3dihPoAdq3r/sg=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:26:58 2025 by rpki-client