Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/9OuhXfETInOXikMAHDgNmyTRYEU.roa
File: 9OuhXfETInOXikMAHDgNmyTRYEU.roa (raw, json)
Hash identifier: eIv/UzfTlkAylqHyvhIg1kk0aW1IEfgfDL/qT3P5S8w=
Subject key identifier: F4:EB:A1:5D:F1:13:22:73:97:8A:43:00:1C:38:0D:9B:24:D1:60:45
Certificate issuer: /CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Certificate serial: 0196FDE08C0DF011051E1B3F61867C15C4E5
Authority key identifier: 5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/9OuhXfETInOXikMAHDgNmyTRYEU.roa
Signing time: Fri 23 May 2025 16:01:13 +0000
ROA not before: Fri 23 May 2025 16:01:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6789
IP address blocks: 185.166.72.0/22 maxlen: 24
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
194.247.33.0/24 maxlen: 24
2001:678:107c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:e0:8c:0d:f0:11:05:1e:1b:3f:61:86:7c:15:c4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dcc2f7d790a8300a7dd3519e0fb887fa4de0260
Validity
Not Before: May 23 16:01:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4eba15df1132273978a43001c380d9b24d16045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:82:cb:63:a0:3f:7a:3f:ef:29:b0:98:62:
e6:8b:af:8b:d1:e5:1f:99:12:2b:dd:0e:7e:97:09:
b6:b5:fe:ba:d8:1b:7b:8f:7b:06:ec:d0:f5:67:c6:
f8:33:33:dc:36:66:f2:26:31:78:48:34:4d:83:e4:
7d:83:f8:0d:bf:56:4e:f6:bf:f3:6d:a5:ea:e5:5f:
68:cb:c0:c1:f6:0f:30:25:1d:60:5a:c5:0a:de:82:
b7:1b:43:40:cf:ad:24:06:96:e0:37:90:90:f9:34:
67:86:5f:09:ea:46:df:6a:5e:95:9c:1e:7d:ef:e1:
fc:2a:8a:6d:f4:50:4a:26:42:d6:87:85:fc:74:dd:
81:7f:88:61:84:76:b6:c2:d9:14:1f:8b:97:b4:cc:
b4:2f:e9:86:36:7f:6e:f7:4e:ca:3e:4a:9a:1b:e4:
8f:e5:17:a8:bf:0d:b6:71:8a:35:39:86:5c:77:02:
43:5d:66:06:13:bb:c5:c8:ef:ab:6d:32:dd:1e:38:
1d:41:35:c9:88:74:02:37:78:26:66:96:66:d1:47:
ce:36:62:48:98:e7:56:8e:46:39:4f:87:cc:34:16:
5c:f1:2e:45:13:1b:b6:f1:2a:5a:11:f9:08:ad:a9:
d1:f2:2c:66:5a:2a:fe:fc:cb:f0:cd:96:e0:25:5e:
51:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EB:A1:5D:F1:13:22:73:97:8A:43:00:1C:38:0D:9B:24:D1:60:45
X509v3 Authority Key Identifier:
keyid:5D:CC:2F:7D:79:0A:83:00:A7:DD:35:19:E0:FB:88:7F:A4:DE:02:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/9OuhXfETInOXikMAHDgNmyTRYEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd4798-b7b7-4b66-948a-bf71449d97dd/1/XcwvfXkKgwCn3TUZ4PuIf6TeAmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.72.0/22
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
194.247.33.0/24
IPv6:
2001:678:107c::/48
Signature Algorithm: sha256WithRSAEncryption
73:18:d8:7f:d5:a0:d1:91:ac:66:18:44:ef:2c:bb:32:01:d7:
0a:54:99:36:47:6e:d7:51:44:81:ed:07:fb:b3:1d:11:83:07:
98:e5:64:9a:ab:b5:aa:67:a3:a2:51:ba:3e:13:8b:d8:7f:5a:
f3:88:55:9b:0d:f6:ec:2c:8f:50:f5:02:91:12:9b:c7:3b:a8:
76:4b:7c:a5:32:33:44:5e:28:89:f3:4f:8b:42:cb:35:7d:bc:
d6:06:71:0c:93:92:42:ed:1e:e0:2d:b4:68:f2:50:a9:8c:63:
41:e5:a1:28:2a:a0:c2:df:22:8d:90:05:d5:18:65:1f:5a:bf:
ff:0f:be:33:9b:37:08:08:22:cc:b9:17:54:08:34:49:6a:b1:
9c:01:b4:67:63:ef:be:9f:1a:7f:04:05:a9:15:b7:26:59:81:
39:2f:ba:35:0d:09:87:ab:a8:80:90:95:bd:b1:26:e2:ab:ee:
ab:4a:d4:84:65:2d:4d:1c:47:56:dc:62:d4:d2:96:8e:cf:ae:
87:02:60:56:ed:2c:07:d1:2d:29:64:4a:5a:da:44:73:35:b0:
be:66:fe:27:a5:c1:ce:69:54:ee:57:00:d8:34:5e:70:db:62:
f2:56:b4:6f:40:85:e9:61:4c:9b:c2:af:83:78:fa:30:e7:aa:
d0:6e:6d:76
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZb94IwN8BEFHhs/YYZ8FcTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkY2MyZjdkNzkwYTgzMDBhN2RkMzUxOWUwZmI4ODdmYTRk
ZTAyNjAwHhcNMjUwNTIzMTYwMTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGViYTE1ZGYxMTMyMjczOTc4YTQzMDAxYzM4MGQ5YjI0ZDE2MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7WCy2OgP3o/7ymwmGLmi6+L0eUf
mRIr3Q5+lwm2tf662Bt7j3sG7ND1Z8b4MzPcNmbyJjF4SDRNg+R9g/gNv1ZO9r/z
baXq5V9oy8DB9g8wJR1gWsUK3oK3G0NAz60kBpbgN5CQ+TRnhl8J6kbfal6VnB59
7+H8Kopt9FBKJkLWh4X8dN2Bf4hhhHa2wtkUH4uXtMy0L+mGNn9u907KPkqaG+SP
5Reovw22cYo1OYZcdwJDXWYGE7vFyO+rbTLdHjgdQTXJiHQCN3gmZpZm0UfONmJI
mOdWjkY5T4fMNBZc8S5FExu28SpaEfkIranR8ixmWir+/MvwzZbgJV5RNwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPTroV3xEyJzl4pDABw4DZsk0WBFMB8GA1UdIwQY
MBaAFF3ML315CoMAp901GeD7iH+k3gJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEt
YmY3MTQ0OWQ5N2RkLzEvOU91aFhmRVRJbk9YaWtNQUhEZ05teVRSWUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDQ3OTgtYjdiNy00YjY2LTk0OGEtYmY3MTQ0OWQ5N2Rk
LzEvWGN3dmZYa0tnd0NuM1RVWjRQdUlmNlRlQW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCuaZIAwQA
wSWGAwQAwSWbAwQAwSXgAwQAwSXlAwQAwvchMA8EAgACMAkDBwAgAQZ4EHwwDQYJ
KoZIhvcNAQELBQADggEBAHMY2H/VoNGRrGYYRO8suzIB1wpUmTZHbtdRRIHtB/uz
HRGDB5jlZJqrtapno6JRuj4Ti9h/WvOIVZsN9uwsj1D1ApESm8c7qHZLfKUyM0Re
KInzT4tCyzV9vNYGcQyTkkLtHuAttGjyUKmMY0HloSgqoMLfIo2QBdUYZR9av/8P
vjObNwgIIsy5F1QINElqsZwBtGdj776fGn8EBakVtyZZgTkvujUNCYerqICQlb2x
JuKr7qtK1IRlLU0cR1bcYtTSlo7ProcCYFbtLAfRLSlkSlraRHM1sL5m/ielwc5p
VO5XANg0XnDbYvJWtG9AhelhTJvCr4N4+jDnqtBubXY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:58:54 2025 by rpki-client