Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Bb283EmMHgO869T1EeLsRpmJeYs.roa
File: Bb283EmMHgO869T1EeLsRpmJeYs.roa (raw, json)
Hash identifier: Nwt8fGBRV8sOt4t4VlNYBdMwpGMpgaO/PFcGpK3ITpc=
Subject key identifier: 05:BD:BC:DC:49:8C:1E:03:BC:EB:D4:F5:11:E2:EC:46:99:89:79:8B
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 019744E43CC1E412B0B3F81FCF6456EE3274
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Bb283EmMHgO869T1EeLsRpmJeYs.roa
Signing time: Fri 06 Jun 2025 10:58:17 +0000
ROA not before: Fri 06 Jun 2025 10:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4601
IP address blocks: 147.189.216.0/21 maxlen: 21
147.189.216.0/24 maxlen: 24
147.189.217.0/24 maxlen: 24
147.189.218.0/24 maxlen: 24
147.189.219.0/24 maxlen: 24
147.189.220.0/24 maxlen: 24
147.189.221.0/24 maxlen: 24
147.189.222.0/24 maxlen: 24
147.189.223.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
2a0d:3dc1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:e4:3c:c1:e4:12:b0:b3:f8:1f:cf:64:56:ee:32:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jun 6 10:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05bdbcdc498c1e03bcebd4f511e2ec469989798b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:22:19:76:9c:4b:a5:5e:55:6f:c1:e2:41:e7:
b5:e4:81:11:0e:d8:88:9a:ea:fb:40:4f:f7:e3:e6:
97:55:70:dd:7c:5f:e5:92:e3:78:56:01:97:a4:d7:
d0:56:f3:45:52:bf:f9:c0:34:ea:83:e9:75:9b:ea:
91:15:a9:f1:c2:5a:4e:d4:2b:47:ac:dd:62:80:d6:
54:2b:32:e6:06:0d:54:3f:a8:8c:94:97:bb:52:2e:
b8:c7:94:4a:b6:18:3b:1b:3c:4d:f5:5f:06:7b:2a:
e5:f9:a5:cf:3f:7f:88:5e:83:de:6a:20:8a:aa:8e:
9f:8f:5d:8a:d9:cc:eb:5c:54:17:42:a8:fa:e7:43:
40:df:8e:97:f0:a2:8d:0d:38:27:fb:44:46:6b:0e:
d8:4a:80:5a:5c:e6:f0:91:47:a8:87:52:82:f4:be:
c5:a5:15:34:f6:00:89:f9:05:df:1f:9d:25:32:56:
fb:59:cd:c9:67:5a:ae:6d:cc:a8:93:d9:f6:19:c1:
34:72:6c:4e:00:18:cf:48:c4:93:23:1c:b4:55:8b:
dc:ec:55:48:20:1a:d4:64:cb:ca:4e:70:41:35:b9:
f3:0f:20:9d:bd:df:14:eb:ab:4d:1d:c5:c2:08:f2:
98:ca:04:c8:ea:8d:ee:2b:6f:28:3b:1c:b3:bf:4e:
09:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:BC:DC:49:8C:1E:03:BC:EB:D4:F5:11:E2:EC:46:99:89:79:8B
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Bb283EmMHgO869T1EeLsRpmJeYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
62:51:cd:0d:ea:60:d2:be:c6:1b:9c:62:32:6e:49:83:c9:cb:
8f:f8:03:61:54:19:b1:08:7e:c3:7e:2c:75:d5:5d:fe:27:82:
c9:89:9c:45:0f:10:88:66:cc:94:cb:8d:e6:0c:92:56:c6:a5:
58:98:41:22:b5:6e:a3:19:f4:e9:62:83:e4:f0:c7:b2:9f:26:
46:17:33:cd:d7:37:0c:56:9a:7a:ac:1b:26:79:a8:12:72:f2:
44:91:71:17:66:c1:7b:61:34:ee:36:54:ca:0d:39:42:11:18:
89:dd:10:bb:f4:ad:4b:87:f4:2a:9d:0b:c9:05:bc:c5:45:12:
f5:41:64:89:cf:31:88:58:51:b8:7a:db:14:de:4b:8f:6a:e9:
89:82:92:99:23:93:81:4e:93:4c:c1:ed:54:7b:a4:29:22:1a:
e2:ed:47:82:4c:f4:76:ef:14:e9:51:a3:78:50:a9:c4:bf:14:
a5:07:00:69:85:51:bb:f8:42:dd:ea:60:80:66:f9:8a:29:8f:
c1:63:81:74:92:d8:d0:84:46:52:90:65:05:65:7f:bf:4a:32:
c7:5a:5a:a0:5a:84:48:e5:04:e4:73:69:86:4e:07:95:a2:3e:
d2:83:d3:c3:5e:9b:55:32:36:5e:7a:69:3c:0c:49:6c:f9:30:
a7:22:9f:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZdE5DzB5BKws/gfz2RW7jJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjUwNjA2MTA1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJkYmNkYzQ5OGMxZTAzYmNlYmQ0ZjUxMWUyZWM0Njk5ODk3OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CIZdpxLpV5Vb8HiQee15IERDtiI
mur7QE/34+aXVXDdfF/lkuN4VgGXpNfQVvNFUr/5wDTqg+l1m+qRFanxwlpO1CtH
rN1igNZUKzLmBg1UP6iMlJe7Ui64x5RKthg7GzxN9V8Geyrl+aXPP3+IXoPeaiCK
qo6fj12K2czrXFQXQqj650NA346X8KKNDTgn+0RGaw7YSoBaXObwkUeoh1KC9L7F
pRU09gCJ+QXfH50lMlb7Wc3JZ1qubcyok9n2GcE0cmxOABjPSMSTIxy0VYvc7FVI
IBrUZMvKTnBBNbnzDyCdvd8U66tNHcXCCPKYygTI6o3uK28oOxyzv04JIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAW9vNxJjB4DvOvU9RHi7EaZiXmLMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvQmIyODNFbU1IZ084NjlUMUVlTHNScG1KZVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQBiUc0N6mDSvsYb
nGIybkmDycuP+ANhVBmxCH7Dfix11V3+J4LJiZxFDxCIZsyUy43mDJJWxqVYmEEi
tW6jGfTpYoPk8MeynyZGFzPN1zcMVpp6rBsmeagScvJEkXEXZsF7YTTuNlTKDTlC
ERiJ3RC79K1Lh/QqnQvJBbzFRRL1QWSJzzGIWFG4etsU3kuPaumJgpKZI5OBTpNM
we1Ue6QpIhri7UeCTPR27xTpUaN4UKnEvxSlBwBphVG7+ELd6mCAZvmKKY/BY4F0
ktjQhEZSkGUFZX+/SjLHWlqgWoRI5QTkc2mGTgeVoj7Sg9PDXptVMjZeemk8DEls
+TCnIp+e
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:39:51 2025 by rpki-client