Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/tZasuPD6JQA_ahjp5Ij5d_DOYcw.roa
File: tZasuPD6JQA_ahjp5Ij5d_DOYcw.roa (raw, json)
Hash identifier: m55Anp1468NYkjmZHCfthwEnWOmLpA6A1Rbb77d5auw=
Subject key identifier: B5:96:AC:B8:F0:FA:25:00:3F:6A:18:E9:E4:88:F9:77:F0:CE:61:CC
Certificate issuer: /CN=d435658b58b714196eef371bd967c0c5e2cabd66
Certificate serial: 0196E7FE660E8AED8FAD8A488E3C7A247443
Authority key identifier: D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/tZasuPD6JQA_ahjp5Ij5d_DOYcw.roa
Signing time: Mon 19 May 2025 10:02:11 +0000
ROA not before: Mon 19 May 2025 10:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25229
IP address blocks: 46.150.64.0/19 maxlen: 24
91.237.6.0/23 maxlen: 24
91.237.12.0/22 maxlen: 23
176.111.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/1DVli1i3FBlu7zcb2WfAxeLKvWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/1DVli1i3FBlu7zcb2WfAxeLKvWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:fe:66:0e:8a:ed:8f:ad:8a:48:8e:3c:7a:24:74:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d435658b58b714196eef371bd967c0c5e2cabd66
Validity
Not Before: May 19 10:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b596acb8f0fa25003f6a18e9e488f977f0ce61cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c5:0d:84:b2:a0:5b:b3:04:f5:74:01:c5:dc:
aa:34:2c:10:64:0b:12:65:5f:9b:10:b3:3d:d4:e9:
59:2b:a1:de:34:57:6c:51:1f:c9:f5:35:06:9c:2e:
8d:95:5e:8f:d1:8a:07:16:85:04:a3:9f:73:17:29:
b8:4c:5b:a3:58:b4:d2:89:6b:85:12:98:31:98:ca:
ca:bc:73:f7:72:fb:56:45:09:45:76:59:5d:55:c5:
01:09:ea:bb:82:a7:05:c8:45:fc:b5:91:a8:5b:20:
b2:8d:e6:fe:d3:da:e8:d6:df:72:e7:27:46:d8:e5:
21:07:e1:b2:51:7c:70:dd:b9:b5:ff:8e:c6:33:c7:
70:f9:94:ce:bf:3e:2e:d4:05:c7:51:17:0e:ca:77:
21:68:d3:03:d8:1d:1f:4c:13:8b:99:7a:c2:6b:2f:
b9:fa:f8:76:e3:8d:07:68:f9:db:e6:49:bc:04:6f:
ae:bb:ee:4b:cd:c5:17:f9:6d:2d:d4:b1:09:af:42:
19:39:47:0c:1b:71:47:a1:28:d5:33:1c:b0:e6:0d:
7d:cb:71:c1:95:34:ce:a9:7b:72:6e:9b:55:34:fe:
22:1a:8c:11:d4:74:a6:c2:94:34:57:c6:6b:8c:84:
3f:70:56:22:69:19:e0:5a:c5:47:9c:7c:c6:16:54:
57:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:96:AC:B8:F0:FA:25:00:3F:6A:18:E9:E4:88:F9:77:F0:CE:61:CC
X509v3 Authority Key Identifier:
keyid:D4:35:65:8B:58:B7:14:19:6E:EF:37:1B:D9:67:C0:C5:E2:CA:BD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DVli1i3FBlu7zcb2WfAxeLKvWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/tZasuPD6JQA_ahjp5Ij5d_DOYcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/91f8f9-fc3f-4bb8-8454-405b0bda2c26/1/1DVli1i3FBlu7zcb2WfAxeLKvWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.150.64.0/19
91.237.6.0/23
91.237.12.0/22
176.111.176.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:28:01:0f:23:9a:8b:1b:a4:fd:d0:aa:13:47:0b:e6:32:65:
77:c5:80:9f:e5:08:ae:ef:32:ee:80:de:5f:da:dc:21:fb:5f:
8e:a0:24:b5:27:f5:70:3f:7a:42:27:5c:f9:e0:a2:be:33:b8:
dd:41:53:b3:3c:61:6c:90:46:06:45:9d:09:b2:42:e3:42:e2:
e6:6a:b7:d7:5f:fb:33:57:32:f4:47:e7:e9:7b:8f:60:c9:71:
89:ad:8b:aa:53:f7:1c:78:0b:6f:8d:3a:83:0a:92:4d:0e:f6:
7f:51:46:67:be:e2:29:e6:f5:bc:9e:9c:5e:63:10:4f:db:36:
c6:9c:3a:1f:b1:bd:51:8c:fe:ba:73:f1:7e:f7:7b:d4:09:cd:
21:26:fa:49:c3:6e:62:11:dc:c6:16:74:6b:2b:8d:c6:94:63:
24:38:ea:c3:52:70:aa:50:25:b0:15:40:7a:91:d0:81:ef:ec:
36:d6:36:89:b2:20:d4:72:57:f9:a3:58:d5:63:f3:5e:aa:f2:
f0:d2:bd:83:1b:63:f1:d3:e3:02:d3:95:b9:c2:00:b3:d7:08:
6f:dc:c0:35:c3:08:81:3d:ae:6e:67:1b:f1:b4:a6:2c:76:b6:
f3:e6:29:b2:e8:fa:d5:b4:fe:6e:40:d0:81:e9:1d:c3:e3:7c:
38:6a:0c:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbn/mYOiu2PrYpIjjx6JHRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzU2NThiNThiNzE0MTk2ZWVmMzcxYmQ5NjdjMGM1ZTJj
YWJkNjYwHhcNMjUwNTE5MTAwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk2YWNiOGYwZmEyNTAwM2Y2YTE4ZTllNDg4Zjk3N2YwY2U2MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8UNhLKgW7ME9XQBxdyqNCwQZAsS
ZV+bELM91OlZK6HeNFdsUR/J9TUGnC6NlV6P0YoHFoUEo59zFym4TFujWLTSiWuF
EpgxmMrKvHP3cvtWRQlFdlldVcUBCeq7gqcFyEX8tZGoWyCyjeb+09ro1t9y5ydG
2OUhB+GyUXxw3bm1/47GM8dw+ZTOvz4u1AXHURcOynchaNMD2B0fTBOLmXrCay+5
+vh2440HaPnb5km8BG+uu+5LzcUX+W0t1LEJr0IZOUcMG3FHoSjVMxyw5g19y3HB
lTTOqXtybptVNP4iGowR1HSmwpQ0V8ZrjIQ/cFYiaRngWsVHnHzGFlRXxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLWWrLjw+iUAP2oY6eSI+XfwzmHMMB8GA1UdIwQY
MBaAFNQ1ZYtYtxQZbu83G9lnwMXiyr1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURWbGkxaTNGQmx1N3pjYjJXZkF4ZUxLdldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85MWY4ZjktZmMzZi00YmI4LTg0NTQt
NDA1YjBiZGEyYzI2LzEvdFphc3VQRDZKUUFfYWhqcDVJajVkX0RPWWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85MWY4ZjktZmMzZi00YmI4LTg0NTQtNDA1YjBiZGEyYzI2
LzEvMURWbGkxaTNGQmx1N3pjYjJXZkF4ZUxLdldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLpZAAwQB
W+0GAwQCW+0MAwQEsG+wMA0GCSqGSIb3DQEBCwUAA4IBAQAfKAEPI5qLG6T90KoT
RwvmMmV3xYCf5Qiu7zLugN5f2twh+1+OoCS1J/VwP3pCJ1z54KK+M7jdQVOzPGFs
kEYGRZ0JskLjQuLmarfXX/szVzL0R+fpe49gyXGJrYuqU/cceAtvjTqDCpJNDvZ/
UUZnvuIp5vW8npxeYxBP2zbGnDofsb1RjP66c/F+93vUCc0hJvpJw25iEdzGFnRr
K43GlGMkOOrDUnCqUCWwFUB6kdCB7+w21jaJsiDUclf5o1jVY/NeqvLw0r2DG2Px
0+MC05W5wgCz1whv3MA1wwiBPa5uZxvxtKYsdrbz5imy6PrVtP5uQNCB6R3D43w4
agzq
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:59:30 2025 by rpki-client