Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CGVl3U2eJskkOtcbtzdntrnGv_I.roa
File: CGVl3U2eJskkOtcbtzdntrnGv_I.roa (raw, json)
Hash identifier: LOuNJc5juzP0G0iFVK7DxdOHqvvJ+q2BypigawtSO+0=
Subject key identifier: 08:65:65:DD:4D:9E:26:C9:24:3A:D7:1B:B7:37:67:B6:B9:C6:BF:F2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0197835E81484C5D96820E0C601614673BC0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CGVl3U2eJskkOtcbtzdntrnGv_I.roa
Signing time: Wed 18 Jun 2025 14:08:18 +0000
ROA not before: Wed 18 Jun 2025 14:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.57.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:5e:81:48:4c:5d:96:82:0e:0c:60:16:14:67:3b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 18 14:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=086565dd4d9e26c9243ad71bb73767b6b9c6bff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:85:7a:86:09:d8:68:46:b4:b8:aa:2d:82:
a4:fd:44:e0:11:45:99:c4:58:6e:0b:a6:16:42:ec:
40:6a:8d:b7:04:41:c6:6d:6f:87:d9:67:10:a8:0c:
63:e3:c9:0b:82:46:64:b1:6d:3c:14:ee:ab:61:34:
cf:44:c6:fa:0a:de:4e:6e:88:8b:43:f6:68:23:87:
55:7f:54:e8:fb:ad:3d:d4:0f:0c:99:2c:b1:f9:34:
57:08:b2:49:30:12:0a:91:81:49:a5:ef:da:04:af:
fb:df:b9:c9:58:c4:6c:bc:d3:7e:22:63:62:00:70:
dc:50:a4:da:3d:81:d3:c8:13:0c:c5:a8:e3:0e:4a:
74:e0:b8:7a:b8:67:fe:2b:2d:be:a8:e8:d4:cd:55:
d0:3c:ad:28:b4:34:01:49:ab:5c:3f:38:fa:d0:10:
71:97:e0:c7:77:49:d7:fb:a4:b4:c5:fb:4b:a3:47:
d9:c6:f2:5c:95:f7:24:cd:95:d4:9a:14:9a:56:fb:
7d:ce:c1:97:5a:50:9b:50:52:7b:00:33:5b:5b:9f:
7f:7b:6c:ea:00:0f:ce:80:d1:14:5d:52:63:bb:28:
20:74:08:6a:38:ea:ff:e5:9b:78:b6:d8:2b:cf:d5:
e5:2e:44:77:bb:06:7d:d0:48:f6:21:f2:04:69:26:
62:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:65:65:DD:4D:9E:26:C9:24:3A:D7:1B:B7:37:67:B6:B9:C6:BF:F2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CGVl3U2eJskkOtcbtzdntrnGv_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/23
185.72.10.0/24
192.124.181.0/24
192.124.183.0/24
192.124.188.0/24
192.124.190.0/24
194.87.3.0/24
194.87.24.0/24
194.87.33.0/24
194.87.36.0/24
194.87.90.0/24
194.87.165.0-194.87.166.255
194.87.229.0/24
194.87.231.0/24
195.133.35.0/24
195.133.56.0/23
195.133.60.0/23
212.192.242.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:25:31:44:eb:0c:f2:8a:fa:b8:f7:69:c4:2c:6d:e7:93:ae:
e9:b2:a8:d7:69:e6:2b:ea:82:ca:c8:7b:d2:c0:a5:9d:a0:30:
30:3b:97:44:fb:5a:7b:5e:35:da:50:75:d7:b1:40:ac:80:54:
a1:05:8f:96:86:7e:3e:b1:8e:af:38:b1:a1:27:9d:19:be:7f:
34:8c:b0:c0:af:93:2f:63:3b:bb:8f:1b:af:bc:af:54:2c:94:
ef:1b:65:e3:ee:72:8e:4e:01:d2:32:01:45:fe:d1:60:c2:be:
82:eb:36:0e:b9:02:e8:cc:60:25:29:ad:f3:25:36:92:8e:12:
82:6f:ca:6f:36:b5:de:03:11:d5:db:29:96:f7:52:43:60:d5:
24:3f:b3:4d:da:62:46:fc:0d:2d:43:9b:b9:2e:20:f3:f6:f9:
e3:1b:c3:6d:1d:99:ed:e5:49:34:10:46:12:58:9e:62:ef:96:
9c:55:a6:82:30:03:cc:5c:75:4d:78:09:89:47:f0:71:af:ad:
2b:f9:ab:8e:32:47:ae:53:9f:d1:9c:12:15:73:eb:19:fd:67:
b3:ff:5c:4e:2a:34:36:16:0c:3d:c3:04:66:44:4e:f7:c2:77:
21:e3:fc:fe:de:16:e9:51:19:1e:9b:c0:f9:a1:e2:20:e2:fc:
c1:d8:c3:93
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZeDXoFITF2Wgg4MYBYUZzvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNjE4MTQwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY1NjVkZDRkOWUyNmM5MjQzYWQ3MWJiNzM3NjdiNmI5YzZiZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsICFeoYJ2GhGtLiqLYKk/UTgEUWZ
xFhuC6YWQuxAao23BEHGbW+H2WcQqAxj48kLgkZksW08FO6rYTTPRMb6Ct5OboiL
Q/ZoI4dVf1To+6091A8MmSyx+TRXCLJJMBIKkYFJpe/aBK/737nJWMRsvNN+ImNi
AHDcUKTaPYHTyBMMxajjDkp04Lh6uGf+Ky2+qOjUzVXQPK0otDQBSatcPzj60BBx
l+DHd0nX+6S0xftLo0fZxvJclfckzZXUmhSaVvt9zsGXWlCbUFJ7ADNbW59/e2zq
AA/OgNEUXVJjuyggdAhqOOr/5Zt4ttgrz9XlLkR3uwZ90Ej2IfIEaSZiZwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAhlZd1NnibJJDrXG7c3Z7a5xr/yMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0dWbDNVMmVKc2trT3RjYnR6ZG50cm5Hdl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAT5M4gME
ALlICgMEAMB8tQMEAMB8twMEAMB8vAMEAMB8vgMEAMJXAwMEAMJXGAMEAMJXIQME
AMJXJAMEAMJXWjAMAwQAwlelAwQAwlemAwQAwlflAwQAwlfnAwQAw4UjAwQBw4U4
AwQBw4U8AwQA1MDyMA0GCSqGSIb3DQEBCwUAA4IBAQAMJTFE6wzyivq492nELG3n
k67psqjXaeYr6oLKyHvSwKWdoDAwO5dE+1p7XjXaUHXXsUCsgFShBY+Whn4+sY6v
OLGhJ50Zvn80jLDAr5MvYzu7jxuvvK9ULJTvG2Xj7nKOTgHSMgFF/tFgwr6C6zYO
uQLozGAlKa3zJTaSjhKCb8pvNrXeAxHV2ymW91JDYNUkP7NN2mJG/A0tQ5u5LiDz
9vnjG8NtHZnt5Uk0EEYSWJ5i75acVaaCMAPMXHVNeAmJR/Bxr60r+auOMkeuU5/R
nBIVc+sZ/Wez/1xOKjQ2Fgw9wwRmRE73wnch4/z+3hbpURkem8D5oeIg4vzB2MOT
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:24:12 2025 by rpki-client