Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KE39tAtd2wnETGgqMteTZlDF5wM.roa
File: KE39tAtd2wnETGgqMteTZlDF5wM.roa (raw, json)
Hash identifier: aPhWQDnNzOJzP85YxcV/ggzou8g5O5047r1uiCI42ng=
Subject key identifier: 28:4D:FD:B4:0B:5D:DB:09:C4:4C:68:2A:32:D7:93:66:50:C5:E7:03
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01969A712D873D8FA9C21A3B364D598FE4E4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KE39tAtd2wnETGgqMteTZlDF5wM.roa
Signing time: Sun 04 May 2025 08:37:10 +0000
ROA not before: Sun 04 May 2025 08:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 194.58.36.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9a:71:2d:87:3d:8f:a9:c2:1a:3b:36:4d:59:8f:e4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 4 08:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=284dfdb40b5ddb09c44c682a32d7936650c5e703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:fa:58:5e:a8:3d:2d:cd:32:14:26:ae:fc:
96:81:02:96:f7:3c:8a:51:3a:37:35:c7:ca:28:d1:
10:3f:4b:85:d7:10:7f:44:56:94:da:4b:73:4c:02:
3b:22:c4:c8:1e:cc:59:c5:87:04:97:71:f2:12:c0:
11:da:52:b2:67:0a:77:5f:86:b8:6b:51:12:57:b4:
6b:53:6d:12:c2:c1:2f:6d:16:22:98:16:11:33:a1:
62:fd:8c:e0:39:a2:77:21:53:5b:47:5a:10:ca:9d:
0e:9d:f0:2f:df:d0:07:4b:1f:4c:ac:9d:22:31:d0:
06:f0:4a:b9:9b:64:09:34:39:21:6b:aa:4a:25:8e:
38:c5:24:c7:65:9f:82:9d:c1:16:29:92:ca:9c:25:
15:e8:4a:68:92:da:c1:ed:ba:76:c7:e7:30:a4:d7:
7b:a9:aa:41:ef:ca:e1:18:4f:46:b7:fa:e9:9b:a3:
85:56:ae:c9:23:5f:e1:ac:53:71:15:f0:1f:e7:96:
74:a5:ab:aa:0c:f7:3f:8b:87:ce:7b:70:85:3b:f3:
ec:63:3f:88:67:e9:bf:b6:85:72:77:da:ce:c6:65:
c9:1f:3f:3c:7f:ea:d5:8f:cb:33:dd:ef:cd:f3:88:
72:7a:01:17:9e:02:8e:85:12:7f:4d:1b:8b:3e:11:
e8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4D:FD:B4:0B:5D:DB:09:C4:4C:68:2A:32:D7:93:66:50:C5:E7:03
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/KE39tAtd2wnETGgqMteTZlDF5wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.36.0/24
194.58.223.0/24
194.87.52.0/24
194.87.125.0/24
195.133.9.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
57:8f:4a:02:83:ed:eb:d3:d4:ec:6c:da:b8:68:8a:b8:1b:05:
dd:b7:14:8f:57:b9:e1:5f:e2:26:69:4a:51:3e:c3:84:4c:cd:
fd:ad:93:e6:58:2e:17:40:98:42:a1:a2:51:c5:9a:d8:22:5d:
0c:68:a0:fb:f5:59:5b:2f:0a:bc:b0:ad:27:17:72:70:a8:de:
9a:5f:98:f0:10:09:28:25:0e:2e:6c:a1:25:e8:e2:24:09:8f:
d1:fa:64:59:02:24:75:72:24:2e:f8:48:aa:2b:eb:0a:3f:ad:
a5:95:c2:de:82:74:02:11:b4:81:3e:3d:0d:89:04:58:fe:86:
d0:f7:26:24:71:ba:d4:03:75:aa:f6:19:22:3d:c5:57:c9:67:
f5:88:33:78:ee:3a:69:7e:e1:0e:da:f1:f2:32:dc:47:9f:5c:
b5:f6:24:de:06:3a:86:1c:3e:e5:85:ce:2e:69:06:e6:f2:71:
67:64:ae:0e:8c:48:8f:81:b7:93:9c:45:9c:7e:71:a9:5e:d2:
ee:70:46:28:6e:1e:86:ed:0e:a3:c5:b7:34:5e:ec:47:ac:09:
21:d9:e8:4a:d7:fd:16:0c:b0:38:20:7c:74:6e:ba:b9:f4:0f:
28:31:6d:58:ec:0d:8a:87:64:43:b8:11:1c:a5:71:b5:ce:ea:
a3:79:0e:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaacS2HPY+pwho7Nk1Zj+TkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTA0MDgzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRkZmRiNDBiNWRkYjA5YzQ0YzY4MmEzMmQ3OTM2NjUwYzVlNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6v6WF6oPS3NMhQmrvyWgQKW9zyK
UTo3NcfKKNEQP0uF1xB/RFaU2ktzTAI7IsTIHsxZxYcEl3HyEsAR2lKyZwp3X4a4
a1ESV7RrU20SwsEvbRYimBYRM6Fi/YzgOaJ3IVNbR1oQyp0OnfAv39AHSx9MrJ0i
MdAG8Eq5m2QJNDkha6pKJY44xSTHZZ+CncEWKZLKnCUV6EpoktrB7bp2x+cwpNd7
qapB78rhGE9Gt/rpm6OFVq7JI1/hrFNxFfAf55Z0pauqDPc/i4fOe3CFO/PsYz+I
Z+m/toVyd9rOxmXJHz88f+rVj8sz3e/N84hyegEXngKOhRJ/TRuLPhHoFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFChN/bQLXdsJxExoKjLXk2ZQxecDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvS0UzOXRBdGQyd25FVEdncU10ZVRabERGNXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwjokAwQA
wjrfAwQAwlc0AwQAwld9AwQAw4UJAwQA1MEJMA0GCSqGSIb3DQEBCwUAA4IBAQBX
j0oCg+3r09TsbNq4aIq4GwXdtxSPV7nhX+ImaUpRPsOETM39rZPmWC4XQJhCoaJR
xZrYIl0MaKD79VlbLwq8sK0nF3JwqN6aX5jwEAkoJQ4ubKEl6OIkCY/R+mRZAiR1
ciQu+EiqK+sKP62llcLegnQCEbSBPj0NiQRY/obQ9yYkcbrUA3Wq9hkiPcVXyWf1
iDN47jppfuEO2vHyMtxHn1y19iTeBjqGHD7lhc4uaQbm8nFnZK4OjEiPgbeTnEWc
fnGpXtLucEYobh6G7Q6jxbc0XuxHrAkh2ehK1/0WDLA4IHx0brq59A8oMW1Y7A2K
h2RDuBEcpXG1zuqjeQ53
-----END CERTIFICATE-----
Generated at Sat May 10 05:01:38 2025 by rpki-client