Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/dPS19nUQKZs1pC8qDJfACabYgUU.roa
File: dPS19nUQKZs1pC8qDJfACabYgUU.roa (raw, json)
Hash identifier: tV7anFpBs2RsEo4baCa1A4g7pK/gnoVzFue1nUrbvl4=
Subject key identifier: 74:F4:B5:F6:75:10:29:9B:35:A4:2F:2A:0C:97:C0:09:A6:D8:81:45
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 01967D4AB705BC23E3279FBC1259CB4E0A3D
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/dPS19nUQKZs1pC8qDJfACabYgUU.roa
Signing time: Mon 28 Apr 2025 16:46:10 +0000
ROA not before: Mon 28 Apr 2025 16:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214640
IP address blocks: 95.141.241.0/24 maxlen: 24
185.113.11.0/24 maxlen: 24
193.53.40.0/24 maxlen: 24
2a13:7c80::/32 maxlen: 32
2a13:7c81::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:4a:b7:05:bc:23:e3:27:9f:bc:12:59:cb:4e:0a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Apr 28 16:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74f4b5f67510299b35a42f2a0c97c009a6d88145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:93:b1:88:01:9c:32:aa:de:4c:74:7f:93:d8:
ef:fa:3b:25:7a:bb:2b:d7:6c:81:23:41:a6:02:11:
0b:67:58:52:0e:36:fd:27:9b:ba:ec:6d:c6:d0:99:
c6:ec:84:de:c8:19:15:ed:f0:68:21:79:5b:35:17:
c3:4a:f6:ed:df:51:38:69:a3:dc:10:9b:ca:90:81:
81:76:55:db:89:25:1d:01:54:fb:09:22:10:74:a1:
e0:7b:5a:f6:d7:4c:6b:40:e3:53:c9:75:80:cd:64:
cb:ee:f9:a4:0e:d6:81:23:8e:27:b5:6c:a7:14:7c:
9a:bb:38:da:c3:de:bc:c9:46:f9:0a:44:c9:cf:ed:
c0:25:e2:1c:3e:42:8f:4d:d2:90:ab:a2:3a:e3:31:
3a:3a:df:25:db:b7:15:80:14:11:b6:86:00:58:9e:
b9:eb:41:cb:7e:4d:a3:b8:83:75:f3:27:17:57:92:
e4:b4:ad:df:f5:2b:cf:64:94:fe:85:29:3d:ec:22:
db:80:1b:8a:a7:26:7f:89:a8:1b:c8:ee:da:ea:bc:
c2:5b:f0:17:11:bb:0f:74:1f:aa:25:ff:05:ab:ee:
f7:11:27:35:43:98:b6:09:f7:cf:ec:22:ff:7f:98:
87:8b:22:18:0d:6d:44:af:94:3f:c8:7d:ef:0c:7a:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F4:B5:F6:75:10:29:9B:35:A4:2F:2A:0C:97:C0:09:A6:D8:81:45
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/dPS19nUQKZs1pC8qDJfACabYgUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.241.0/24
185.113.11.0/24
193.53.40.0/24
IPv6:
2a13:7c80::/31
Signature Algorithm: sha256WithRSAEncryption
61:dc:61:43:0d:7a:81:dc:4d:1c:b9:43:55:3a:ec:08:95:08:
da:fd:db:7b:56:ec:3c:60:bd:a5:94:72:08:6e:fb:47:ab:8f:
e9:b3:a4:04:4a:2b:74:e8:9c:87:64:b1:82:68:1c:a3:ea:c3:
7f:a4:b7:57:5f:cd:c6:22:38:37:d0:2f:b0:80:4e:13:6f:7b:
51:ea:d7:be:d8:95:46:83:8c:c2:3c:61:c7:d4:08:67:cb:8b:
07:20:bb:dc:22:6f:76:51:8c:7a:3b:79:fe:a4:3e:29:6d:64:
1a:09:74:43:58:d7:c5:d4:56:bf:e3:60:2c:ea:e2:fe:5b:f6:
dc:ea:fb:72:2c:a4:f8:c2:e8:d0:a1:3b:d1:4a:e0:07:af:dd:
78:90:00:f7:3e:f5:a1:bb:16:67:f8:0a:dd:05:5f:8a:2f:c2:
7f:6d:76:5a:39:61:f5:8d:20:b0:b4:9e:60:08:7a:25:20:b0:
49:ff:df:2f:f0:7b:bc:8d:bf:7d:79:51:9a:28:2b:69:08:e9:
75:66:8f:73:3c:98:58:1f:8e:57:67:e7:6e:74:54:74:dd:8a:
db:38:bf:f3:92:30:6f:88:56:cb:1b:dd:cb:66:a8:4f:fe:3d:
d9:fd:bb:ce:00:91:68:ba:3b:50:ea:f2:e6:3d:9b:6e:96:d9:
e8:51:34:b0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZZ9SrcFvCPjJ5+8ElnLTgo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjUwNDI4MTY0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY0YjVmNjc1MTAyOTliMzVhNDJmMmEwYzk3YzAwOWE2ZDg4MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JOxiAGcMqreTHR/k9jv+jslersr
12yBI0GmAhELZ1hSDjb9J5u67G3G0JnG7ITeyBkV7fBoIXlbNRfDSvbt31E4aaPc
EJvKkIGBdlXbiSUdAVT7CSIQdKHge1r210xrQONTyXWAzWTL7vmkDtaBI44ntWyn
FHyauzjaw968yUb5CkTJz+3AJeIcPkKPTdKQq6I64zE6Ot8l27cVgBQRtoYAWJ65
60HLfk2juIN18ycXV5LktK3f9SvPZJT+hSk97CLbgBuKpyZ/iagbyO7a6rzCW/AX
EbsPdB+qJf8Fq+73ESc1Q5i2CffP7CL/f5iHiyIYDW1Er5Q/yH3vDHo/YQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHT0tfZ1ECmbNaQvKgyXwAmm2IFFMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvZFBTMTluVVFLWnMxcEM4cURKZkFDYWJZZ1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAX43xAwQA
uXELAwQAwTUoMA0EAgACMAcDBQEqE3yAMA0GCSqGSIb3DQEBCwUAA4IBAQBh3GFD
DXqB3E0cuUNVOuwIlQja/dt7Vuw8YL2llHIIbvtHq4/ps6QESit06JyHZLGCaByj
6sN/pLdXX83GIjg30C+wgE4Tb3tR6te+2JVGg4zCPGHH1Ahny4sHILvcIm92UYx6
O3n+pD4pbWQaCXRDWNfF1Fa/42As6uL+W/bc6vtyLKT4wujQoTvRSuAHr914kAD3
PvWhuxZn+ArdBV+KL8J/bXZaOWH1jSCwtJ5gCHolILBJ/98v8Hu8jb99eVGaKCtp
COl1Zo9zPJhYH45XZ+dudFR03YrbOL/zkjBviFbLG93LZqhP/j3Z/bvOAJFoujtQ
6vLmPZtultnoUTSw
-----END CERTIFICATE-----
Generated at Sat May 10 05:22:50 2025 by rpki-client