Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eFTsJELYSSCty2cDMKuUwC8Ddhg.roa
File: eFTsJELYSSCty2cDMKuUwC8Ddhg.roa (raw, json)
Hash identifier: Hgu1qUCunj6wdV3e1vB8ovWsEALceAfy4OC74ncmOcg=
Subject key identifier: 78:54:EC:24:42:D8:49:20:AD:CB:67:03:30:AB:94:C0:2F:03:76:18
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0196AADF1C2C755AC8ED8886FB1BBD666102
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eFTsJELYSSCty2cDMKuUwC8Ddhg.roa
Signing time: Wed 07 May 2025 13:11:10 +0000
ROA not before: Wed 07 May 2025 13:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.225.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:df:1c:2c:75:5a:c8:ed:88:86:fb:1b:bd:66:61:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 7 13:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7854ec2442d84920adcb670330ab94c02f037618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3f:4e:d1:b6:b5:ef:a2:03:de:d0:36:01:be:
3a:4f:1f:87:5b:72:5a:4f:64:33:14:97:00:c1:97:
bb:06:8e:ad:12:8c:cf:e7:ae:17:5d:0c:d5:f4:6a:
8f:bd:c9:cf:3d:82:8e:d9:66:bf:f2:ae:30:5e:4e:
7d:fa:96:63:e0:98:58:1f:08:0d:5e:0f:48:00:f3:
95:82:58:c9:22:fd:7c:75:5f:63:9a:27:d4:9e:4d:
9c:fe:8d:30:58:56:33:5a:c2:d9:d4:7b:d6:b2:7a:
ee:95:d6:3d:2e:07:1e:0a:90:bc:aa:08:f4:3f:39:
43:7a:98:0c:1e:3a:96:be:89:c0:33:b3:4a:bd:8a:
f2:12:eb:c9:a2:58:5a:ee:37:dd:88:fa:d8:df:30:
0f:cd:6d:81:8b:a6:5b:cc:46:4e:0b:88:d5:c5:e0:
12:78:fa:73:de:4d:77:4c:79:06:3d:41:c6:53:3c:
cd:0b:00:3b:8e:e3:2e:91:44:79:f8:19:e3:7f:63:
cb:12:2f:8d:2d:03:ac:46:0b:f1:e9:68:a0:3f:3a:
7d:18:66:81:3f:54:f8:d1:b3:50:d3:3d:20:c2:4a:
4f:87:e5:17:4e:c0:c8:24:e5:74:3e:eb:ed:df:5c:
29:f2:f7:82:ca:ec:49:cc:56:3d:bb:e2:60:5f:06:
14:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:54:EC:24:42:D8:49:20:AD:CB:67:03:30:AB:94:C0:2F:03:76:18
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eFTsJELYSSCty2cDMKuUwC8Ddhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0-159.148.226.255
Signature Algorithm: sha256WithRSAEncryption
69:69:b7:da:fe:c2:57:16:a1:ae:bc:85:73:f5:19:7f:39:22:
af:1e:f2:88:51:14:20:3c:49:e2:df:2c:39:81:7e:36:82:db:
d2:fb:20:b3:43:7c:c4:6a:71:6f:11:b0:7d:b7:8f:1d:5d:af:
b4:df:f2:fd:20:f4:07:23:3d:92:c9:e8:2d:3c:c9:ab:45:47:
7f:fb:1e:6c:42:60:d9:7a:75:92:7b:5d:6c:90:1b:0b:78:f5:
58:87:86:a2:d3:93:b8:aa:05:0d:36:6a:21:36:ca:0b:37:55:
b5:68:93:c3:f7:b5:cd:62:a8:9d:33:c1:46:d7:e0:8d:47:8c:
5c:08:95:dc:4f:a0:99:39:d6:ba:69:1f:14:a4:0d:66:c4:6d:
61:f5:80:6c:7d:9f:30:3c:12:85:e9:5b:9c:75:d3:50:4b:1c:
fa:e0:a2:2e:4a:fa:b6:b0:40:90:8c:ce:df:0a:4e:28:fa:01:
b9:a4:29:c9:c8:6a:a9:2a:f1:14:ce:f8:8e:39:bd:f9:9f:e3:
4f:54:bc:0e:ee:47:fc:3c:f6:53:44:59:7a:23:bf:5a:9e:3f:
bf:23:c5:ac:85:11:58:9b:a4:69:a5:9a:95:be:50:31:53:a4:
4b:b3:db:3e:12:b7:a1:92:fa:59:c8:27:46:dc:0f:12:54:09:
5f:ee:87:d3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZaq3xwsdVrI7YiG+xu9ZmECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTA3MTMxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU0ZWMyNDQyZDg0OTIwYWRjYjY3MDMzMGFiOTRjMDJmMDM3NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T9O0ba176ID3tA2Ab46Tx+HW3Ja
T2QzFJcAwZe7Bo6tEozP564XXQzV9GqPvcnPPYKO2Wa/8q4wXk59+pZj4JhYHwgN
Xg9IAPOVgljJIv18dV9jmifUnk2c/o0wWFYzWsLZ1HvWsnruldY9LgceCpC8qgj0
PzlDepgMHjqWvonAM7NKvYryEuvJolha7jfdiPrY3zAPzW2Bi6ZbzEZOC4jVxeAS
ePpz3k13THkGPUHGUzzNCwA7juMukUR5+Bnjf2PLEi+NLQOsRgvx6WigPzp9GGaB
P1T40bNQ0z0gwkpPh+UXTsDIJOV0Puvt31wp8veCyuxJzFY9u+JgXwYUWQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHhU7CRC2EkgrctnAzCrlMAvA3YYMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZUZUc0pFTFlTU0N0eTJjRE1LdVV3QzhEZGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4MAwDBAWflOADBACflOIwDQYJKoZIhvcNAQELBQADggEB
AGlpt9r+wlcWoa68hXP1GX85Iq8e8ohRFCA8SeLfLDmBfjaC29L7ILNDfMRqcW8R
sH23jx1dr7Tf8v0g9AcjPZLJ6C08yatFR3/7HmxCYNl6dZJ7XWyQGwt49ViHhqLT
k7iqBQ02aiE2ygs3VbVok8P3tc1iqJ0zwUbX4I1HjFwIldxPoJk51rppHxSkDWbE
bWH1gGx9nzA8EoXpW5x101BLHPrgoi5K+rawQJCMzt8KTij6AbmkKcnIaqkq8RTO
+I45vfmf409UvA7uR/w89lNEWXojv1qeP78jxayFEVibpGmlmpW+UDFTpEuz2z4S
t6GS+lnIJ0bcDxJUCV/uh9M=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:17:51 2025 by rpki-client