Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ib0cINGpwWH40Fhrrvzt25ykero.roa
File: ib0cINGpwWH40Fhrrvzt25ykero.roa (raw, json)
Hash identifier: tVB+F3jFKFTl1rh9GbFi8rmJEDfGVUcunsbb1bpvn8A=
Subject key identifier: 89:BD:1C:20:D1:A9:C1:61:F8:D0:58:6B:AE:FC:ED:DB:9C:A4:7A:BA
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01976D20D6EA0591EDD7CD1F33EB287FFA08
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ib0cINGpwWH40Fhrrvzt25ykero.roa
Signing time: Sat 14 Jun 2025 06:29:18 +0000
ROA not before: Sat 14 Jun 2025 06:29:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.231.26.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
2a02:2fc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:20:d6:ea:05:91:ed:d7:cd:1f:33:eb:28:7f:fa:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 14 06:29:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89bd1c20d1a9c161f8d0586baefceddb9ca47aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:ba:27:ac:01:83:c8:13:64:79:a4:55:42:
65:a4:35:0d:38:83:4b:8b:8d:d4:b4:83:57:ac:37:
66:ac:42:c4:1b:0b:94:ab:60:c0:80:61:1a:30:da:
0d:61:4c:1b:f3:4d:c5:91:c7:52:c8:91:24:84:2a:
ab:35:76:28:8e:d3:42:9d:65:26:17:bf:45:3f:48:
ff:4a:0a:55:bc:d5:d7:5a:80:12:48:d9:05:46:a5:
45:40:75:b4:3c:21:9a:42:f9:2a:37:43:0b:cb:b9:
8e:85:0e:5e:74:df:8e:5f:e1:54:8c:c1:77:29:1a:
ca:b2:19:bf:97:d6:5e:d6:4a:0c:b9:4b:3a:df:7c:
cb:a8:ed:27:cc:fd:61:5b:d6:0d:8c:87:04:83:0d:
f6:26:f2:f4:4c:7f:58:cc:53:a4:8d:c2:f9:3e:32:
77:32:ae:d2:93:99:c6:a0:38:0e:1e:5d:39:5e:59:
48:ea:b5:36:f7:cc:57:52:d8:c5:8a:e1:8d:2c:8d:
ce:8e:87:37:90:ce:bb:a1:c4:e9:6b:e3:31:7d:25:
a7:15:b5:ab:2e:e4:a3:8a:f8:e9:b8:d3:2e:41:af:
39:ae:e7:8d:3f:09:f4:1a:2e:61:bf:f1:83:60:8e:
e4:54:37:b8:06:be:56:0f:62:4b:b7:93:de:99:e8:
64:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BD:1C:20:D1:A9:C1:61:F8:D0:58:6B:AE:FC:ED:DB:9C:A4:7A:BA
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ib0cINGpwWH40Fhrrvzt25ykero.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.26.0/24
89.106.69.0/24
89.106.71.0/24
IPv6:
2a02:2fc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
10:eb:44:64:70:8e:87:84:e9:f3:b2:76:6d:33:24:91:d0:12:
33:c1:4b:21:1f:93:a8:a9:07:9f:df:4b:fa:19:e5:21:e7:57:
71:25:23:10:0d:89:ea:c1:12:a3:5c:08:cb:76:ca:89:c9:c3:
3f:80:f1:f9:d4:92:4a:73:a1:30:a4:24:78:97:34:b9:f9:a0:
e8:af:fb:93:c0:11:31:c2:cc:de:0d:60:c7:26:12:57:59:8c:
60:1b:13:30:6f:a0:2a:c1:22:6f:b0:99:e9:02:bb:93:0f:17:
12:9c:06:f9:e1:45:25:eb:7e:94:74:14:ca:53:39:80:a1:9e:
c7:84:34:24:d5:72:33:83:ff:5c:34:5d:5c:d6:92:b0:83:e8:
b5:e1:05:a2:d6:b6:03:7a:5a:57:25:94:35:d6:43:00:1a:b2:
7e:89:cc:92:ca:5a:3f:67:57:07:03:7c:e6:6b:8c:b0:aa:e5:
55:a9:76:f2:29:7d:30:04:00:66:62:bb:57:4c:b3:bb:b9:39:
7b:44:16:57:60:2b:72:e1:5d:4a:63:38:62:e4:74:d7:34:4d:
20:cb:97:eb:fb:39:e9:7e:ed:39:57:6a:da:97:12:0f:d6:e6:
7e:39:06:59:0f:d6:96:74:9b:fb:f4:37:c7:fa:99:dd:80:36:
45:c2:3a:84
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZdtINbqBZHt180fM+sof/oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjE0MDYyOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJkMWMyMGQxYTljMTYxZjhkMDU4NmJhZWZjZWRkYjljYTQ3YWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8u6J6wBg8gTZHmkVUJlpDUNOINL
i43UtINXrDdmrELEGwuUq2DAgGEaMNoNYUwb803FkcdSyJEkhCqrNXYojtNCnWUm
F79FP0j/SgpVvNXXWoASSNkFRqVFQHW0PCGaQvkqN0MLy7mOhQ5edN+OX+FUjMF3
KRrKshm/l9Ze1koMuUs633zLqO0nzP1hW9YNjIcEgw32JvL0TH9YzFOkjcL5PjJ3
Mq7Sk5nGoDgOHl05XllI6rU298xXUtjFiuGNLI3Ojoc3kM67ocTpa+MxfSWnFbWr
LuSjivjpuNMuQa85rueNPwn0Gi5hv/GDYI7kVDe4Br5WD2JLt5PemehkfQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIm9HCDRqcFh+NBYa6787ducpHq6MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaWIwY0lOR3B3V0g0MEZocnJ2enQyNXlrZXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQABecaAwQA
WWpFAwQAWWpHMA8EAgACMAkDBwAqAi/AABEwDQYJKoZIhvcNAQELBQADggEBABDr
RGRwjoeE6fOydm0zJJHQEjPBSyEfk6ipB5/fS/oZ5SHnV3ElIxANierBEqNcCMt2
yonJwz+A8fnUkkpzoTCkJHiXNLn5oOiv+5PAETHCzN4NYMcmEldZjGAbEzBvoCrB
Im+wmekCu5MPFxKcBvnhRSXrfpR0FMpTOYChnseENCTVcjOD/1w0XVzWkrCD6LXh
BaLWtgN6WlcllDXWQwAasn6JzJLKWj9nVwcDfOZrjLCq5VWpdvIpfTAEAGZiu1dM
s7u5OXtEFldgK3LhXUpjOGLkdNc0TSDLl+v7Oel+7TlXatqXEg/W5n45BlkP1pZ0
m/v0N8f6md2ANkXCOoQ=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:39:57 2025 by rpki-client