Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-fD0_gyy16CbQhND5Cq9_D_TVJM.roa
File: 1-fD0_gyy16CbQhND5Cq9_D_TVJM.roa (raw, json)
Hash identifier: 1YUT/oHeu46DAHuJD9uNps9J96AG+60Vn+GnT3asOpo=
Subject key identifier: F9:F0:F4:FE:0C:B2:D7:A0:9B:42:13:43:E4:2A:BD:FC:3F:D3:54:93
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 0197A89232A522D0440009C5A96A62DD5492
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-fD0_gyy16CbQhND5Cq9_D_TVJM.roa
Signing time: Wed 25 Jun 2025 19:30:42 +0000
ROA not before: Wed 25 Jun 2025 19:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29491
IP address blocks: 91.193.164.0/22 maxlen: 22
94.45.128.0/24 maxlen: 24
94.45.130.0/23 maxlen: 23
94.45.132.0/22 maxlen: 22
94.45.137.0/24 maxlen: 24
94.45.138.0/24 maxlen: 24
94.45.140.0/23 maxlen: 23
94.45.143.0/24 maxlen: 24
94.45.145.0/24 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
195.191.214.0/23 maxlen: 23
2a03:5dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 07:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:92:32:a5:22:d0:44:00:09:c5:a9:6a:62:dd:54:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jun 25 19:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9f0f4fe0cb2d7a09b421343e42abdfc3fd35493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e6:49:25:6e:0e:29:8e:22:9f:f6:b2:b5:b1:
e7:e4:03:e5:ca:99:19:28:56:19:b9:c0:8e:9e:d0:
aa:68:52:03:3a:97:ce:cc:cd:07:4a:d4:dc:22:dc:
a8:58:f1:9d:dd:18:8a:8a:1b:e3:19:a4:4a:a9:c7:
20:d3:38:bb:06:be:26:55:f1:b1:8d:6d:66:24:be:
b2:cc:34:b4:78:1a:00:0e:0b:60:9c:ba:5d:57:9b:
b4:d0:4d:d6:6e:7e:23:ea:14:bb:36:a4:24:38:4e:
1d:d9:5b:0e:60:8d:f0:96:97:f6:b1:b2:12:f8:3b:
1b:12:0b:1e:22:8d:ad:82:fc:09:76:56:55:0a:83:
40:11:58:f5:53:ed:ba:f9:f2:16:b0:d4:40:c2:e0:
ff:93:4e:86:0a:76:00:50:f9:b5:63:bf:68:16:e2:
08:f8:95:a3:58:2a:b0:38:55:ac:e8:c7:39:0c:7c:
60:65:29:7e:bc:7e:96:92:b4:ee:dc:b5:6a:99:de:
14:42:3c:f0:94:fd:b6:5c:90:8e:be:1b:b7:4f:9d:
2f:c7:83:e9:35:d5:cd:c1:48:d6:87:7b:97:08:e7:
03:cf:4d:02:f6:3d:6e:d3:67:5a:0e:20:6d:0b:bc:
e4:cc:c9:d3:7a:5a:83:e8:59:84:d4:23:93:2c:ef:
90:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F0:F4:FE:0C:B2:D7:A0:9B:42:13:43:E4:2A:BD:FC:3F:D3:54:93
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/1-fD0_gyy16CbQhND5Cq9_D_TVJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/24
94.45.130.0-94.45.135.255
94.45.137.0-94.45.138.255
94.45.140.0/23
94.45.143.0/24
94.45.145.0/24
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
IPv6:
2a03:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:2e:74:b3:93:73:ee:15:c5:35:3a:b6:cd:14:ef:5a:1c:63:
a2:fc:e2:f7:2f:cd:4c:ca:ed:4c:45:1e:da:00:2f:26:c2:99:
c6:aa:3f:e3:b8:37:be:6a:9a:17:69:14:c8:05:d5:9a:90:3a:
d3:3c:cb:4c:1f:ba:99:9c:48:94:31:70:3c:35:a0:86:f9:d3:
55:11:d2:c4:0a:24:50:0b:0c:5a:83:7f:7b:6f:3d:17:4f:50:
e4:9b:c6:15:e0:88:60:43:6c:18:6c:b1:48:4e:41:e5:8c:09:
6c:a8:52:27:24:95:4a:68:66:c7:b3:30:f6:56:2f:97:1a:c5:
20:00:b8:b3:8f:bf:20:f7:2a:03:83:a3:67:43:37:11:8c:27:
a4:29:1f:69:b1:7f:7a:53:4f:b8:dc:dc:9c:e3:ae:b5:a9:25:
75:cb:77:93:d1:1e:62:29:24:9e:d8:82:46:2c:c7:23:35:93:
5f:ad:f0:db:c7:8a:9d:5a:7d:73:db:aa:ec:20:58:41:99:49:
78:94:eb:9d:37:61:4d:1e:9e:bd:b5:da:1e:38:bf:23:34:28:
da:26:8b:55:8d:4a:93:ce:36:4c:85:55:72:e3:e0:d8:c8:d8:
d6:17:c1:23:e9:88:ca:1d:cb:ba:1d:d5:6a:f0:91:34:5b:07:
07:38:dd:c0
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZeokjKlItBEAAnFqWpi3VSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwNjI1MTkzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWYwZjRmZTBjYjJkN2EwOWI0MjEzNDNlNDJhYmRmYzNmZDM1NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruZJJW4OKY4in/aytbHn5APlypkZ
KFYZucCOntCqaFIDOpfOzM0HStTcItyoWPGd3RiKihvjGaRKqccg0zi7Br4mVfGx
jW1mJL6yzDS0eBoADgtgnLpdV5u00E3Wbn4j6hS7NqQkOE4d2VsOYI3wlpf2sbIS
+DsbEgseIo2tgvwJdlZVCoNAEVj1U+26+fIWsNRAwuD/k06GCnYAUPm1Y79oFuII
+JWjWCqwOFWs6Mc5DHxgZSl+vH6WkrTu3LVqmd4UQjzwlP22XJCOvhu3T50vx4Pp
NdXNwUjWh3uXCOcDz00C9j1u02daDiBtC7zkzMnTelqD6FmE1COTLO+QfQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPnw9P4Mstegm0ITQ+Qqvfw/01STMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvMS1mRDBfZ3l5MTZDYlFoTkQ1Q3E5X0RfVFZKTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvMzMzYWIxLWFmOWItNDM0Yy04ZDEzLTljYTk4ZjQ5NTBj
Zi8xL0hoVHJIdTltd3ROSjhfZlh1dnBvNUotXzdKdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRlMGMwUgQCAAEwTAMEAlvBpAME
AF4tgDAMAwQBXi2CAwQDXi2AMAwDBABeLYkDBABeLYoDBAFeLYwDBABeLY8DBABe
LZEDBALCu2wDBAHDicoDBAHDv9YwDQQCAAIwBwMFAyoDXcAwDQYJKoZIhvcNAQEL
BQADggEBADkudLOTc+4VxTU6ts0U71ocY6L84vcvzUzK7UxFHtoALybCmcaqP+O4
N75qmhdpFMgF1ZqQOtM8y0wfupmcSJQxcDw1oIb501UR0sQKJFALDFqDf3tvPRdP
UOSbxhXgiGBDbBhssUhOQeWMCWyoUicklUpoZsezMPZWL5caxSAAuLOPvyD3KgOD
o2dDNxGMJ6QpH2mxf3pTT7jc3JzjrrWpJXXLd5PRHmIpJJ7YgkYsxyM1k1+t8NvH
ip1afXPbquwgWEGZSXiU6503YU0enr212h44vyM0KNomi1WNSpPONkyFVXLj4NjI
2NYXwSPpiMody7od1WrwkTRbBwc43cA=
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:07:01 2025 by rpki-client