Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/f0SE_seuErR1N1zh_DIdZcObavs.roa
File: f0SE_seuErR1N1zh_DIdZcObavs.roa (raw, json)
Hash identifier: NRKrtkeV3J/qLZP8PO06GegaG9y/Qi4C8tzLDOm6+5A=
Subject key identifier: 7F:44:84:FE:C7:AE:12:B4:75:37:5C:E1:FC:32:1D:65:C3:9B:6A:FB
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 0196A4C7F76D6E71FC8B1B2807705889F0E3
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/f0SE_seuErR1N1zh_DIdZcObavs.roa
Signing time: Tue 06 May 2025 08:48:10 +0000
ROA not before: Tue 06 May 2025 08:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39728
IP address blocks: 91.217.4.0/23 maxlen: 23
91.217.4.0/24 maxlen: 24
91.217.5.0/24 maxlen: 24
176.113.224.0/19 maxlen: 19
178.214.160.0/19 maxlen: 19
178.216.232.0/21 maxlen: 21
185.178.245.0/24 maxlen: 24
194.31.152.0/22 maxlen: 24
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:c7:f7:6d:6e:71:fc:8b:1b:28:07:70:58:89:f0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: May 6 08:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f4484fec7ae12b475375ce1fc321d65c39b6afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:44:09:27:a5:b7:eb:7b:e6:c4:e2:ec:f6:3f:
0a:04:e6:3a:9a:0c:cf:0d:cc:ae:04:1b:2d:5c:6f:
11:e8:d4:f8:6b:5a:7a:85:63:36:39:ae:b7:3f:09:
41:9f:58:20:b0:76:31:9b:0c:62:2e:f4:2f:f4:5b:
80:92:94:8c:04:12:35:37:c4:22:05:5e:cb:ef:87:
89:1c:49:81:8f:58:0b:1e:00:8c:c3:a2:0f:bf:21:
2a:cd:04:d8:31:b7:6c:f4:fc:16:04:6f:c7:88:9b:
bc:ca:85:1e:3d:45:5b:bf:4d:64:2e:75:a4:fa:36:
ea:71:d2:22:38:17:7d:a8:85:8a:15:d0:5c:04:98:
b4:d0:d1:8f:9d:9f:ca:69:75:2f:9e:54:74:5f:2b:
7d:17:3a:83:31:65:cf:cb:17:06:89:4f:d0:c9:36:
46:4f:cb:3b:d9:12:ff:6d:53:85:ae:40:6c:d0:75:
9a:a5:eb:7e:c8:b5:7c:07:5c:fc:de:d6:87:5f:42:
3f:22:08:cf:6d:2a:82:d4:12:fa:5f:a6:bc:ba:04:
43:96:73:b9:49:41:9a:9b:93:bf:99:47:44:da:1a:
1e:f0:ae:7f:23:0b:74:62:fc:f0:42:15:31:bf:fe:
b6:cc:64:6f:a9:48:51:86:f1:c6:c8:04:f8:21:52:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:84:FE:C7:AE:12:B4:75:37:5C:E1:FC:32:1D:65:C3:9B:6A:FB
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/f0SE_seuErR1N1zh_DIdZcObavs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.178.245.0/24
194.31.152.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
56:ad:0e:db:9d:ec:1b:2a:aa:4b:ff:29:af:66:9e:6f:c4:b9:
d9:64:22:c3:8a:2e:2b:51:5d:1a:17:54:d8:90:57:41:c8:c1:
e2:a8:5e:1b:ad:9e:70:c1:37:1c:a4:0c:81:8b:3a:e1:01:80:
c9:f7:75:5f:f2:13:f6:7b:e3:1f:1e:7b:57:ec:b6:7c:9a:d7:
87:cc:db:5b:c5:9f:23:df:53:d4:dd:a6:73:58:56:df:59:4b:
bf:3a:f3:71:1b:ee:00:1d:5c:50:f9:0e:3d:f2:53:ed:dd:23:
98:21:9b:3d:50:3b:fa:df:c3:32:3c:84:e9:34:bd:d6:3d:1e:
bf:c0:04:08:e9:1c:44:8a:0e:fc:ac:f3:4e:f4:b9:ea:fa:12:
0a:7a:40:e2:36:e6:05:99:bf:25:2f:3f:e6:f2:24:32:46:af:
cc:83:aa:29:db:2b:2d:1e:13:a4:00:f9:28:77:cc:de:87:56:
69:58:a0:f8:63:28:56:be:09:30:ec:04:79:8d:a7:27:00:66:
95:32:76:62:44:be:75:1e:a2:b2:cf:9f:b7:64:3f:af:44:db:
3d:d1:2f:21:15:56:ab:f7:80:0c:09:a0:14:c4:1f:25:11:5b:
c3:29:68:82:a3:5a:aa:04:09:1a:91:5d:4f:3e:63:3c:f8:c5:
ef:16:d6:1e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZakx/dtbnH8ixsoB3BYifDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjUwNTA2MDg0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ0ODRmZWM3YWUxMmI0NzUzNzVjZTFmYzMyMWQ2NWMzOWI2YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkQJJ6W363vmxOLs9j8KBOY6mgzP
DcyuBBstXG8R6NT4a1p6hWM2Oa63PwlBn1ggsHYxmwxiLvQv9FuAkpSMBBI1N8Qi
BV7L74eJHEmBj1gLHgCMw6IPvyEqzQTYMbds9PwWBG/HiJu8yoUePUVbv01kLnWk
+jbqcdIiOBd9qIWKFdBcBJi00NGPnZ/KaXUvnlR0Xyt9FzqDMWXPyxcGiU/QyTZG
T8s72RL/bVOFrkBs0HWapet+yLV8B1z83taHX0I/IgjPbSqC1BL6X6a8ugRDlnO5
SUGam5O/mUdE2hoe8K5/Iwt0YvzwQhUxv/62zGRvqUhRhvHGyAT4IVKy5QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH9EhP7HrhK0dTdc4fwyHWXDm2r7MB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvZjBTRV9zZXVFclIxTjF6aF9ESWRaY09iYXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQAubL1AwQCwh+YMA8EAgACMAkDBwEqB2kAAAAwDQYJ
KoZIhvcNAQELBQADggEBAFatDtud7Bsqqkv/Ka9mnm/EudlkIsOKLitRXRoXVNiQ
V0HIweKoXhutnnDBNxykDIGLOuEBgMn3dV/yE/Z74x8ee1fstnya14fM21vFnyPf
U9TdpnNYVt9ZS78683Eb7gAdXFD5Dj3yU+3dI5ghmz1QO/rfwzI8hOk0vdY9Hr/A
BAjpHESKDvys8070uer6Egp6QOI25gWZvyUvP+byJDJGr8yDqinbKy0eE6QA+Sh3
zN6HVmlYoPhjKFa+CTDsBHmNpycAZpUydmJEvnUeorLPn7dkP69E2z3RLyEVVqv3
gAwJoBTEHyURW8MpaIKjWqoECRqRXU8+Yzz4xe8W1h4=
-----END CERTIFICATE-----
Generated at Tue May 13 08:10:20 2025 by rpki-client