Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/1-tKbN_ZmYZYPg8sHqensWcGTVVs.roa
File: 1-tKbN_ZmYZYPg8sHqensWcGTVVs.roa (raw, json)
Hash identifier: v2ZLz9fyZwTDL0Z+q25hZRbM8e9XXUUL53LO8fbkuEw=
Subject key identifier: FA:D2:9B:37:F6:66:61:96:0F:83:CB:07:A9:E9:EC:59:C1:93:55:5B
Certificate issuer: /CN=20ccf6dfa709573a821b63c4cb695605fd26680b
Certificate serial: 0196AEDA17201460181B1B60E9AC7C87AFED
Authority key identifier: 20:CC:F6:DF:A7:09:57:3A:82:1B:63:C4:CB:69:56:05:FD:26:68:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMz236cJVzqCG2PEy2lWBf0maAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/1-tKbN_ZmYZYPg8sHqensWcGTVVs.roa
Signing time: Thu 08 May 2025 07:44:10 +0000
ROA not before: Thu 08 May 2025 07:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58282
IP address blocks: 185.128.228.0/22 maxlen: 22
185.153.152.0/22 maxlen: 22
185.153.152.0/23 maxlen: 23
185.153.154.0/23 maxlen: 23
188.64.152.0/21 maxlen: 21
188.64.152.0/22 maxlen: 22
188.64.156.0/22 maxlen: 22
194.182.109.0/24 maxlen: 24
194.182.156.0/23 maxlen: 23
194.182.156.0/24 maxlen: 24
194.182.157.0/24 maxlen: 24
194.182.159.0/24 maxlen: 24
2a03:1500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/IMz236cJVzqCG2PEy2lWBf0maAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/IMz236cJVzqCG2PEy2lWBf0maAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMz236cJVzqCG2PEy2lWBf0maAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:da:17:20:14:60:18:1b:1b:60:e9:ac:7c:87:af:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ccf6dfa709573a821b63c4cb695605fd26680b
Validity
Not Before: May 8 07:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fad29b37f66661960f83cb07a9e9ec59c193555b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:b3:78:bb:fb:ef:58:b5:34:fd:0b:9a:5b:
b0:ab:e9:d1:e6:60:1d:fa:6a:32:c3:bd:0d:97:15:
e2:2d:3a:1c:30:c9:68:ef:08:ca:f2:55:cb:92:d2:
27:8b:ff:b3:c6:09:f7:46:37:ba:36:ba:da:9b:00:
ab:20:c5:e4:5c:99:14:a3:e5:fa:ab:02:aa:d6:fc:
fe:70:ae:ec:bf:44:17:ed:af:72:98:c3:ac:ef:c4:
c6:06:b3:0a:c3:da:af:90:1b:68:72:c5:46:2c:80:
19:fa:2f:88:0d:ab:de:f0:07:65:cc:51:ce:70:09:
c1:e8:f3:53:d6:d9:32:d6:4e:f8:23:71:d1:99:c0:
72:6f:ca:e4:22:94:03:f3:e8:61:4a:cc:19:6e:94:
55:83:61:49:67:94:18:99:86:8f:6a:d9:90:b2:8f:
2b:4a:fc:06:3c:dc:14:cd:27:1d:27:f2:a5:2c:2a:
7c:5b:df:c6:7c:eb:20:5f:67:8a:eb:40:54:a4:e0:
55:0f:90:a0:d4:6b:8d:02:b6:1e:c7:c2:52:bd:87:
ce:88:66:46:1f:16:e1:ae:ab:e0:c6:ef:4d:cb:7f:
2d:69:a1:e7:b5:20:47:3f:70:36:9e:be:d5:98:ba:
90:8a:5d:59:8e:49:c3:6e:f6:3d:e2:e0:41:90:4a:
3d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D2:9B:37:F6:66:61:96:0F:83:CB:07:A9:E9:EC:59:C1:93:55:5B
X509v3 Authority Key Identifier:
keyid:20:CC:F6:DF:A7:09:57:3A:82:1B:63:C4:CB:69:56:05:FD:26:68:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMz236cJVzqCG2PEy2lWBf0maAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/1-tKbN_ZmYZYPg8sHqensWcGTVVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/19269c-9d5b-4f09-97eb-3a28f8a9c707/1/IMz236cJVzqCG2PEy2lWBf0maAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.228.0/22
185.153.152.0/22
188.64.152.0/21
194.182.109.0/24
194.182.156.0/23
194.182.159.0/24
IPv6:
2a03:1500::/32
Signature Algorithm: sha256WithRSAEncryption
4a:cd:b5:cb:84:58:20:41:7b:38:56:e3:7a:39:d0:7b:a6:17:
56:41:1a:bc:c7:a8:37:81:f5:d0:9d:cf:b6:f3:7b:0b:5b:bc:
ec:26:2e:28:bf:52:e3:db:5b:e0:10:5b:d1:80:bc:1c:d3:46:
66:49:90:31:df:a4:e4:bb:81:d9:dd:0d:a5:3a:55:85:2e:17:
4f:9f:8f:19:74:1d:ca:fc:ce:71:df:50:ed:4b:1a:99:37:2e:
be:d8:b0:e9:bd:9c:79:90:2f:84:24:eb:68:b0:33:90:be:37:
d2:b1:2e:ef:d2:a1:a7:29:b9:9d:d2:2a:83:8c:10:78:c8:01:
26:c5:83:65:13:89:09:8b:90:f5:33:71:e6:da:53:41:32:df:
25:65:1d:1c:f9:b9:df:cf:61:8d:de:74:e1:6e:b3:00:6e:22:
37:af:c2:8e:4a:62:bc:eb:39:2b:ad:53:87:03:f0:48:a7:4a:
42:59:53:8b:b6:57:70:c8:fc:f1:6e:a5:78:bf:c4:a5:55:03:
6d:ee:9a:f6:9f:51:ec:90:79:8e:e4:1e:1f:57:67:34:3f:06:
bd:df:90:3a:88:cf:f7:8c:51:13:54:c5:ac:f9:d1:cd:1c:53:
38:e9:f5:bd:56:92:14:0b:3b:d5:03:be:e3:f4:c8:a1:11:5c:
63:1b:3f:0f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZau2hcgFGAYGxtg6ax8h6/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2NmNmRmYTcwOTU3M2E4MjFiNjNjNGNiNjk1NjA1ZmQy
NjY4MGIwHhcNMjUwNTA4MDc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQyOWIzN2Y2NjY2MTk2MGY4M2NiMDdhOWU5ZWM1OWMxOTM1NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk+zeLv771i1NP0Lmluwq+nR5mAd
+moyw70NlxXiLTocMMlo7wjK8lXLktIni/+zxgn3Rje6NrramwCrIMXkXJkUo+X6
qwKq1vz+cK7sv0QX7a9ymMOs78TGBrMKw9qvkBtocsVGLIAZ+i+IDave8AdlzFHO
cAnB6PNT1tky1k74I3HRmcByb8rkIpQD8+hhSswZbpRVg2FJZ5QYmYaPatmQso8r
SvwGPNwUzScdJ/KlLCp8W9/GfOsgX2eK60BUpOBVD5Cg1GuNArYex8JSvYfOiGZG
Hxbhrqvgxu9Ny38taaHntSBHP3A2nr7VmLqQil1ZjknDbvY94uBBkEo9FQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPrSmzf2ZmGWD4PLB6np7FnBk1VbMB8GA1UdIwQY
MBaAFCDM9t+nCVc6ghtjxMtpVgX9JmgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU16MjM2Y0pWenFDRzJQRXkybFdCZjBtYUFzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOTI2OWMtOWQ1Yi00ZjA5LTk3ZWIt
M2EyOGY4YTljNzA3LzEvMS10S2JOX1ptWVpZUGc4c0hxZW5zV2NHVFZWcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvMTkyNjljLTlkNWItNGYwOS05N2ViLTNhMjhmOGE5Yzcw
Ny8xL0lNejIzNmNKVnpxQ0cyUEV5MmxXQmYwbWFBcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEArmA5AME
ArmZmAMEA7xAmAMEAMK2bQMEAcK2nAMEAMK2nzANBAIAAjAHAwUAKgMVADANBgkq
hkiG9w0BAQsFAAOCAQEASs21y4RYIEF7OFbjejnQe6YXVkEavMeoN4H10J3PtvN7
C1u87CYuKL9S49tb4BBb0YC8HNNGZkmQMd+k5LuB2d0NpTpVhS4XT5+PGXQdyvzO
cd9Q7UsamTcuvtiw6b2ceZAvhCTraLAzkL430rEu79Khpym5ndIqg4wQeMgBJsWD
ZROJCYuQ9TNx5tpTQTLfJWUdHPm5389hjd504W6zAG4iN6/CjkpivOs5K61ThwPw
SKdKQllTi7ZXcMj88W6leL/EpVUDbe6a9p9R7JB5juQeH1dnND8Gvd+QOojP94xR
E1TFrPnRzRxTOOn1vVaSFAs71QO+4/TIoRFcYxs/Dw==
-----END CERTIFICATE-----
Generated at Fri May 9 20:03:56 2025 by rpki-client