Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pNmjC6XTszzViIEMDkdqW8CCkLw.roa
File: pNmjC6XTszzViIEMDkdqW8CCkLw.roa (raw, json)
Hash identifier: b7435riprNfwD+nSNj2Ksqyg2OgvtQI6o87c6KREU4c=
Subject key identifier: A4:D9:A3:0B:A5:D3:B3:3C:D5:88:81:0C:0E:47:6A:5B:C0:82:90:BC
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019765598FE8C6D78E3F5F4F44ACD72C63CC
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pNmjC6XTszzViIEMDkdqW8CCkLw.roa
Signing time: Thu 12 Jun 2025 18:14:17 +0000
ROA not before: Thu 12 Jun 2025 18:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 66.56.83.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
124.198.134.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:59:8f:e8:c6:d7:8e:3f:5f:4f:44:ac:d7:2c:63:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 12 18:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4d9a30ba5d3b33cd588810c0e476a5bc08290bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:04:42:85:ae:73:bc:3e:72:89:ee:3e:02:5d:
fc:64:e1:3f:e3:98:9e:94:30:f8:b4:28:0f:7e:ad:
16:68:9f:42:12:3a:b1:7b:58:38:c0:60:c7:83:aa:
51:ff:d9:5e:88:a3:6f:8c:90:f0:00:ef:0c:3c:60:
db:41:fc:65:3f:1a:84:82:63:c4:6f:bb:2b:57:03:
9f:7b:c9:1f:27:85:b9:6a:a4:78:43:a4:5a:fa:04:
94:d3:db:d6:64:98:d0:63:e0:54:af:18:f4:05:3a:
63:ee:2f:fa:37:d0:38:db:b1:a3:0c:d2:71:e1:8f:
b7:6f:9e:8e:f4:e1:b9:43:a8:dd:cd:31:a4:c9:69:
48:9e:f3:8e:51:b7:41:ab:ae:d4:f0:60:73:36:ce:
2d:10:b7:eb:73:33:0f:23:3a:ca:13:a2:d8:f3:f2:
35:1c:9d:06:50:1a:da:bd:a7:c5:12:3d:80:f0:6c:
3c:0e:e0:f7:86:93:7a:46:27:a4:97:0f:ef:49:90:
4d:87:2a:1d:74:2f:3f:fe:61:b8:80:3c:a9:a0:5d:
46:6b:ca:91:40:78:29:f7:4f:e3:c6:99:8d:ab:14:
95:7d:c6:5e:6f:48:d5:76:46:7d:12:4f:c8:ac:6a:
6f:7f:4b:8b:d9:b0:16:17:81:62:0b:57:f8:4f:b4:
16:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D9:A3:0B:A5:D3:B3:3C:D5:88:81:0C:0E:47:6A:5B:C0:82:90:BC
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pNmjC6XTszzViIEMDkdqW8CCkLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.56.83.0/24
103.138.78.0/24
124.198.134.0/24
155.2.193.0/24
155.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:cd:17:04:fa:66:3f:4b:c3:15:e9:45:1b:0d:ce:da:23:f3:
70:38:c5:06:73:0d:9c:fd:00:d5:b7:ec:9e:f3:fe:ff:46:41:
c6:bb:db:04:76:45:e4:18:6b:78:91:0d:f1:e3:d7:90:5f:27:
1d:ef:fc:76:fb:c4:60:52:e7:79:21:b7:0b:ae:01:b9:2e:8a:
e8:6e:0b:45:ee:33:8c:25:63:60:86:0b:c4:f1:80:6e:69:9e:
c7:12:2c:d1:09:d2:22:40:20:e6:35:8b:e7:e7:f6:47:f5:73:
ec:43:c1:43:ea:e6:3c:4d:ec:84:ca:63:6d:16:bf:e6:98:87:
7f:5e:42:6a:ca:a0:ac:43:8a:a8:57:37:d1:b9:e7:cd:64:82:
42:a4:53:8d:00:8e:f1:56:ee:09:86:3e:c9:28:b2:67:05:02:
7b:a8:56:34:07:aa:a2:92:20:b2:3a:3b:f9:32:4f:f5:97:35:
2d:9c:2a:c7:15:70:2f:9a:da:9f:df:d7:c8:68:d8:a6:0e:15:
42:24:1f:17:c4:db:3f:c3:cf:ff:a5:37:65:f8:58:77:b1:0c:
01:e4:e0:10:a2:ef:aa:6a:96:1d:f4:0b:5e:76:c2:04:83:b5:
d1:fe:e4:ca:19:7d:0a:a3:f9:40:3a:31:de:ec:e3:54:0c:62:
83:3f:46:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdlWY/oxteOP19PRKzXLGPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjEyMTgxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQ5YTMwYmE1ZDNiMzNjZDU4ODgxMGMwZTQ3NmE1YmMwODI5MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwRCha5zvD5yie4+Al38ZOE/45ie
lDD4tCgPfq0WaJ9CEjqxe1g4wGDHg6pR/9leiKNvjJDwAO8MPGDbQfxlPxqEgmPE
b7srVwOfe8kfJ4W5aqR4Q6Ra+gSU09vWZJjQY+BUrxj0BTpj7i/6N9A427GjDNJx
4Y+3b56O9OG5Q6jdzTGkyWlInvOOUbdBq67U8GBzNs4tELfrczMPIzrKE6LY8/I1
HJ0GUBravafFEj2A8Gw8DuD3hpN6Rieklw/vSZBNhyoddC8//mG4gDypoF1Ga8qR
QHgp90/jxpmNqxSVfcZeb0jVdkZ9Ek/IrGpvf0uL2bAWF4FiC1f4T7QWEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKTZowul07M81YiBDA5HalvAgpC8MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvcE5takM2WFRzenpWaUlFTURrZHFXOENDa0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAQjhTAwQA
Z4pOAwQAfMaGAwQAmwLBAwQAmwLcMA0GCSqGSIb3DQEBCwUAA4IBAQDmzRcE+mY/
S8MV6UUbDc7aI/NwOMUGcw2c/QDVt+ye8/7/RkHGu9sEdkXkGGt4kQ3x49eQXycd
7/x2+8RgUud5IbcLrgG5LorobgtF7jOMJWNghgvE8YBuaZ7HEizRCdIiQCDmNYvn
5/ZH9XPsQ8FD6uY8TeyEymNtFr/mmId/XkJqyqCsQ4qoVzfRuefNZIJCpFONAI7x
Vu4Jhj7JKLJnBQJ7qFY0B6qikiCyOjv5Mk/1lzUtnCrHFXAvmtqf39fIaNimDhVC
JB8XxNs/w8//pTdl+Fh3sQwB5OAQou+qapYd9AtedsIEg7XR/uTKGX0Ko/lAOjHe
7ONUDGKDP0bE
-----END CERTIFICATE-----
Generated at Tue Jul 1 03:55:07 2025 by rpki-client