Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reGZK0XDI6dLitMFx-wQvFPbfdc.roa
File: reGZK0XDI6dLitMFx-wQvFPbfdc.roa (raw, json)
Hash identifier: HM8KwbDTloi3QhGqEDFe62D2AuNz0p7NZ9y9YRneNpE=
Subject key identifier: AD:E1:99:2B:45:C3:23:A7:4B:8A:D3:05:C7:EC:10:BC:53:DB:7D:D7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019787A456C3BEE29E079780E10DE3DB332D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reGZK0XDI6dLitMFx-wQvFPbfdc.roa
Signing time: Thu 19 Jun 2025 10:03:03 +0000
ROA not before: Thu 19 Jun 2025 10:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:a4:56:c3:be:e2:9e:07:97:80:e1:0d:e3:db:33:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 19 10:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ade1992b45c323a74b8ad305c7ec10bc53db7dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fc:cb:a1:90:0c:93:9d:84:6e:e8:1f:da:a3:
5e:8e:8b:88:da:27:39:d9:ba:c6:05:7b:d3:01:3f:
60:99:9b:fa:ef:ea:57:02:5d:00:dc:0e:d8:a1:f9:
78:84:f8:46:b0:ff:28:d7:f7:35:d3:80:74:be:f5:
39:7f:eb:83:77:24:be:5e:c8:50:d3:a4:6b:0a:50:
fb:1b:a0:e6:6e:f2:cd:2e:40:c3:f5:c8:40:00:16:
ac:94:cd:7d:49:9e:a7:09:b9:a8:20:94:b4:24:17:
df:c1:5e:74:48:d7:68:3d:6e:e6:1e:c3:ad:de:5f:
31:c3:17:aa:02:68:dd:2c:d7:82:b4:fa:4a:37:cb:
0c:d1:0c:30:8d:b2:d9:d8:84:5b:29:22:cc:ff:ae:
bf:5f:29:b8:ed:bd:b2:5d:b4:82:5e:5d:35:13:4c:
83:7e:36:19:6f:0b:4c:19:b4:1b:d9:ef:5e:9b:61:
1d:96:90:04:95:33:60:d5:e5:60:9b:e5:c8:ec:57:
63:ea:27:31:7c:e1:85:65:31:51:d2:9c:48:1d:59:
35:f2:13:72:4a:f0:5c:d8:50:8b:09:cf:2c:90:4e:
80:f3:7e:3a:27:f5:51:dc:7d:81:c2:0a:24:30:04:
61:ad:5d:f5:eb:f0:eb:58:bc:75:e1:a6:bc:89:b3:
7d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E1:99:2B:45:C3:23:A7:4B:8A:D3:05:C7:EC:10:BC:53:DB:7D:D7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/reGZK0XDI6dLitMFx-wQvFPbfdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.143.0/24
89.213.145.0-89.213.146.255
213.130.154.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e6:ba:6f:2d:8e:9b:6f:f9:bc:a1:c1:55:d5:22:d3:e7:8e:
2a:e6:f0:ce:1d:18:37:de:33:07:80:2b:ea:a9:92:d4:88:4b:
1d:2a:46:30:7d:91:37:8b:94:6c:14:0b:d0:b1:02:07:76:ab:
10:14:ea:b6:63:f5:a6:2a:d7:9d:02:bf:61:80:ac:b4:48:68:
00:d0:73:95:23:68:11:1b:5b:74:01:e5:9e:73:83:66:08:18:
c5:6b:1a:83:b4:83:b8:c8:4a:2b:25:7d:29:a3:6b:bb:62:04:
9c:95:a8:76:12:47:27:69:9a:9a:99:89:13:44:0c:74:6a:a9:
04:78:c8:c9:93:a1:c1:5e:7b:fd:d5:9a:bc:1d:6b:f5:46:8e:
83:c1:8b:ba:2d:17:85:1e:8c:d0:1b:a7:26:b5:66:f9:37:13:
27:8e:28:c6:78:01:30:7a:6a:49:04:a8:d0:d6:ef:de:48:29:
d8:c0:cd:79:85:9b:b0:21:d7:c9:d8:df:79:34:82:d1:3f:03:
56:3d:2f:c0:7e:d8:99:81:6f:a6:1a:c3:cf:d3:8e:07:8a:bd:
ec:b4:ef:d9:70:ee:14:7d:ef:d8:4e:09:98:d4:99:38:74:5b:
57:4b:d7:cf:9b:1c:82:46:63:29:f7:75:e6:c4:98:a5:93:53:
b3:a2:56:aa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeHpFbDvuKeB5eA4Q3j2zMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjE5MTAwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGUxOTkyYjQ1YzMyM2E3NGI4YWQzMDVjN2VjMTBiYzUzZGI3ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/zLoZAMk52Ebugf2qNejouI2ic5
2brGBXvTAT9gmZv67+pXAl0A3A7Yofl4hPhGsP8o1/c104B0vvU5f+uDdyS+XshQ
06RrClD7G6DmbvLNLkDD9chAABaslM19SZ6nCbmoIJS0JBffwV50SNdoPW7mHsOt
3l8xwxeqAmjdLNeCtPpKN8sM0QwwjbLZ2IRbKSLM/66/Xym47b2yXbSCXl01E0yD
fjYZbwtMGbQb2e9em2EdlpAElTNg1eVgm+XI7Fdj6icxfOGFZTFR0pxIHVk18hNy
SvBc2FCLCc8skE6A8346J/VR3H2BwgokMARhrV316/DrWLx14aa8ibN99QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK3hmStFwyOnS4rTBcfsELxT233XMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcmVHWkswWERJNmRMaXRNRngtd1F2RlBiZmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWdWPMAwD
BABZ1ZEDBABZ1ZIDBADVgpowDQYJKoZIhvcNAQELBQADggEBAAPmum8tjptv+byh
wVXVItPnjirm8M4dGDfeMweAK+qpktSISx0qRjB9kTeLlGwUC9CxAgd2qxAU6rZj
9aYq150Cv2GArLRIaADQc5UjaBEbW3QB5Z5zg2YIGMVrGoO0g7jISislfSmja7ti
BJyVqHYSRydpmpqZiRNEDHRqqQR4yMmTocFee/3Vmrwda/VGjoPBi7otF4UejNAb
pya1Zvk3EyeOKMZ4ATB6akkEqNDW795IKdjAzXmFm7Ah18nY33k0gtE/A1Y9L8B+
2JmBb6Yaw8/TjgeKvey079lw7hR979hOCZjUmTh0W1dL18+bHIJGYyn3debEmKWT
U7OiVqo=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:53:58 2025 by rpki-client