Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tDAtU3s1OqPZaJ7ZbIHrn2j2xPQ.roa
File: tDAtU3s1OqPZaJ7ZbIHrn2j2xPQ.roa (raw, json)
Hash identifier: Wav8L0ai+Gq1kSuYXLuPI7wk6Ssu4kjw9aKrFuSqyJg=
Subject key identifier: B4:30:2D:53:7B:35:3A:A3:D9:68:9E:D9:6C:81:EB:9F:68:F6:C4:F4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019686A212FFA5466DAE98A548574429F782
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tDAtU3s1OqPZaJ7ZbIHrn2j2xPQ.roa
Signing time: Wed 30 Apr 2025 12:18:10 +0000
ROA not before: Wed 30 Apr 2025 12:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 82.153.219.0/24 maxlen: 24
89.213.55.0/24 maxlen: 24
89.213.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:a2:12:ff:a5:46:6d:ae:98:a5:48:57:44:29:f7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 12:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4302d537b353aa3d9689ed96c81eb9f68f6c4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:dc:87:2b:d3:1a:be:52:e8:23:45:3d:3a:db:
a9:14:6c:7f:d8:14:0b:6c:87:ae:f6:8a:3c:d3:61:
0b:a8:68:73:c9:d8:49:b4:24:ce:16:3d:cc:cb:5e:
94:d8:af:d8:c2:50:5e:78:fa:c7:7e:3d:ea:0e:b6:
ba:43:de:cf:4e:a8:29:bd:b9:95:32:60:5d:3e:65:
e9:cb:99:c8:38:cf:de:72:f9:61:58:dc:bb:fa:35:
d8:a1:4c:6b:a3:24:d0:ab:ee:66:56:5d:d2:b9:3f:
bc:cb:04:e8:c8:67:44:bb:c7:df:20:20:19:fd:a8:
09:fa:1c:f1:28:98:38:bc:ad:61:e2:18:0b:b3:1f:
bf:4c:0f:6b:4c:89:c7:85:ea:46:77:91:0c:4e:c0:
28:1f:76:ca:1a:d8:74:ad:c8:83:98:47:44:29:4b:
8f:81:9a:85:1c:6f:cc:e4:8f:60:6d:d7:9b:2b:46:
82:b0:e4:dc:a8:1f:c8:0a:fa:42:e9:65:5a:58:e7:
5f:17:c5:c3:17:ec:a9:fe:ce:3a:6c:32:4c:1e:41:
f1:3e:a2:53:b2:c7:8a:4e:c0:e2:ad:d2:a2:89:fb:
c7:ef:a3:9d:2a:5f:7b:98:0a:bf:a6:3e:9b:8c:0e:
e3:83:9a:63:5f:01:3a:64:73:8a:df:94:ab:51:b0:
52:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:30:2D:53:7B:35:3A:A3:D9:68:9E:D9:6C:81:EB:9F:68:F6:C4:F4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tDAtU3s1OqPZaJ7ZbIHrn2j2xPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.219.0/24
89.213.55.0/24
89.213.225.0/24
Signature Algorithm: sha256WithRSAEncryption
58:97:1b:47:95:ff:a3:68:0d:ec:92:ee:a8:45:8a:3d:df:63:
0f:bd:5a:13:27:87:7a:5e:20:46:ee:6d:59:48:48:d0:6b:c6:
a2:16:17:71:65:fd:e8:df:3a:81:b7:82:40:95:0f:46:5e:20:
3f:aa:9a:e7:69:9b:94:84:bc:2e:e5:d4:84:8c:e0:c7:b1:6c:
fb:f4:77:74:95:99:2a:93:4b:f9:a0:ae:77:32:c1:9b:0e:59:
52:d2:fb:47:9a:3b:15:66:e5:0c:b3:dc:32:43:87:be:aa:ac:
44:b2:51:f1:16:f4:95:25:16:5d:54:85:04:01:5f:d1:34:d2:
b7:58:84:90:44:f1:e5:ee:ed:c0:ed:a4:0e:61:34:17:d0:cd:
66:f8:20:b5:91:5f:e9:8c:cf:85:01:c6:35:e4:da:70:84:e0:
3e:4e:83:d4:ab:8b:0f:f3:05:da:d9:a2:a4:8c:3f:c7:3e:20:
52:fa:ac:ac:02:e9:11:d6:f6:d3:63:c4:fb:71:d9:f1:f5:da:
c1:95:77:dd:8b:03:a0:b4:07:cc:98:97:d3:da:78:8e:60:e9:
09:2a:fc:0b:02:82:7a:22:1e:78:ea:1c:18:95:0c:e9:b9:0b:
91:da:85:a0:44:78:81:fd:7d:9b:06:83:6a:3c:57:d4:17:24:
ef:c9:23:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaGohL/pUZtrpilSFdEKfeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDMwMTIxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMwMmQ1MzdiMzUzYWEzZDk2ODllZDk2YzgxZWI5ZjY4ZjZjNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tyHK9MavlLoI0U9OtupFGx/2BQL
bIeu9oo802ELqGhzydhJtCTOFj3My16U2K/YwlBeePrHfj3qDra6Q97PTqgpvbmV
MmBdPmXpy5nIOM/ecvlhWNy7+jXYoUxroyTQq+5mVl3SuT+8ywToyGdEu8ffICAZ
/agJ+hzxKJg4vK1h4hgLsx+/TA9rTInHhepGd5EMTsAoH3bKGth0rciDmEdEKUuP
gZqFHG/M5I9gbdebK0aCsOTcqB/ICvpC6WVaWOdfF8XDF+yp/s46bDJMHkHxPqJT
sseKTsDirdKiifvH76OdKl97mAq/pj6bjA7jg5pjXwE6ZHOK35SrUbBShQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLQwLVN7NTqj2Wie2WyB659o9sT0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdERBdFUzczFPcVBaYUo3WmJJSHJuMmoyeFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpnbAwQA
WdU3AwQAWdXhMA0GCSqGSIb3DQEBCwUAA4IBAQBYlxtHlf+jaA3sku6oRYo932MP
vVoTJ4d6XiBG7m1ZSEjQa8aiFhdxZf3o3zqBt4JAlQ9GXiA/qprnaZuUhLwu5dSE
jODHsWz79Hd0lZkqk0v5oK53MsGbDllS0vtHmjsVZuUMs9wyQ4e+qqxEslHxFvSV
JRZdVIUEAV/RNNK3WISQRPHl7u3A7aQOYTQX0M1m+CC1kV/pjM+FAcY15NpwhOA+
ToPUq4sP8wXa2aKkjD/HPiBS+qysAukR1vbTY8T7cdnx9drBlXfdiwOgtAfMmJfT
2niOYOkJKvwLAoJ6Ih546hwYlQzpuQuR2oWgRHiB/X2bBoNqPFfUFyTvySOF
-----END CERTIFICATE-----
Generated at Tue May 6 03:05:50 2025 by rpki-client