Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sel0Pjdv_dXk3SBzodZnhOMFOK8.roa
File: sel0Pjdv_dXk3SBzodZnhOMFOK8.roa (raw, json)
Hash identifier: /3JEX9WN7+Xu1r9ZBKcIYhcWh19ks1nzbzFN0VRMlhM=
Subject key identifier: B1:E9:74:3E:37:6F:FD:D5:E4:DD:20:73:A1:D6:67:84:E3:05:38:AF
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0197121D3AFAA6D8EBF52DF4C7AA62D89E98
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sel0Pjdv_dXk3SBzodZnhOMFOK8.roa
Signing time: Tue 27 May 2025 14:19:54 +0000
ROA not before: Tue 27 May 2025 14:19:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211415
IP address blocks: 2.56.184.0/22 maxlen: 22
5.252.186.0/24 maxlen: 24
31.40.232.0/22 maxlen: 24
45.11.152.0/24 maxlen: 24
45.11.153.0/24 maxlen: 24
45.147.153.0/24 maxlen: 24
45.147.154.0/24 maxlen: 24
45.147.155.0/24 maxlen: 24
85.8.168.0/22 maxlen: 22
194.121.59.0/24 maxlen: 24
194.124.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:1d:3a:fa:a6:d8:eb:f5:2d:f4:c7:aa:62:d8:9e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 27 14:19:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1e9743e376ffdd5e4dd2073a1d66784e30538af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:f9:fe:bf:99:aa:4f:7c:11:ad:94:78:97:
6a:9e:a1:26:38:c2:fc:10:b1:fa:c4:36:5d:9a:13:
dc:e4:7e:af:f4:3d:45:dd:de:ae:f0:6f:1c:b0:22:
98:ca:5c:68:cb:2c:d9:c9:89:9b:3c:74:c1:06:ee:
49:d3:b8:89:f4:ee:6c:cf:84:38:51:89:fd:c1:1e:
17:4e:40:86:31:af:05:d3:66:c4:bb:fd:cb:7e:3c:
b5:1a:1a:a6:9b:d6:21:07:7f:2f:9f:63:1e:84:40:
92:13:e2:a4:22:5a:2e:a2:fb:d3:df:ee:83:42:b3:
01:4a:79:f5:34:e9:95:2c:4e:76:47:a2:b8:70:58:
6e:59:86:5f:28:8a:0d:79:a6:65:95:5b:56:16:d1:
fe:47:2c:90:d0:2a:03:70:3e:4b:75:e7:7e:50:09:
d9:ce:8b:10:40:c3:dc:6b:ba:1d:60:42:ca:76:9d:
73:87:cb:38:86:00:b8:4e:78:e4:c9:9c:5b:87:c9:
2c:76:e7:14:5f:f0:3c:42:56:18:a3:8c:3a:93:c0:
21:19:97:f7:5a:71:58:57:f2:e9:b4:6b:7d:1d:4d:
fe:dd:d9:56:8d:34:fa:70:f9:b5:a8:9f:74:13:3e:
9c:67:df:5d:ee:3c:b5:26:09:63:fd:1c:24:86:f9:
49:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E9:74:3E:37:6F:FD:D5:E4:DD:20:73:A1:D6:67:84:E3:05:38:AF
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sel0Pjdv_dXk3SBzodZnhOMFOK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
5.252.186.0/24
31.40.232.0/22
45.11.152.0/23
45.147.153.0-45.147.155.255
85.8.168.0/22
194.121.59.0/24
194.124.144.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b1:37:0d:e0:98:26:60:9e:68:e2:86:1b:5a:71:ff:0b:15:
d2:f9:64:9a:f3:14:54:d0:9f:15:ca:ab:73:4f:bd:02:20:a6:
52:78:b8:d4:f6:3b:ff:db:84:57:50:30:2a:fc:7d:46:fe:a5:
99:25:b3:c8:ac:32:d8:d9:9b:98:8d:f3:47:44:02:16:7d:61:
45:4c:14:27:dc:a4:9f:7d:fb:f4:c3:f3:a2:63:52:27:3e:85:
a2:91:37:b0:a7:4f:35:dc:bb:86:ee:a3:54:e6:d5:d2:b6:93:
d0:1b:12:0c:7e:d0:08:93:93:79:fb:76:07:5b:c7:a6:be:c3:
02:dd:4f:9f:67:b1:cf:13:4c:57:dd:ad:c4:e4:90:53:4c:3d:
fb:46:c7:8c:22:3a:6e:ec:34:95:69:c9:83:c4:d5:10:c3:e7:
f5:c3:f9:bd:c0:17:f5:a3:8c:d3:68:61:7b:09:ff:15:85:7f:
8b:87:c1:1d:ec:89:c6:75:25:e2:16:3b:bc:56:f1:12:d4:5d:
9a:3b:8c:ee:a2:96:f4:31:b7:12:6b:c8:9b:50:75:09:08:8e:
30:3c:66:14:e4:8f:ff:3c:4c:e7:4e:4a:01:27:df:b1:10:52:
6b:47:86:b2:80:6d:49:d7:a7:78:c9:94:46:ba:70:44:2d:45:
ea:60:9a:3e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZcSHTr6ptjr9S30x6pi2J6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwNTI3MTQxOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU5NzQzZTM3NmZmZGQ1ZTRkZDIwNzNhMWQ2Njc4NGUzMDUzOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvij5/r+Zqk98Ea2UeJdqnqEmOML8
ELH6xDZdmhPc5H6v9D1F3d6u8G8csCKYylxoyyzZyYmbPHTBBu5J07iJ9O5sz4Q4
UYn9wR4XTkCGMa8F02bEu/3Lfjy1Ghqmm9YhB38vn2MehECSE+KkIlouovvT3+6D
QrMBSnn1NOmVLE52R6K4cFhuWYZfKIoNeaZllVtWFtH+RyyQ0CoDcD5Lded+UAnZ
zosQQMPca7odYELKdp1zh8s4hgC4TnjkyZxbh8ksducUX/A8QlYYo4w6k8AhGZf3
WnFYV/LptGt9HU3+3dlWjTT6cPm1qJ90Ez6cZ99d7jy1Jglj/RwkhvlJcQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLHpdD43b/3V5N0gc6HWZ4TjBTivMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvc2VsMFBqZHZfZFhrM1NCem9kWm5oT01GT0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCAji4AwQA
Bfy6AwQCHyjoAwQBLQuYMAwDBAAtk5kDBAItk5gDBAJVCKgDBADCeTsDBADCfJAw
DQYJKoZIhvcNAQELBQADggEBAAWxNw3gmCZgnmjihhtacf8LFdL5ZJrzFFTQnxXK
q3NPvQIgplJ4uNT2O//bhFdQMCr8fUb+pZkls8isMtjZm5iN80dEAhZ9YUVMFCfc
pJ99+/TD86JjUic+haKRN7CnTzXcu4buo1Tm1dK2k9AbEgx+0AiTk3n7dgdbx6a+
wwLdT59nsc8TTFfdrcTkkFNMPftGx4wiOm7sNJVpyYPE1RDD5/XD+b3AF/WjjNNo
YXsJ/xWFf4uHwR3sicZ1JeIWO7xW8RLUXZo7jO6ilvQxtxJryJtQdQkIjjA8ZhTk
j/88TOdOSgEn37EQUmtHhrKAbUnXp3jJlEa6cEQtRepgmj4=
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:45:17 2025 by rpki-client