Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/tVeA1QW6o2_4cAAoeOMN60OC09M.roa
File: tVeA1QW6o2_4cAAoeOMN60OC09M.roa (raw, json)
Hash identifier: K+ciN3DFQxqGOLGpRd4/ZhXkYH4OU+8ws5sujZeJtPY=
Subject key identifier: B5:57:80:D5:05:BA:A3:6F:F8:70:00:28:78:E3:0D:EB:43:82:D3:D3
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 0196AC93D0212B93EAD3640C1FF56D95BEA7
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/tVeA1QW6o2_4cAAoeOMN60OC09M.roa
Signing time: Wed 07 May 2025 21:08:10 +0000
ROA not before: Wed 07 May 2025 21:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209275
IP address blocks: 31.222.228.0/24 maxlen: 24
88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
193.162.135.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 48
2a09:9d00:1::/48 maxlen: 48
2a09:9d00:2::/48 maxlen: 48
2a09:9d00:3::/48 maxlen: 48
2a09:9d00:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 03:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:93:d0:21:2b:93:ea:d3:64:0c:1f:f5:6d:95:be:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: May 7 21:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b55780d505baa36ff870002878e30deb4382d3d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:eb:b2:7e:f1:9c:4f:ab:9b:84:18:b5:ba:
9c:9d:9a:a0:a0:2c:c9:dc:43:10:7f:38:b0:ff:26:
92:36:63:b6:5c:26:a1:b2:af:1f:1b:21:13:fc:46:
7f:b5:88:7c:f6:0f:cf:10:87:4b:1c:39:11:a8:cb:
29:fe:ad:d5:9f:2a:42:89:9d:10:36:1f:13:7e:17:
26:da:68:62:66:08:4d:ca:ae:48:2a:69:5b:6a:ad:
c3:bd:96:29:55:a7:f8:0a:f7:53:be:de:c2:bc:0a:
73:72:1e:ff:d2:ea:c0:55:b6:e0:fa:7e:25:2d:d7:
2d:e1:f7:76:09:eb:ce:63:db:54:38:30:d1:11:17:
86:ab:79:e5:c9:39:e0:85:86:58:0a:92:72:c1:6c:
c1:b8:18:22:d6:de:1e:41:06:f3:c3:c8:9f:55:53:
05:c8:f9:d0:8b:a6:b6:e9:c6:5f:72:f0:97:30:5f:
75:c6:05:1a:0c:ad:2c:7c:5c:30:01:79:5b:43:3c:
cc:4f:cd:5e:05:f6:87:22:1c:1d:b7:94:29:64:c6:
82:9f:b1:3f:3b:8f:64:ea:37:d7:b2:ba:47:22:fc:
f4:b0:94:85:71:00:2c:52:87:4c:fe:e5:5e:39:a9:
84:9f:26:fc:cf:21:81:c9:7a:56:f1:8a:1d:eb:40:
cf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:57:80:D5:05:BA:A3:6F:F8:70:00:28:78:E3:0D:EB:43:82:D3:D3
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/tVeA1QW6o2_4cAAoeOMN60OC09M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.228.0/24
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
193.162.135.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
b5:cc:34:c4:f0:a9:47:1c:ae:76:7f:e9:7e:7b:16:5c:c9:a7:
18:81:ba:c0:e0:33:32:76:ce:76:7c:81:b2:e7:02:f3:da:f1:
8b:c3:65:02:8c:2d:39:96:56:bc:e0:fd:40:38:14:2a:e5:6c:
43:fe:92:90:6b:91:ca:32:04:b4:eb:be:f3:af:a1:46:a3:89:
1c:09:a5:2f:7f:86:f7:23:39:b3:4c:1c:a2:f4:65:b2:97:e8:
cb:9c:aa:8f:b4:28:6a:25:73:7d:0f:1a:24:79:d1:37:7f:f9:
c2:2c:7f:27:a1:28:8a:31:12:bc:6d:ed:85:12:d6:89:0e:c9:
02:bd:e4:0f:ba:40:46:4d:fb:d9:b6:1c:86:73:41:aa:51:95:
44:18:25:82:1c:50:fa:b4:8c:f0:18:71:37:9f:01:fb:13:1f:
70:21:3d:53:7a:0d:3c:4c:86:e9:e0:1c:f4:cf:e9:88:74:cd:
af:01:37:c5:df:5b:a6:e3:ab:18:70:af:84:88:6a:47:87:36:
1c:ea:d2:35:ba:c1:62:7c:b2:4f:c3:4d:6c:65:8c:ef:5b:89:
ff:0a:89:09:d7:e4:4d:0c:98:da:16:e9:66:80:c6:a1:41:42:
d3:03:ef:96:f8:0c:bd:e6:f2:9f:06:94:8f:8f:cc:e4:3d:9c:
9c:cf:d9:08
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZask9AhK5Pq02QMH/Vtlb6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjUwNTA3MjEwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU3ODBkNTA1YmFhMzZmZjg3MDAwMjg3OGUzMGRlYjQzODJkM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBXrsn7xnE+rm4QYtbqcnZqgoCzJ
3EMQfziw/yaSNmO2XCahsq8fGyET/EZ/tYh89g/PEIdLHDkRqMsp/q3VnypCiZ0Q
Nh8Tfhcm2mhiZghNyq5IKmlbaq3DvZYpVaf4CvdTvt7CvApzch7/0urAVbbg+n4l
Ldct4fd2CevOY9tUODDREReGq3nlyTnghYZYCpJywWzBuBgi1t4eQQbzw8ifVVMF
yPnQi6a26cZfcvCXMF91xgUaDK0sfFwwAXlbQzzMT81eBfaHIhwdt5QpZMaCn7E/
O49k6jfXsrpHIvz0sJSFcQAsUodM/uVeOamEnyb8zyGByXpW8Yod60DPLQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLVXgNUFuqNv+HAAKHjjDetDgtPTMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvdFZlQTFRVzZvMl80Y0FBb2VPTU42ME9DMDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAH97kAwQA
WNYoAwQAWNYqAwQAueHGAwQAwaKHMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEB
CwUAA4IBAQC1zDTE8KlHHK52f+l+exZcyacYgbrA4DMyds52fIGy5wLz2vGLw2UC
jC05lla84P1AOBQq5WxD/pKQa5HKMgS0677zr6FGo4kcCaUvf4b3IzmzTByi9GWy
l+jLnKqPtChqJXN9DxokedE3f/nCLH8noSiKMRK8be2FEtaJDskCveQPukBGTfvZ
thyGc0GqUZVEGCWCHFD6tIzwGHE3nwH7Ex9wIT1Teg08TIbp4Bz0z+mIdM2vATfF
31um46sYcK+EiGpHhzYc6tI1usFifLJPw01sZYzvW4n/CokJ1+RNDJjaFulmgMah
QULTA++W+Ay95vKfBpSPj8zkPZycz9kI
-----END CERTIFICATE-----
Generated at Sat May 10 08:56:52 2025 by rpki-client