Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/O_uEU5a5hFxcQ9cF5vOgcBailtI.roa
File: O_uEU5a5hFxcQ9cF5vOgcBailtI.roa (raw, json)
Hash identifier: am+LoRbwPcUWGmyLF541pRdLLSbuzmsIRCZ85z19J6M=
Subject key identifier: 3B:FB:84:53:96:B9:84:5C:5C:43:D7:05:E6:F3:A0:70:16:A2:96:D2
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 0196A4E459691CAAA0C42AD732995D929AF3
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/O_uEU5a5hFxcQ9cF5vOgcBailtI.roa
Signing time: Tue 06 May 2025 09:19:10 +0000
ROA not before: Tue 06 May 2025 09:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61144
IP address blocks: 91.208.227.0/24 maxlen: 24
185.172.196.0/24 maxlen: 24
185.172.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:e4:59:69:1c:aa:a0:c4:2a:d7:32:99:5d:92:9a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: May 6 09:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bfb845396b9845c5c43d705e6f3a07016a296d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:45:ee:62:04:48:b4:f8:c5:bf:1e:a4:5b:f4:
18:8f:b7:b9:d4:d1:5f:a5:ac:44:7f:fd:bc:f3:78:
cc:5f:3f:21:09:40:8b:79:b4:57:49:92:12:c4:59:
86:7b:67:3a:0c:90:1f:a0:79:a9:eb:4e:a0:b5:3c:
fc:d8:d9:47:e5:63:31:99:ad:94:ac:5c:72:22:84:
e5:2e:66:59:c0:d5:10:04:b9:3d:96:43:f4:83:e1:
6f:40:39:68:c6:93:1c:60:ca:26:53:35:97:1c:67:
de:1c:7f:50:71:c4:9f:da:9b:d3:43:d2:6e:26:79:
dc:12:62:2a:45:9e:6b:40:07:ad:2e:88:98:90:32:
78:e0:02:06:73:16:78:4a:9a:49:f8:fd:77:7b:de:
93:73:87:cf:83:9e:8e:47:c2:95:8a:ec:5f:58:16:
d1:b1:05:80:d0:69:1f:0a:d5:8e:16:4c:07:07:6e:
56:2c:1e:a8:f7:de:0b:a2:68:ac:7a:ee:ab:b1:29:
34:f2:78:29:1d:85:31:09:f0:b4:7d:c8:a9:11:a2:
a1:c4:c6:6b:92:23:04:9e:5b:0b:a0:50:fd:cd:0d:
6e:6f:40:50:27:be:08:47:c6:48:42:7d:d7:be:61:
cc:51:bf:04:40:f5:b3:bd:c5:2a:c2:6a:8e:7a:89:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FB:84:53:96:B9:84:5C:5C:43:D7:05:E6:F3:A0:70:16:A2:96:D2
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/O_uEU5a5hFxcQ9cF5vOgcBailtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.227.0/24
185.172.196.0/23
Signature Algorithm: sha256WithRSAEncryption
32:c0:df:f5:13:a4:b2:fe:8a:40:e6:5b:17:5e:b4:82:22:58:
e8:4a:8b:f9:69:e6:1d:a7:c9:9f:fd:59:f9:df:b7:ae:1b:8c:
e2:98:f6:7d:16:2a:e5:9f:65:47:12:81:27:27:6e:a9:a0:00:
aa:60:b7:ed:1d:8d:83:c7:48:1f:66:56:99:9d:07:9b:9c:1b:
43:c7:8c:67:56:6c:6a:b2:8e:c0:47:49:b6:0d:8f:7d:63:af:
af:9e:b6:78:7a:b8:4e:e5:7d:f6:4a:0b:59:2b:38:55:1b:66:
9d:f0:4e:2d:9b:33:53:47:e1:9d:78:08:b1:61:73:48:d1:5e:
44:9f:52:71:8e:54:77:0e:7a:73:18:26:39:09:4a:25:66:15:
f8:51:e7:a1:48:cf:0e:5a:24:24:5a:55:85:93:de:f5:d8:dc:
40:95:06:9f:a2:71:a3:cc:18:af:ee:b7:0f:3f:c3:99:2e:a7:
63:2c:e9:d8:2b:3e:aa:4d:9c:aa:c7:62:a1:b0:f5:ae:0e:c3:
ba:05:03:3a:f0:ee:25:3e:b1:98:c8:b5:b5:12:45:f0:10:49:
84:9a:6b:bb:97:bb:69:21:5b:90:80:8a:4b:aa:ab:44:f1:47:
36:5c:e0:d4:25:b8:48:4c:dc:de:03:17:ba:9e:c9:b8:3e:ef:
83:25:26:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZak5FlpHKqgxCrXMpldkprzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjUwNTA2MDkxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZiODQ1Mzk2Yjk4NDVjNWM0M2Q3MDVlNmYzYTA3MDE2YTI5NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EXuYgRItPjFvx6kW/QYj7e51NFf
paxEf/2883jMXz8hCUCLebRXSZISxFmGe2c6DJAfoHmp606gtTz82NlH5WMxma2U
rFxyIoTlLmZZwNUQBLk9lkP0g+FvQDloxpMcYMomUzWXHGfeHH9QccSf2pvTQ9Ju
JnncEmIqRZ5rQAetLoiYkDJ44AIGcxZ4SppJ+P13e96Tc4fPg56OR8KViuxfWBbR
sQWA0GkfCtWOFkwHB25WLB6o994Lomiseu6rsSk08ngpHYUxCfC0fcipEaKhxMZr
kiMEnlsLoFD9zQ1ub0BQJ74IR8ZIQn3XvmHMUb8EQPWzvcUqwmqOeolaVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDv7hFOWuYRcXEPXBebzoHAWopbSMB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvT191RVU1YTVoRnhjUTljRjV2T2djQmFpbHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9DjAwQB
uazEMA0GCSqGSIb3DQEBCwUAA4IBAQAywN/1E6Sy/opA5lsXXrSCIljoSov5aeYd
p8mf/Vn537euG4zimPZ9Firln2VHEoEnJ26poACqYLftHY2Dx0gfZlaZnQebnBtD
x4xnVmxqso7AR0m2DY99Y6+vnrZ4erhO5X32SgtZKzhVG2ad8E4tmzNTR+GdeAix
YXNI0V5En1JxjlR3DnpzGCY5CUolZhX4UeehSM8OWiQkWlWFk9712NxAlQafonGj
zBiv7rcPP8OZLqdjLOnYKz6qTZyqx2KhsPWuDsO6BQM68O4lPrGYyLW1EkXwEEmE
mmu7l7tpIVuQgIpLqqtE8Uc2XODUJbhITNzeAxe6nsm4Pu+DJSZa
-----END CERTIFICATE-----
Generated at Thu May 8 16:06:43 2025 by rpki-client