Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/tb7zy4gQAH_RQZ4Nz-3NFx59Mbo.roa
File: tb7zy4gQAH_RQZ4Nz-3NFx59Mbo.roa (raw, json)
Hash identifier: oJpg/mpoL0grHs9Xu1Kgy7pPSav+AYmr/wpKbCpQ/O0=
Subject key identifier: B5:BE:F3:CB:88:10:00:7F:D1:41:9E:0D:CF:ED:CD:17:1E:7D:31:BA
Certificate issuer: /CN=dab1c03088ebfe553812b31547c03c90a25d8771
Certificate serial: 0197B00192CCB99EC88C78D66034191BB440
Authority key identifier: DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/tb7zy4gQAH_RQZ4Nz-3NFx59Mbo.roa
Signing time: Fri 27 Jun 2025 06:09:42 +0000
ROA not before: Fri 27 Jun 2025 06:09:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58130
IP address blocks: 176.116.96.0/20 maxlen: 20
176.116.96.0/24 maxlen: 24
176.116.97.0/24 maxlen: 24
176.116.99.0/24 maxlen: 24
176.116.101.0/24 maxlen: 24
176.116.104.0/24 maxlen: 24
176.116.105.0/24 maxlen: 24
176.116.106.0/24 maxlen: 24
176.116.107.0/24 maxlen: 24
176.116.108.0/23 maxlen: 23
176.116.108.0/24 maxlen: 24
176.116.111.0/24 maxlen: 24
176.116.112.0/22 maxlen: 22
185.165.140.0/23 maxlen: 23
185.165.142.0/23 maxlen: 23
2001:67c:1050::/48 maxlen: 48
2a0a:1a00::/29 maxlen: 29
2a0a:1a00::/30 maxlen: 30
2a0a:1a00:f000:9000::/56 maxlen: 56
2a0a:1a04::/30 maxlen: 30
2a0a:1a06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 12:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:01:92:cc:b9:9e:c8:8c:78:d6:60:34:19:1b:b4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab1c03088ebfe553812b31547c03c90a25d8771
Validity
Not Before: Jun 27 06:09:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5bef3cb8810007fd1419e0dcfedcd171e7d31ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1a:9a:78:b4:0c:0e:00:48:18:ef:b5:5a:32:
3f:09:f4:19:e9:c1:37:a6:c9:b0:54:a9:af:23:01:
9a:6b:bb:26:73:ad:83:c6:f1:cb:e9:f2:b1:b1:e8:
16:f7:b2:b7:f9:45:49:6b:2e:18:10:38:e0:db:e0:
58:45:25:25:fe:bc:04:8e:d7:d3:5d:0e:c5:d9:70:
36:6a:0b:13:43:28:af:15:07:58:46:3c:59:c6:b8:
1f:56:0e:56:91:b5:cb:46:e0:5a:58:67:09:43:b4:
0f:f9:ba:6e:2a:61:42:75:56:01:15:5d:f8:63:06:
b7:6e:b1:a7:01:b6:34:f7:a6:64:60:b3:03:c8:2b:
53:5b:7f:b7:f3:eb:5e:c4:a1:f2:f0:0b:8a:8f:88:
81:27:5e:37:c3:f4:4c:65:58:02:d8:84:92:5c:50:
be:87:94:2d:04:1f:b4:19:a5:63:49:08:17:1c:3f:
c3:53:41:a3:e7:b0:4d:87:b2:ea:18:a3:f6:7c:e7:
73:0f:3d:f9:7e:83:c1:1e:76:19:9d:a5:4f:56:ef:
1f:0f:c7:83:cc:e0:0d:31:77:e6:11:f5:41:17:8e:
bc:86:13:f1:4a:59:f5:d9:74:9f:7c:2a:90:d1:48:
e4:aa:05:00:85:4a:be:63:7b:c4:cd:cd:fa:cf:54:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BE:F3:CB:88:10:00:7F:D1:41:9E:0D:CF:ED:CD:17:1E:7D:31:BA
X509v3 Authority Key Identifier:
keyid:DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/tb7zy4gQAH_RQZ4Nz-3NFx59Mbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.96.0-176.116.115.255
185.165.140.0/22
IPv6:
2001:67c:1050::/48
2a0a:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
89:8d:f7:e9:e3:70:98:79:dd:3f:e7:a9:dc:e1:92:d6:cb:df:
d9:8f:e7:12:36:e8:ef:f3:f5:cd:d3:cc:ea:3b:87:63:40:26:
09:cc:05:f8:fd:a1:08:05:4d:22:db:ef:9d:83:15:62:18:c2:
5b:8b:c8:82:12:49:3e:0e:2c:1a:3e:70:52:0d:aa:2b:58:87:
b5:39:7e:cc:57:a6:78:9d:ab:1d:fa:3e:5b:7d:ca:e2:80:29:
4f:f7:f9:11:03:78:c1:40:84:b0:50:4b:d2:ca:65:2f:69:c8:
6f:b5:a7:ff:a9:8c:23:e5:8c:b0:42:d6:26:13:a1:b3:29:93:
9f:d5:32:13:5d:dc:26:ab:d0:15:3e:57:b2:8f:0e:a9:db:26:
23:38:03:c6:55:de:75:6c:41:ea:f0:83:37:ac:d6:7a:6c:15:
40:cb:90:ca:33:c7:6a:f0:f1:5e:bc:46:62:1b:ca:49:bf:ac:
38:ab:a8:01:bb:c2:b8:21:ea:63:12:d5:50:c9:03:cd:e5:62:
ca:3c:43:1c:a6:b1:1b:6e:12:9a:54:e3:9b:f4:92:05:ef:e2:
d1:2a:98:c0:52:0a:7f:03:75:ce:d9:d9:f2:24:14:3d:ab:6f:
b8:b9:3b:7d:1d:c1:b0:0e:5d:df:1f:38:15:a2:e7:0f:25:12:
53:f5:04:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZewAZLMuZ7IjHjWYDQZG7RAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjFjMDMwODhlYmZlNTUzODEyYjMxNTQ3YzAzYzkwYTI1
ZDg3NzEwHhcNMjUwNjI3MDYwOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJlZjNjYjg4MTAwMDdmZDE0MTllMGRjZmVkY2QxNzFlN2QzMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BqaeLQMDgBIGO+1WjI/CfQZ6cE3
psmwVKmvIwGaa7smc62DxvHL6fKxsegW97K3+UVJay4YEDjg2+BYRSUl/rwEjtfT
XQ7F2XA2agsTQyivFQdYRjxZxrgfVg5WkbXLRuBaWGcJQ7QP+bpuKmFCdVYBFV34
Ywa3brGnAbY096ZkYLMDyCtTW3+38+texKHy8AuKj4iBJ143w/RMZVgC2ISSXFC+
h5QtBB+0GaVjSQgXHD/DU0Gj57BNh7LqGKP2fOdzDz35foPBHnYZnaVPVu8fD8eD
zOANMXfmEfVBF468hhPxSln12XSffCqQ0UjkqgUAhUq+Y3vEzc36z1SaXwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLW+88uIEAB/0UGeDc/tzRcefTG6MB8GA1UdIwQY
MBaAFNqxwDCI6/5VOBKzFUfAPJCiXYdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEt
YjcyMzk4MDcwODIzLzEvdGI3enk0Z1FBSF9SUVo0TnotM05GeDU5TWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEtYjcyMzk4MDcwODIz
LzEvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAWwdGAD
BAKwdHADBAK5pYwwFgQCAAIwEAMHACABBnwQUAMFAyoKGgAwDQYJKoZIhvcNAQEL
BQADggEBAImN9+njcJh53T/nqdzhktbL39mP5xI26O/z9c3TzOo7h2NAJgnMBfj9
oQgFTSLb752DFWIYwluLyIISST4OLBo+cFINqitYh7U5fsxXpnidqx36Plt9yuKA
KU/3+REDeMFAhLBQS9LKZS9pyG+1p/+pjCPljLBC1iYTobMpk5/VMhNd3Car0BU+
V7KPDqnbJiM4A8ZV3nVsQerwgzes1npsFUDLkMozx2rw8V68RmIbykm/rDirqAG7
wrgh6mMS1VDJA83lYso8QxymsRtuEppU45v0kgXv4tEqmMBSCn8Ddc7Z2fIkFD2r
b7i5O30dwbAOXd8fOBWi5w8lElP1BMk=
-----END CERTIFICATE-----
Generated at Sun Jun 29 21:10:34 2025 by rpki-client