Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/J29KR6WIqb2jKkibcGzZyVD-APE.roa
File: J29KR6WIqb2jKkibcGzZyVD-APE.roa (raw, json)
Hash identifier: cX4I13kG6IWcU4y27MvdylWTn5/srzMdc6rdtCLCSL4=
Subject key identifier: 27:6F:4A:47:A5:88:A9:BD:A3:2A:48:9B:70:6C:D9:C9:50:FE:00:F1
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0195E6341DE469B847D86B21F358B132DD31
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/J29KR6WIqb2jKkibcGzZyVD-APE.roa
Signing time: Sun 30 Mar 2025 08:38:50 +0000
ROA not before: Sun 30 Mar 2025 08:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215384
IP address blocks: 31.220.14.0/24 maxlen: 24
45.12.52.0/23 maxlen: 23
45.12.91.0/24 maxlen: 24
185.238.249.0/24 maxlen: 24
185.238.251.0/24 maxlen: 24
193.9.45.0/24 maxlen: 24
2a14:640:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e6:34:1d:e4:69:b8:47:d8:6b:21:f3:58:b1:32:dd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Mar 30 08:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=276f4a47a588a9bda32a489b706cd9c950fe00f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c1:47:73:a1:ca:4f:9d:5d:68:dd:85:04:09:
19:03:6e:27:cc:55:cd:1e:87:20:51:0c:b0:5c:ae:
bf:9e:a0:66:8f:f6:38:4a:5b:1d:d9:e8:85:58:b5:
fd:55:66:39:ca:82:a5:f2:f4:1c:14:08:6b:18:e7:
8c:5d:84:c8:12:14:51:27:74:68:55:c0:fa:c7:bf:
75:67:63:24:c6:de:c3:fa:4f:d0:ac:fa:bd:a4:7b:
c0:86:ba:ca:88:a5:c1:7b:64:3c:c5:7d:cf:d7:3d:
46:cc:1f:32:7c:b1:f5:6b:8b:76:d9:04:81:bc:1c:
2a:e4:1a:a8:db:c9:ef:79:aa:22:44:5b:97:e3:c7:
da:b9:85:90:71:d8:ae:71:ca:da:f7:da:06:39:30:
64:d1:02:f6:ef:66:67:77:7a:5e:1f:22:19:b5:62:
85:d6:72:ce:3b:fa:27:d6:14:ac:03:05:13:82:27:
3f:e9:36:42:c4:5a:9a:4b:37:25:19:8a:73:d3:61:
8a:7d:62:57:ff:3b:a8:dc:a0:30:fa:c7:39:3e:eb:
45:a9:08:84:49:dd:1b:35:b6:00:d5:4b:b1:33:b7:
23:6c:85:44:0f:c4:a7:00:c8:c8:09:d8:8e:d7:ac:
42:e4:e2:a7:fd:84:f3:0d:82:b1:8c:5f:43:c0:c5:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6F:4A:47:A5:88:A9:BD:A3:2A:48:9B:70:6C:D9:C9:50:FE:00:F1
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/J29KR6WIqb2jKkibcGzZyVD-APE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.14.0/24
45.12.52.0/23
45.12.91.0/24
185.238.249.0/24
185.238.251.0/24
193.9.45.0/24
IPv6:
2a14:640:2::/48
Signature Algorithm: sha256WithRSAEncryption
1a:3a:25:2a:5c:19:e0:55:e3:c6:e9:a6:c3:51:e8:d3:26:ae:
1b:69:f4:d6:bb:9d:90:2a:db:6d:ef:42:8f:76:68:a3:ed:26:
56:f5:29:2d:a0:f7:19:3a:eb:7c:10:bb:d4:10:64:91:04:7c:
91:e2:e3:b4:cf:b8:e2:62:69:4e:7a:7e:62:25:0b:53:ac:07:
fb:d8:47:ab:2e:6d:f9:ec:d4:6c:74:61:25:4e:a4:f3:b5:df:
33:77:34:ed:be:23:72:83:fb:28:ee:bc:be:50:d7:f1:92:5a:
d5:59:9f:19:22:b2:a8:f7:c4:7a:a0:77:f0:38:63:3a:d1:fb:
d7:10:61:cb:52:db:75:b6:2b:f7:4e:35:74:4b:d9:da:70:bc:
89:24:44:fd:6c:31:c8:7c:74:56:1a:3b:23:33:c2:f7:84:b6:
2f:56:b0:6d:0a:e4:9d:50:d1:9f:4b:9a:d9:58:26:c4:1b:8e:
fa:3a:ea:35:79:df:ea:ab:71:77:a6:66:f4:4a:03:3a:a7:0f:
65:1f:b4:08:84:17:22:6f:c7:ad:61:33:b2:a5:a4:c4:d2:9f:
20:63:da:9b:d1:c7:e8:c2:dd:1c:d4:d9:2a:44:4c:a1:5a:c3:
46:0d:5f:28:e0:2c:ec:67:60:db:30:9f:a2:e3:71:4d:3d:09:
e7:bd:f5:e4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZXmNB3kabhH2Gsh81ixMt0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUwMzMwMDgzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZmNGE0N2E1ODhhOWJkYTMyYTQ4OWI3MDZjZDljOTUwZmUwMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MFHc6HKT51daN2FBAkZA24nzFXN
HocgUQywXK6/nqBmj/Y4Slsd2eiFWLX9VWY5yoKl8vQcFAhrGOeMXYTIEhRRJ3Ro
VcD6x791Z2Mkxt7D+k/QrPq9pHvAhrrKiKXBe2Q8xX3P1z1GzB8yfLH1a4t22QSB
vBwq5Bqo28nveaoiRFuX48fauYWQcdiuccra99oGOTBk0QL272Znd3peHyIZtWKF
1nLOO/on1hSsAwUTgic/6TZCxFqaSzclGYpz02GKfWJX/zuo3KAw+sc5PutFqQiE
Sd0bNbYA1UuxM7cjbIVED8SnAMjICdiO16xC5OKn/YTzDYKxjF9DwMUNZwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCdvSkeliKm9oypIm3Bs2clQ/gDxMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvSjI5S1I2V0lxYjJqS2tpYmNHelp5VkQtQVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAH9wOAwQB
LQw0AwQALQxbAwQAue75AwQAue77AwQAwQktMA8EAgACMAkDBwAqFAZAAAIwDQYJ
KoZIhvcNAQELBQADggEBABo6JSpcGeBV48bppsNR6NMmrhtp9Na7nZAq223vQo92
aKPtJlb1KS2g9xk663wQu9QQZJEEfJHi47TPuOJiaU56fmIlC1OsB/vYR6subfns
1Gx0YSVOpPO13zN3NO2+I3KD+yjuvL5Q1/GSWtVZnxkisqj3xHqgd/A4YzrR+9cQ
YctS23W2K/dONXRL2dpwvIkkRP1sMch8dFYaOyMzwveEti9WsG0K5J1Q0Z9LmtlY
JsQbjvo66jV53+qrcXemZvRKAzqnD2UftAiEFyJvx61hM7KlpMTSnyBj2pvRx+jC
3RzU2SpETKFaw0YNXyjgLOxnYNswn6LjcU09Cee99eQ=
-----END CERTIFICATE-----
Generated at Sat May 10 12:27:28 2025 by rpki-client