Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/dovIL-gTzJ_aoQv0YqdSPue-W8c.roa
File: dovIL-gTzJ_aoQv0YqdSPue-W8c.roa (raw, json)
Hash identifier: xvPlQMVt6KADuNdSrMZISm2hi7tJLKf4OAcoc3dyLHM=
Subject key identifier: 76:8B:C8:2F:E8:13:CC:9F:DA:A1:0B:F4:62:A7:52:3E:E7:BE:5B:C7
Certificate issuer: /CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Certificate serial: 0197B1AA611003544764B4F0335397835EB1
Authority key identifier: 13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/dovIL-gTzJ_aoQv0YqdSPue-W8c.roa
Signing time: Fri 27 Jun 2025 13:53:42 +0000
ROA not before: Fri 27 Jun 2025 13:53:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 81.19.144.0/20 maxlen: 24
178.23.80.0/21 maxlen: 24
185.16.188.0/22 maxlen: 24
185.115.184.0/22 maxlen: 24
185.164.4.0/22 maxlen: 24
185.173.140.0/22 maxlen: 24
185.230.216.0/22 maxlen: 24
185.249.72.0/22 maxlen: 24
2a00:1a68::/29 maxlen: 48
2a0a:7c00::/29 maxlen: 48
2a0b:5700::/29 maxlen: 48
2a0c:2d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 01:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:aa:61:10:03:54:47:64:b4:f0:33:53:97:83:5e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Validity
Not Before: Jun 27 13:53:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=768bc82fe813cc9fdaa10bf462a7523ee7be5bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:8f:03:3e:37:09:7c:78:8f:39:f3:56:c0:
e0:ce:15:f0:3a:66:1a:87:03:d9:01:b0:ea:10:52:
a5:0b:57:b1:87:7c:6b:23:9c:68:14:82:f8:d3:d1:
c2:be:7d:e5:77:2b:f5:10:17:f3:93:18:17:f2:94:
23:f4:a9:4c:3e:0d:4c:99:2b:36:2d:06:c1:11:f9:
a4:90:1f:ec:fd:44:c5:f6:83:ee:f7:85:07:57:87:
f8:28:30:65:7c:1e:2f:5e:e7:99:ea:98:9a:70:0c:
b5:a9:c3:31:b7:bf:5a:56:2f:31:85:a5:97:5e:cb:
94:93:ff:26:eb:2c:e0:20:24:e7:8c:22:a1:4b:19:
bd:66:98:dd:32:32:1a:ed:eb:af:67:24:e7:2f:9a:
f5:e0:46:9b:98:37:aa:6e:cc:04:b1:5e:d0:f9:9d:
16:f8:fa:da:7e:5a:45:7d:b2:a8:22:c1:76:8c:49:
24:e6:bb:41:b9:d4:98:31:e9:5e:1a:9a:2e:c5:03:
55:fa:f5:06:f4:04:c6:e4:2a:38:eb:a8:3d:c1:53:
3d:86:fb:c2:22:8b:5f:69:1f:36:08:dd:07:b8:aa:
d4:42:cf:7e:02:2c:4f:2d:46:03:49:02:b4:4e:70:
6b:c5:bc:16:cc:a1:2c:f9:1c:8c:02:ed:7f:2d:96:
3c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:C8:2F:E8:13:CC:9F:DA:A1:0B:F4:62:A7:52:3E:E7:BE:5B:C7
X509v3 Authority Key Identifier:
keyid:13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/dovIL-gTzJ_aoQv0YqdSPue-W8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.144.0/20
178.23.80.0/21
185.16.188.0/22
185.115.184.0/22
185.164.4.0/22
185.173.140.0/22
185.230.216.0/22
185.249.72.0/22
IPv6:
2a00:1a68::/29
2a0a:7c00::/29
2a0b:5700::/29
2a0c:2d00::/29
Signature Algorithm: sha256WithRSAEncryption
39:83:a4:19:41:36:1e:59:1a:1a:c1:51:2a:0c:c6:77:04:8b:
53:6a:4e:34:2d:08:71:ce:bd:35:ef:d6:f0:90:ab:58:f9:fd:
28:93:a9:63:d1:a5:51:7f:98:00:f7:37:fc:92:53:75:d8:e0:
1f:73:73:a1:04:50:14:80:1f:7c:5e:06:ee:07:18:bc:5a:2f:
96:30:0a:be:6d:84:ff:10:9d:ad:00:ac:d6:8c:20:a5:d6:de:
be:ab:e3:71:6c:b2:67:c1:03:c7:e1:23:14:b0:ff:05:59:51:
ef:2f:88:1c:9b:7c:06:66:32:e0:d1:c9:84:08:5a:a2:d2:cc:
78:db:0d:fc:86:f9:48:88:6c:28:e3:2f:63:85:50:81:da:a6:
75:e1:b0:d2:78:cd:0b:a4:bb:af:57:8c:9b:c1:99:b4:70:e7:
fa:56:44:a0:65:02:dc:ae:aa:77:e3:20:68:e5:70:bb:b3:5b:
b6:a0:4a:90:2e:c0:3e:8e:e8:bb:63:9c:5b:70:f6:52:e0:35:
2d:79:2a:1e:84:9b:7c:9b:7d:27:45:d6:04:cf:20:9a:6d:1f:
99:f6:c5:32:69:d3:ba:17:08:08:39:7a:d6:6d:33:db:e4:b3:
e2:49:8f:a3:ad:81:69:44:a0:cc:05:fb:62:b4:10:4c:75:7d:
f7:bf:77:94
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZexqmEQA1RHZLTwM1OXg16xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDU5ZmQ2ODNlMzU3MGQ2Mzg5NTUzMGNlYjlmMmM4NGZl
ZmUwYTMwHhcNMjUwNjI3MTM1MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhiYzgyZmU4MTNjYzlmZGFhMTBiZjQ2MmE3NTIzZWU3YmU1YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppqPAz43CXx4jznzVsDgzhXwOmYa
hwPZAbDqEFKlC1exh3xrI5xoFIL409HCvn3ldyv1EBfzkxgX8pQj9KlMPg1MmSs2
LQbBEfmkkB/s/UTF9oPu94UHV4f4KDBlfB4vXueZ6piacAy1qcMxt79aVi8xhaWX
XsuUk/8m6yzgICTnjCKhSxm9ZpjdMjIa7euvZyTnL5r14EabmDeqbswEsV7Q+Z0W
+PraflpFfbKoIsF2jEkk5rtBudSYMeleGpouxQNV+vUG9ATG5Co466g9wVM9hvvC
IotfaR82CN0HuKrUQs9+AixPLUYDSQK0TnBrxbwWzKEs+RyMAu1/LZY8AwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHaLyC/oE8yf2qEL9GKnUj7nvlvHMB8GA1UdIwQY
MBaAFBPVn9aD41cNY4lVMM658shP7+CjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYt
MGIxYjMwODk1NjAyLzEvZG92SUwtZ1R6Sl9hb1F2MFlxZFNQdWUtVzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYtMGIxYjMwODk1NjAy
LzEvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQEUROQAwQD
shdQAwQCuRC8AwQCuXO4AwQCuaQEAwQCua2MAwQCuebYAwQCuflIMCIEAgACMBwD
BQMqABpoAwUDKgp8AAMFAyoLVwADBQMqDC0AMA0GCSqGSIb3DQEBCwUAA4IBAQA5
g6QZQTYeWRoawVEqDMZ3BItTak40LQhxzr0179bwkKtY+f0ok6lj0aVRf5gA9zf8
klN12OAfc3OhBFAUgB98XgbuBxi8Wi+WMAq+bYT/EJ2tAKzWjCCl1t6+q+NxbLJn
wQPH4SMUsP8FWVHvL4gcm3wGZjLg0cmECFqi0sx42w38hvlIiGwo4y9jhVCB2qZ1
4bDSeM0LpLuvV4ybwZm0cOf6VkSgZQLcrqp34yBo5XC7s1u2oEqQLsA+jui7Y5xb
cPZS4DUteSoehJt8m30nRdYEzyCabR+Z9sUyadO6FwgIOXrWbTPb5LPiSY+jrYFp
RKDMBftitBBMdX33v3eU
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:58:32 2025 by rpki-client