Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/V8zD_fceDFK7bKm0UJWlvFSbGqc.roa
File: V8zD_fceDFK7bKm0UJWlvFSbGqc.roa (raw, json)
Hash identifier: Le4LPJ6tIhm6aij63pajwkdMuW6+ZunlQYJepBMOhII=
Subject key identifier: 57:CC:C3:FD:F7:1E:0C:52:BB:6C:A9:B4:50:95:A5:BC:54:9B:1A:A7
Certificate issuer: /CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Certificate serial: 019783375B51C68F4AEDDEBF506985E7C2AE
Authority key identifier: 49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/V8zD_fceDFK7bKm0UJWlvFSbGqc.roa
Signing time: Wed 18 Jun 2025 13:25:32 +0000
ROA not before: Wed 18 Jun 2025 13:25:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196655
IP address blocks: 185.40.200.0/22 maxlen: 24
193.142.23.0/24 maxlen: 24
2a00:1f50::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/SanokeBtQid9xPtfvWnpq9jimIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/SanokeBtQid9xPtfvWnpq9jimIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:37:5b:51:c6:8f:4a:ed:de:bf:50:69:85:e7:c2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49a9e891e06d42277dc4fb5fbd69e9abd8e29883
Validity
Not Before: Jun 18 13:25:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57ccc3fdf71e0c52bb6ca9b45095a5bc549b1aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:47:e3:9c:a2:9b:5b:24:d7:b1:70:f7:06:
e3:7e:3e:be:c3:7e:2d:74:10:15:e0:ef:ef:60:9c:
e4:4d:79:28:e3:98:30:8e:b6:13:f7:b3:33:58:29:
f0:de:cb:04:9a:83:90:11:37:a2:52:24:10:42:13:
d2:95:52:d4:38:b1:d0:e9:ad:f1:a6:93:95:71:3a:
06:4a:ea:6d:b9:bd:64:4d:0a:59:8f:77:09:b5:86:
17:5e:2c:cb:b7:d2:3e:fc:fd:28:96:dc:31:87:a8:
52:de:e5:63:ac:c0:77:f0:5e:55:57:bb:05:5f:a4:
e0:0f:6f:56:09:e2:8d:81:69:57:7f:00:e2:0d:2a:
fe:ef:b5:94:ff:f2:75:d0:36:da:c4:a2:f1:e3:ed:
40:42:91:ad:24:67:09:82:b7:5f:19:73:c1:4e:4d:
e4:9c:82:59:9b:1e:ab:91:b2:31:fe:a2:9b:fb:2a:
f1:7e:8e:c3:fd:a0:54:0c:57:81:6b:e9:0f:07:c6:
46:fd:f0:06:38:af:a3:0c:9a:d7:79:6a:77:60:a6:
5d:d5:da:65:4f:4e:48:c4:d5:d7:52:28:32:ba:4a:
ce:1c:e4:f9:be:42:1d:91:59:11:61:c0:e2:2c:55:
15:c2:0b:3a:84:db:56:e5:b5:91:0a:3a:6c:86:7a:
1a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CC:C3:FD:F7:1E:0C:52:BB:6C:A9:B4:50:95:A5:BC:54:9B:1A:A7
X509v3 Authority Key Identifier:
keyid:49:A9:E8:91:E0:6D:42:27:7D:C4:FB:5F:BD:69:E9:AB:D8:E2:98:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SanokeBtQid9xPtfvWnpq9jimIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/V8zD_fceDFK7bKm0UJWlvFSbGqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/53696f-f973-47fb-8d79-addc6d4bb2e7/1/SanokeBtQid9xPtfvWnpq9jimIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.200.0/22
193.142.23.0/24
IPv6:
2a00:1f50::/32
Signature Algorithm: sha256WithRSAEncryption
14:a5:f3:c5:d4:5b:fe:65:9e:46:52:54:44:ea:f0:37:2c:a3:
b5:e5:18:ff:bd:be:56:ab:99:bc:ea:8e:a2:6f:7e:97:b3:21:
3d:a3:4c:c6:1d:19:c6:3a:39:b5:74:7a:27:7c:82:d0:a8:28:
0f:6a:91:16:ee:f4:37:d5:a4:da:fe:86:65:04:82:f9:da:81:
94:59:35:55:fc:7b:0b:40:d7:9e:40:20:34:a3:c6:80:79:d4:
8f:3f:3a:dc:ab:2f:3e:1e:ba:af:36:3a:31:ce:ea:5f:4f:45:
d1:94:aa:25:fe:01:9e:08:a5:7d:83:18:e6:6a:b2:dc:f4:2c:
3a:b4:66:9e:b6:63:05:2c:ba:65:fd:d5:f3:5b:d2:cc:c1:e8:
00:fb:1b:a5:60:86:f5:67:31:39:ae:5a:94:33:8d:49:a1:1b:
65:d7:1c:42:95:cb:bc:89:51:66:9b:08:60:1d:3f:ce:d6:4a:
3a:7d:02:03:bd:29:ad:0e:99:26:eb:9b:4b:5f:ca:be:fa:b9:
28:f4:d2:f8:3c:a5:a5:10:06:0a:b2:38:6c:29:82:e2:de:f4:
55:91:99:56:27:f3:bf:36:d0:c3:8e:33:78:e5:db:2b:e2:7b:
b7:60:0f:d9:d6:2b:a7:10:78:a9:fa:9f:e0:34:06:34:11:72:
f1:9e:88:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZeDN1tRxo9K7d6/UGmF58KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YTllODkxZTA2ZDQyMjc3ZGM0ZmI1ZmJkNjllOWFiZDhl
Mjk4ODMwHhcNMjUwNjE4MTMyNTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2NjYzNmZGY3MWUwYzUyYmI2Y2E5YjQ1MDk1YTViYzU0OWIxYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqZH45yim1sk17Fw9wbjfj6+w34t
dBAV4O/vYJzkTXko45gwjrYT97MzWCnw3ssEmoOQETeiUiQQQhPSlVLUOLHQ6a3x
ppOVcToGSuptub1kTQpZj3cJtYYXXizLt9I+/P0oltwxh6hS3uVjrMB38F5VV7sF
X6TgD29WCeKNgWlXfwDiDSr+77WU//J10DbaxKLx4+1AQpGtJGcJgrdfGXPBTk3k
nIJZmx6rkbIx/qKb+yrxfo7D/aBUDFeBa+kPB8ZG/fAGOK+jDJrXeWp3YKZd1dpl
T05IxNXXUigyukrOHOT5vkIdkVkRYcDiLFUVwgs6hNtW5bWRCjpshnoaVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFfMw/33HgxSu2yptFCVpbxUmxqnMB8GA1UdIwQY
MBaAFEmp6JHgbUInfcT7X71p6avY4piDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzkt
YWRkYzZkNGJiMmU3LzEvVjh6RF9mY2VERks3YkttMFVKV2x2RlNiR3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81MzY5NmYtZjk3My00N2ZiLThkNzktYWRkYzZkNGJiMmU3
LzEvU2Fub2tlQnRRaWQ5eFB0ZnZXbnBxOWppbUlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSjIAwQA
wY4XMA0EAgACMAcDBQAqAB9QMA0GCSqGSIb3DQEBCwUAA4IBAQAUpfPF1Fv+ZZ5G
UlRE6vA3LKO15Rj/vb5Wq5m86o6ib36XsyE9o0zGHRnGOjm1dHonfILQqCgPapEW
7vQ31aTa/oZlBIL52oGUWTVV/HsLQNeeQCA0o8aAedSPPzrcqy8+HrqvNjoxzupf
T0XRlKol/gGeCKV9gxjmarLc9Cw6tGaetmMFLLpl/dXzW9LMwegA+xulYIb1ZzE5
rlqUM41JoRtl1xxClcu8iVFmmwhgHT/O1ko6fQIDvSmtDpkm65tLX8q++rko9NL4
PKWlEAYKsjhsKYLi3vRVkZlWJ/O/NtDDjjN45dsr4nu3YA/Z1iunEHip+p/gNAY0
EXLxnojR
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:01:27 2025 by rpki-client