Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/SDCXJRx9t-reL4bUfwMKb-d-1i4.roa
File: SDCXJRx9t-reL4bUfwMKb-d-1i4.roa (raw, json)
Hash identifier: 2Gg2H/tNKWSSCtlp3H67jpnMKBrH5KntZDcE5+4ZVrQ=
Subject key identifier: 48:30:97:25:1C:7D:B7:EA:DE:2F:86:D4:7F:03:0A:6F:E7:7E:D6:2E
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0198B44CBB9749F8ED9AC70024BC68D552AB
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/SDCXJRx9t-reL4bUfwMKb-d-1i4.roa
Signing time: Sat 16 Aug 2025 19:13:04 +0000
ROA not before: Sat 16 Aug 2025 19:13:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 82.139.233.0/24 maxlen: 24
82.139.234.0/24 maxlen: 24
82.139.236.0/24 maxlen: 24
82.139.237.0/24 maxlen: 24
82.139.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b4:4c:bb:97:49:f8:ed:9a:c7:00:24:bc:68:d5:52:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Aug 16 19:13:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=483097251c7db7eade2f86d47f030a6fe77ed62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:ba:15:05:20:d1:d8:31:1c:98:41:db:ef:
2d:f0:67:ed:88:8c:58:2f:b9:d7:47:58:46:8f:89:
e9:f9:51:77:8e:1e:04:06:bd:84:d4:4c:31:4a:d7:
7c:59:6d:c0:5c:4a:4f:f8:94:57:ba:74:92:ce:eb:
08:95:ac:34:e9:c0:fb:76:70:2b:2d:e6:90:ea:9f:
d6:49:d4:a7:b6:e0:dc:64:a9:28:27:b3:72:a6:ed:
57:da:ef:53:81:dd:b5:be:7f:cd:00:7a:d8:d0:17:
81:87:dc:3a:28:7f:08:a3:67:ba:52:ba:13:8e:4a:
ed:88:a6:d9:f0:af:73:aa:08:47:30:86:56:69:dc:
11:d6:44:80:9b:39:87:f9:e2:e5:0a:d7:e8:1f:48:
95:cc:d8:45:ce:5e:52:a3:ce:1f:a7:75:7f:ce:1d:
15:82:64:ee:48:85:dd:0c:e3:ff:67:de:87:bf:10:
93:17:8b:29:65:7a:e9:45:bd:55:09:1a:cc:d1:09:
0b:ec:1c:09:65:8d:36:ae:5c:ff:94:86:11:48:78:
fc:c4:a4:0c:8c:d0:71:3a:a5:14:5a:bc:6d:18:e2:
cb:17:e8:60:c9:09:f4:0a:d8:c9:bb:7c:43:86:f0:
af:e4:f8:21:bb:47:66:15:61:ff:0d:65:ce:cc:ad:
c0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:30:97:25:1C:7D:B7:EA:DE:2F:86:D4:7F:03:0A:6F:E7:7E:D6:2E
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/SDCXJRx9t-reL4bUfwMKb-d-1i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.233.0-82.139.234.255
82.139.236.0-82.139.238.255
Signature Algorithm: sha256WithRSAEncryption
6f:e4:b6:84:2b:97:50:e2:a4:67:29:33:c3:7f:37:cb:18:55:
bb:ea:3f:5f:c7:c7:f8:d1:a7:65:00:a6:2d:e3:16:f7:93:a5:
18:31:d7:59:33:a6:54:93:3c:80:0a:40:5d:c4:38:bb:de:af:
4a:ae:b2:14:7c:35:e5:b0:65:72:58:45:17:bf:cb:27:70:8e:
5d:65:2c:ea:a1:59:2b:4d:7c:dc:95:85:52:a7:34:c5:b2:9b:
0c:e6:10:73:2f:35:06:0d:a8:22:6f:ac:72:8c:f8:fc:60:95:
90:2b:23:00:33:5d:01:f3:48:00:31:32:53:00:b1:7c:db:15:
4a:df:18:3f:0d:70:41:2b:73:c7:00:ce:ac:32:4d:0c:9d:ff:
a6:51:5b:25:f9:2c:ef:2d:e4:e7:35:d3:f0:72:c4:03:90:30:
bd:0e:8c:be:cb:41:7a:6e:7d:40:65:9b:49:f3:7c:08:81:a0:
67:44:30:9d:24:1f:a1:f1:dd:88:28:b2:c0:31:5f:ce:4d:db:
74:42:38:68:f8:12:55:ce:73:ac:29:f9:e7:0d:1b:13:6c:6a:
14:1f:89:ce:0f:fe:76:a5:3a:97:fa:bc:cc:7d:0f:5a:06:60:
93:71:d9:0c:d3:6f:c2:43:6b:85:53:4c:f8:99:76:78:23:88:
e0:28:6b:1e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZi0TLuXSfjtmscAJLxo1VKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwODE2MTkxMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMwOTcyNTFjN2RiN2VhZGUyZjg2ZDQ3ZjAzMGE2ZmU3N2VkNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16S6FQUg0dgxHJhB2+8t8GftiIxY
L7nXR1hGj4np+VF3jh4EBr2E1EwxStd8WW3AXEpP+JRXunSSzusIlaw06cD7dnAr
LeaQ6p/WSdSntuDcZKkoJ7Nypu1X2u9Tgd21vn/NAHrY0BeBh9w6KH8Io2e6UroT
jkrtiKbZ8K9zqghHMIZWadwR1kSAmzmH+eLlCtfoH0iVzNhFzl5So84fp3V/zh0V
gmTuSIXdDOP/Z96HvxCTF4spZXrpRb1VCRrM0QkL7BwJZY02rlz/lIYRSHj8xKQM
jNBxOqUUWrxtGOLLF+hgyQn0CtjJu3xDhvCv5Pghu0dmFWH/DWXOzK3A3QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEgwlyUcfbfq3i+G1H8DCm/nftYuMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvU0RDWEpSeDl0LXJlTDRiVWZ3TUtiLWQtMWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABSi+kD
BABSi+owDAMEAlKL7AMEAFKL7jANBgkqhkiG9w0BAQsFAAOCAQEAb+S2hCuXUOKk
Zykzw383yxhVu+o/X8fH+NGnZQCmLeMW95OlGDHXWTOmVJM8gApAXcQ4u96vSq6y
FHw15bBlclhFF7/LJ3COXWUs6qFZK0183JWFUqc0xbKbDOYQcy81Bg2oIm+scoz4
/GCVkCsjADNdAfNIADEyUwCxfNsVSt8YPw1wQStzxwDOrDJNDJ3/plFbJfks7y3k
5zXT8HLEA5AwvQ6MvstBem59QGWbSfN8CIGgZ0QwnSQfofHdiCiywDFfzk3bdEI4
aPgSVc5zrCn55w0bE2xqFB+Jzg/+dqU6l/q8zH0PWgZgk3HZDNNvwkNrhVNM+Jl2
eCOI4ChrHg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:52:31 2025 by rpki-client