Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/ewZSVtLlMKbZRioDRSGf8H0IaLA.roa
File: ewZSVtLlMKbZRioDRSGf8H0IaLA.roa (raw, json)
Hash identifier: cBUrQBxHZc9doLajihiHlq4PDgUK5KQSHA/948O3rQg=
Subject key identifier: 7B:06:52:56:D2:E5:30:A6:D9:46:2A:03:45:21:9F:F0:7D:08:68:B0
Certificate issuer: /CN=213e1d50d52288bee80eea435577018712409bbe
Certificate serial: 01977DE6A87CFFA65506BFFC0E905ED399F2
Authority key identifier: 21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/ewZSVtLlMKbZRioDRSGf8H0IaLA.roa
Signing time: Tue 17 Jun 2025 12:39:17 +0000
ROA not before: Tue 17 Jun 2025 12:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211496
IP address blocks: 185.130.90.0/24 maxlen: 24
185.195.252.0/24 maxlen: 24
193.22.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 12:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:e6:a8:7c:ff:a6:55:06:bf:fc:0e:90:5e:d3:99:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213e1d50d52288bee80eea435577018712409bbe
Validity
Not Before: Jun 17 12:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b065256d2e530a6d9462a0345219ff07d0868b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:40:f4:dd:f3:3b:00:42:14:18:d1:55:18:
ba:0a:6e:27:63:44:5e:2e:eb:fb:1d:c7:5f:1d:df:
7b:cd:9b:a2:08:ed:9c:ae:c6:32:6e:47:79:10:bf:
65:48:b4:26:33:7c:b4:c9:c4:d0:72:87:2a:36:66:
11:cb:aa:07:fb:53:c0:7a:57:bf:80:96:07:31:81:
6b:19:5f:b3:92:6c:18:2a:9f:4d:89:8d:c9:b0:0c:
2e:79:77:8a:88:58:4f:35:c5:48:99:08:ba:42:f2:
dd:31:71:ce:d9:dc:2c:a3:0d:b2:b3:90:e8:0f:26:
27:79:cc:ca:3b:cb:73:2f:86:89:79:74:79:b4:f2:
06:e1:cf:b4:e6:8d:5e:d2:43:20:3a:3c:17:75:2e:
f9:75:99:9a:ac:60:7c:9c:c3:e5:ea:0d:7f:dc:17:
d4:fd:30:75:5e:dd:73:fb:d3:c5:1e:72:ff:74:e1:
5c:73:ce:32:1f:5a:2b:83:fe:b7:65:c7:27:d4:1e:
bd:8b:57:22:1e:93:ba:3a:fb:e3:27:b3:cd:6c:a8:
ca:e3:8a:ca:47:02:bd:e8:9e:79:ec:25:48:42:8f:
3a:4e:53:78:00:6f:a1:b7:c2:97:18:93:cf:fc:8f:
15:19:57:5f:f4:1a:ca:f1:fe:67:dc:3a:0b:85:e6:
20:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:06:52:56:D2:E5:30:A6:D9:46:2A:03:45:21:9F:F0:7D:08:68:B0
X509v3 Authority Key Identifier:
keyid:21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/ewZSVtLlMKbZRioDRSGf8H0IaLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.90.0/24
185.195.252.0/24
193.22.12.0/24
Signature Algorithm: sha256WithRSAEncryption
36:35:f5:e5:b4:67:39:4c:bb:e9:fe:5f:e2:2b:16:e6:4d:29:
b1:19:a8:00:49:02:59:e3:c6:8f:7c:0e:0c:a3:53:90:1e:09:
ff:b0:f1:35:e8:b4:4e:32:99:d8:2e:9c:3b:aa:09:b5:78:46:
c3:b1:13:79:37:46:e0:fa:3d:1c:c0:67:1a:3f:57:26:89:2d:
a2:f9:cd:98:1c:5a:f5:d1:4e:12:1b:6e:8e:63:8f:fd:ea:41:
b1:97:20:8c:6d:11:84:7f:3a:c2:5e:5d:ae:52:5e:d7:1d:a1:
fa:a1:11:bc:cf:21:3c:11:29:18:19:80:4e:b3:81:65:1c:10:
a5:ba:dc:43:d9:d0:88:64:f2:5a:d7:da:01:a9:cc:55:d3:4e:
30:f1:7c:a6:56:6b:f6:0d:37:cf:95:b6:97:61:65:c8:a6:b4:
d7:d5:46:62:9c:e6:15:19:c8:e1:c1:61:57:b8:4d:a9:c9:08:
5a:8c:32:7c:e8:ad:81:ff:db:e4:93:f6:96:5e:aa:ea:72:a4:
d9:a3:b6:70:1a:5f:31:84:3f:70:c4:65:e5:98:62:a2:b5:5b:
4f:16:b0:23:81:bf:1d:c5:14:6b:da:50:ba:ba:54:ae:f0:8d:
c3:c8:49:e8:53:6b:c6:e7:b4:da:68:e4:8c:67:c8:f4:3d:3f:
55:db:af:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZd95qh8/6ZVBr/8DpBe05nyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2UxZDUwZDUyMjg4YmVlODBlZWE0MzU1NzcwMTg3MTI0
MDliYmUwHhcNMjUwNjE3MTIzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjA2NTI1NmQyZTUzMGE2ZDk0NjJhMDM0NTIxOWZmMDdkMDg2OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO5A9N3zOwBCFBjRVRi6Cm4nY0Re
Luv7HcdfHd97zZuiCO2crsYybkd5EL9lSLQmM3y0ycTQcocqNmYRy6oH+1PAele/
gJYHMYFrGV+zkmwYKp9NiY3JsAwueXeKiFhPNcVImQi6QvLdMXHO2dwsow2ys5Do
DyYneczKO8tzL4aJeXR5tPIG4c+05o1e0kMgOjwXdS75dZmarGB8nMPl6g1/3BfU
/TB1Xt1z+9PFHnL/dOFcc84yH1org/63Zccn1B69i1ciHpO6OvvjJ7PNbKjK44rK
RwK96J557CVIQo86TlN4AG+ht8KXGJPP/I8VGVdf9BrK8f5n3DoLheYgEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsGUlbS5TCm2UYqA0Uhn/B9CGiwMB8GA1UdIwQY
MBaAFCE+HVDVIoi+6A7qQ1V3AYcSQJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYt
MzE2ZWYyNjFmNGE1LzEvZXdaU1Z0TGxNS2JaUmlvRFJTR2Y4SDBJYUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYtMzE2ZWYyNjFmNGE1
LzEvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuYJaAwQA
ucP8AwQAwRYMMA0GCSqGSIb3DQEBCwUAA4IBAQA2NfXltGc5TLvp/l/iKxbmTSmx
GagASQJZ48aPfA4Mo1OQHgn/sPE16LROMpnYLpw7qgm1eEbDsRN5N0bg+j0cwGca
P1cmiS2i+c2YHFr10U4SG26OY4/96kGxlyCMbRGEfzrCXl2uUl7XHaH6oRG8zyE8
ESkYGYBOs4FlHBClutxD2dCIZPJa19oBqcxV004w8XymVmv2DTfPlbaXYWXIprTX
1UZinOYVGcjhwWFXuE2pyQhajDJ86K2B/9vkk/aWXqrqcqTZo7ZwGl8xhD9wxGXl
mGKitVtPFrAjgb8dxRRr2lC6ulSu8I3DyEnoU2vG57TaaOSMZ8j0PT9V26/e
-----END CERTIFICATE-----
Generated at Sun Jun 29 18:50:01 2025 by rpki-client