Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/xDz2yFNogKXgNdjcw-9O61_cLr0.roa
File: xDz2yFNogKXgNdjcw-9O61_cLr0.roa (raw, json)
Hash identifier: xZbD/0bkTbFPWIFZs2iZleXxCUBZQXF3vUVmN0PJ3a8=
Subject key identifier: C4:3C:F6:C8:53:68:80:A5:E0:35:D8:DC:C3:EF:4E:EB:5F:DC:2E:BD
Certificate issuer: /CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Certificate serial: 0198BDB32F8DBD23A9D2A7F98B9695923F6F
Authority key identifier: F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/xDz2yFNogKXgNdjcw-9O61_cLr0.roa
Signing time: Mon 18 Aug 2025 15:01:33 +0000
ROA not before: Mon 18 Aug 2025 15:01:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31493
IP address blocks: 185.76.39.0/24 maxlen: 24
212.124.192.0/19 maxlen: 19
212.124.192.0/20 maxlen: 20
212.124.208.0/22 maxlen: 22
2a00:19e8::/29 maxlen: 29
2a00:19e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:b3:2f:8d:bd:23:a9:d2:a7:f9:8b:96:95:92:3f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Validity
Not Before: Aug 18 15:01:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c43cf6c8536880a5e035d8dcc3ef4eeb5fdc2ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:1f:e8:e8:37:ea:c8:52:18:7f:f1:8c:9f:
09:bb:7e:40:f8:fa:5b:f5:07:d3:3e:0a:37:9c:11:
0c:5f:11:d8:2d:d3:2e:34:50:24:14:af:df:ce:7e:
e2:dd:10:67:0b:d2:5a:e7:b4:d3:a3:c4:00:71:9f:
a8:0b:51:7b:58:92:08:e1:a0:cf:98:80:e5:2e:03:
b9:33:2d:82:fc:f9:c3:bc:82:26:f5:01:6c:61:2b:
7b:7e:53:44:57:1b:5a:03:b3:67:0d:85:fa:0c:3d:
f2:7e:c0:5e:3d:d0:2b:ac:18:4d:24:d6:6f:98:17:
6d:7e:0b:21:ed:f8:85:fb:c3:77:68:8f:5b:39:79:
5a:69:e8:45:01:24:c3:c4:b4:7c:00:c6:d4:76:ec:
1e:43:9a:9d:fe:c5:67:b0:6a:d7:d9:ef:44:88:80:
6f:0a:91:91:1c:7d:bf:25:ff:db:99:38:40:14:bf:
0b:ac:a0:08:93:62:5d:7a:8c:cf:84:d8:42:71:1e:
7b:d7:ba:0c:e5:cb:23:e9:be:eb:07:3e:a1:5d:9e:
a3:c8:bf:37:b3:11:99:ff:d0:a1:cc:01:01:ac:cd:
0d:50:c5:c1:20:b5:5b:15:a2:db:40:cf:16:d8:df:
fd:41:8c:b7:aa:6c:98:f8:35:5f:ee:d3:46:eb:49:
5f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3C:F6:C8:53:68:80:A5:E0:35:D8:DC:C3:EF:4E:EB:5F:DC:2E:BD
X509v3 Authority Key Identifier:
keyid:F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/xDz2yFNogKXgNdjcw-9O61_cLr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.39.0/24
212.124.192.0/19
IPv6:
2a00:19e8::/29
Signature Algorithm: sha256WithRSAEncryption
4e:fe:9a:51:a7:5b:43:bc:78:07:de:52:56:aa:d8:ab:c6:31:
08:6c:77:cf:f7:70:3f:6e:95:e5:21:66:92:49:d2:50:22:e6:
27:dd:00:b6:82:ba:b3:18:4e:ed:ae:e1:04:df:a8:a8:79:62:
48:5d:d3:70:50:0a:10:10:9b:40:54:c8:68:44:18:76:75:d8:
fc:f6:d9:a8:a3:f8:69:4c:47:53:b6:00:e9:df:56:df:b1:50:
44:4d:a2:1a:df:9e:78:9e:e1:60:99:8d:e0:ff:a3:62:47:f8:
25:44:a7:3f:c9:b1:9d:ed:d6:03:64:6f:64:22:9d:92:d2:9e:
c9:55:5f:f0:57:2e:29:db:ab:04:3e:ff:61:95:55:6d:e8:78:
bd:45:e9:31:32:98:bf:fa:5c:37:f4:1c:00:89:24:0b:3b:16:
f9:7b:75:1e:b9:5b:1c:92:33:24:a4:4a:3f:c1:16:49:58:a9:
1f:91:4a:7d:8a:ab:eb:22:28:3c:e4:8e:28:f3:be:8c:83:03:
aa:cb:fd:e3:c7:f7:ef:89:ef:98:30:d4:d3:0b:1d:ce:7d:1a:
29:08:1c:fb:b1:09:08:50:f6:8c:6e:b5:da:ba:ba:07:bb:75:
bd:66:88:1e:3c:cb:64:a0:4d:ed:8c:b7:80:f7:68:67:77:1c:
a0:3b:1a:14
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZi9sy+NvSOp0qf5i5aVkj9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YzllMDMwNWNmZWQ1Nzk0NDQ4NzMyYThiMGJkODQyNzQ1
MGQ4MTMwHhcNMjUwODE4MTUwMTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNjZjZjODUzNjg4MGE1ZTAzNWQ4ZGNjM2VmNGVlYjVmZGMyZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3Yf6Og36shSGH/xjJ8Ju35A+Ppb
9QfTPgo3nBEMXxHYLdMuNFAkFK/fzn7i3RBnC9Ja57TTo8QAcZ+oC1F7WJII4aDP
mIDlLgO5My2C/PnDvIIm9QFsYSt7flNEVxtaA7NnDYX6DD3yfsBePdArrBhNJNZv
mBdtfgsh7fiF+8N3aI9bOXlaaehFASTDxLR8AMbUduweQ5qd/sVnsGrX2e9EiIBv
CpGRHH2/Jf/bmThAFL8LrKAIk2JdeozPhNhCcR5717oM5csj6b7rBz6hXZ6jyL83
sxGZ/9ChzAEBrM0NUMXBILVbFaLbQM8W2N/9QYy3qmyY+DVf7tNG60lfMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMQ89shTaICl4DXY3MPvTutf3C69MB8GA1UdIwQY
MBaAFPnJ4DBc/tV5REhzKosL2EJ0UNgTMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jbmdNRnotMVhsRVNITXFpd3ZZUW5SUTJCTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0
LTJmYmIyMDhhZDE4Mi8xL3hEejJ5Rk5vZ0tYZ05kamN3LTlPNjFfY0xyMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0LTJmYmIyMDhhZDE4
Mi8xLzEtY25nTUZ6LTFYbEVTSE1xaXd2WVFuUlEyQk0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAC5TCcD
BAXUfMAwDQQCAAIwBwMFAyoAGegwDQYJKoZIhvcNAQELBQADggEBAE7+mlGnW0O8
eAfeUlaq2KvGMQhsd8/3cD9uleUhZpJJ0lAi5ifdALaCurMYTu2u4QTfqKh5Ykhd
03BQChAQm0BUyGhEGHZ12Pz22aij+GlMR1O2AOnfVt+xUERNohrfnnie4WCZjeD/
o2JH+CVEpz/JsZ3t1gNkb2QinZLSnslVX/BXLinbqwQ+/2GVVW3oeL1F6TEymL/6
XDf0HACJJAs7Fvl7dR65WxySMySkSj/BFklYqR+RSn2Kq+siKDzkjijzvoyDA6rL
/ePH9++J75gw1NMLHc59GikIHPuxCQhQ9oxutdq6uge7db1miB48y2SgTe2Mt4D3
aGd3HKA7GhQ=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:50:01 2025 by rpki-client