Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/cvu6AF9AbPQ5N7Uqaphvk_JniE0.roa
File: cvu6AF9AbPQ5N7Uqaphvk_JniE0.roa (raw, json)
Hash identifier: IBo2+GfVZ1wUI21/57/jiuNuhDw/yLxaNs96bhzy1Eo=
Subject key identifier: 72:FB:BA:00:5F:40:6C:F4:39:37:B5:2A:6A:98:6F:93:F2:67:88:4D
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0198B8129D0E01C490926092E05E75E0F70F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/cvu6AF9AbPQ5N7Uqaphvk_JniE0.roa
Signing time: Sun 17 Aug 2025 12:48:04 +0000
ROA not before: Sun 17 Aug 2025 12:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 2.59.216.0/24 maxlen: 24
2.59.217.0/24 maxlen: 24
171.22.182.0/24 maxlen: 24
171.22.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b8:12:9d:0e:01:c4:90:92:60:92:e0:5e:75:e0:f7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Aug 17 12:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72fbba005f406cf43937b52a6a986f93f267884d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fb:5b:59:0a:a8:05:dc:c3:ce:05:7b:75:a3:
95:cb:5d:0a:5e:43:fa:29:d4:3e:8d:4a:13:d5:cc:
1a:53:e0:98:3e:0e:4f:4e:7e:98:37:58:ba:7a:77:
9c:16:28:7b:54:6a:7f:98:3f:0c:d3:ca:47:83:fa:
88:62:e5:57:ae:a3:5b:39:d4:c8:8b:94:b6:82:41:
88:19:25:50:bf:04:28:83:36:76:0d:a1:9a:ae:7e:
2d:a5:d8:ff:33:8a:fb:b5:4f:0d:3c:04:92:fb:63:
0b:b4:50:97:3d:35:31:fe:6c:a3:62:96:2d:74:c2:
75:df:cb:4c:dc:7a:a7:78:a5:dd:82:ea:48:5b:41:
a6:cb:ac:74:be:06:ea:75:16:2d:a3:20:78:05:5b:
ab:32:68:3a:35:65:62:45:3c:b8:cf:b9:a8:6c:23:
2f:55:6b:f2:f0:1b:83:39:a8:f0:e0:8f:fb:58:5f:
10:a9:e9:f5:4e:71:4e:9f:0c:bc:3d:6e:c3:c1:54:
2e:e6:da:d9:1a:bc:a2:e7:54:2c:67:44:c1:45:19:
dd:a8:74:82:b7:7e:44:ba:bc:c7:62:6b:63:28:87:
9f:24:ee:62:57:25:85:73:72:68:e3:54:da:65:14:
9d:61:55:10:ae:64:94:bc:e9:0c:48:8f:d4:61:75:
d4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FB:BA:00:5F:40:6C:F4:39:37:B5:2A:6A:98:6F:93:F2:67:88:4D
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/cvu6AF9AbPQ5N7Uqaphvk_JniE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.216.0/23
171.22.182.0/23
Signature Algorithm: sha256WithRSAEncryption
18:4b:c6:09:fb:43:48:47:4d:41:f1:e6:4d:c5:ef:3f:de:3b:
a1:d8:21:3e:82:30:17:53:02:4c:da:5f:2a:d9:ae:64:9d:db:
5f:c8:93:26:8a:be:12:a4:62:38:c6:0c:c9:0f:aa:65:45:e9:
37:80:94:08:c9:aa:da:c7:c5:13:2d:80:67:10:0e:df:76:72:
8b:78:df:c1:8e:e9:e4:a0:63:26:55:60:04:9a:e8:5a:1d:bd:
44:26:58:4a:32:94:89:98:82:18:1b:dd:21:97:a8:21:c9:c4:
10:62:5d:6e:98:c8:33:e0:b6:ee:2f:d1:76:27:71:a3:90:00:
52:59:7f:6a:d2:1f:a0:ef:a9:5e:9b:cf:a4:9f:42:9e:56:95:
2e:09:80:c4:5a:a6:46:ff:69:f0:d6:c1:4a:fc:a7:94:f6:94:
85:80:4a:5d:0e:db:43:11:15:53:4f:24:7c:d1:73:14:1f:fc:
d0:5e:d8:82:d2:c1:26:f6:f2:73:3b:98:6f:e3:61:cb:1f:fb:
46:f0:ae:7e:b0:44:19:73:35:c3:3e:94:5f:15:8c:58:f2:c9:
4b:73:e1:b0:64:f9:28:1c:c3:e6:ba:17:c5:99:2b:81:bb:f1:
13:04:ef:50:08:b9:b7:a8:b8:36:52:2c:dd:0b:76:c6:82:30:
9e:46:d1:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZi4Ep0OAcSQkmCS4F514PcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwODE3MTI0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZiYmEwMDVmNDA2Y2Y0MzkzN2I1MmE2YTk4NmY5M2YyNjc4ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/tbWQqoBdzDzgV7daOVy10KXkP6
KdQ+jUoT1cwaU+CYPg5PTn6YN1i6enecFih7VGp/mD8M08pHg/qIYuVXrqNbOdTI
i5S2gkGIGSVQvwQogzZ2DaGarn4tpdj/M4r7tU8NPASS+2MLtFCXPTUx/myjYpYt
dMJ138tM3HqneKXdgupIW0Gmy6x0vgbqdRYtoyB4BVurMmg6NWViRTy4z7mobCMv
VWvy8BuDOajw4I/7WF8Qqen1TnFOnwy8PW7DwVQu5trZGryi51QsZ0TBRRndqHSC
t35EurzHYmtjKIefJO5iVyWFc3Jo41TaZRSdYVUQrmSUvOkMSI/UYXXUMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHL7ugBfQGz0OTe1KmqYb5PyZ4hNMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvY3Z1NkFGOUFiUFE1TjdVcWFwaHZrX0puaUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjvYAwQB
qxa2MA0GCSqGSIb3DQEBCwUAA4IBAQAYS8YJ+0NIR01B8eZNxe8/3juh2CE+gjAX
UwJM2l8q2a5kndtfyJMmir4SpGI4xgzJD6plRek3gJQIyarax8UTLYBnEA7fdnKL
eN/BjunkoGMmVWAEmuhaHb1EJlhKMpSJmIIYG90hl6ghycQQYl1umMgz4LbuL9F2
J3GjkABSWX9q0h+g76lem8+kn0KeVpUuCYDEWqZG/2nw1sFK/KeU9pSFgEpdDttD
ERVTTyR80XMUH/zQXtiC0sEm9vJzO5hv42HLH/tG8K5+sEQZczXDPpRfFYxY8slL
c+GwZPkoHMPmuhfFmSuBu/ETBO9QCLm3qLg2UizdC3bGgjCeRtFm
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:46:11 2025 by rpki-client