Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cY9rRxfKetl9JpAQeO01ZRGRSCA.roa
File: cY9rRxfKetl9JpAQeO01ZRGRSCA.roa (raw, json)
Hash identifier: FB37WdBChmPGxH4V77jlN5UscH07BPKuuXE/RDQWhYw=
Subject key identifier: 71:8F:6B:47:17:CA:7A:D9:7D:26:90:10:78:ED:35:65:11:91:48:20
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 0197C03FE712EEE97272F61EEC175E01A491
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cY9rRxfKetl9JpAQeO01ZRGRSCA.roa
Signing time: Mon 30 Jun 2025 09:51:42 +0000
ROA not before: Mon 30 Jun 2025 09:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206120
IP address blocks: 185.155.175.0/24 maxlen: 24
185.195.248.0/22 maxlen: 22
185.195.248.0/24 maxlen: 24
185.195.249.0/24 maxlen: 24
185.195.251.0/24 maxlen: 24
194.147.172.0/24 maxlen: 24
194.147.227.0/24 maxlen: 24
194.147.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:3f:e7:12:ee:e9:72:72:f6:1e:ec:17:5e:01:a4:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jun 30 09:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=718f6b4717ca7ad97d26901078ed356511914820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c5:70:b0:75:6f:b5:bb:d7:9e:37:98:b4:46:
79:98:f9:51:16:59:78:49:c5:72:e2:bf:e9:a2:da:
13:08:7a:c1:70:ca:dd:51:f1:74:32:02:f2:df:2c:
e1:3d:4c:9c:64:fd:38:99:ec:6c:77:33:5a:d9:f7:
a4:3b:e6:1c:fb:49:29:c9:2d:75:9a:b9:d5:c9:23:
ca:35:29:50:8b:74:dc:a7:93:1d:03:6a:15:56:6d:
fb:15:bc:ce:6a:f4:76:a6:7c:24:74:7b:89:c0:e0:
bb:c7:b2:b5:2f:6f:d0:c1:fd:8a:38:87:23:6e:f9:
e9:43:44:05:51:95:60:14:89:66:7c:ec:ef:ba:54:
67:c7:f7:7a:cf:32:02:08:3d:94:30:01:e4:9b:8e:
7a:19:10:e7:22:c1:96:83:c1:28:5b:21:a7:7f:db:
c7:aa:56:fb:cb:36:f0:d0:e8:e4:f7:70:c9:e7:a7:
71:ec:b5:06:b1:20:27:91:a1:d9:92:7b:f3:e3:aa:
aa:74:e2:7f:c8:89:0d:3c:e7:97:7d:0f:94:39:83:
f5:51:ae:b1:af:27:2d:8d:c6:0f:df:b7:14:49:99:
27:fc:81:0b:2f:9b:b0:0f:97:17:43:5a:04:13:22:
65:4d:e9:3f:3f:de:4b:53:88:9c:53:b8:13:13:58:
3e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8F:6B:47:17:CA:7A:D9:7D:26:90:10:78:ED:35:65:11:91:48:20
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cY9rRxfKetl9JpAQeO01ZRGRSCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.175.0/24
185.195.248.0/22
194.147.172.0/24
194.147.227.0-194.147.228.255
Signature Algorithm: sha256WithRSAEncryption
88:9c:33:4b:f1:d7:ff:28:57:f2:34:61:0a:41:97:fe:bf:5c:
98:6e:17:50:f7:0d:ae:36:45:94:01:05:96:d3:94:e3:db:04:
e2:2f:6e:8f:f7:5a:c9:33:4e:b0:bf:0f:ef:0d:8a:55:61:32:
41:79:2e:04:98:59:b7:b9:59:28:2d:5a:3c:79:29:e7:f9:d7:
38:b8:7b:d6:34:0c:11:84:80:fb:3d:98:d4:5f:af:0a:2a:f4:
d4:fd:59:0a:17:b9:21:f0:8d:41:1a:be:9e:16:07:53:33:08:
f8:86:ab:90:89:9c:c3:b6:26:03:21:d4:05:54:b2:81:f5:2e:
cd:82:7a:f4:0e:f7:bd:87:9d:a8:16:67:7d:93:fa:20:24:9a:
b5:52:de:39:c5:6e:c4:75:41:40:11:3d:21:c6:df:bf:05:24:
3d:96:be:e2:bb:7b:f5:aa:ad:40:f3:c7:c2:8c:3f:68:72:a3:
7f:db:c8:a6:bf:49:a8:4e:d1:c4:72:61:a2:4b:76:f0:29:a8:
b4:90:85:a1:c7:ef:9d:94:d9:11:6b:0a:63:87:60:1e:6e:96:
5a:5c:64:7e:9a:38:db:79:c1:09:3f:fc:c2:6a:73:8f:50:56:
00:fa:0f:7c:0c:a4:92:d3:b1:0b:31:ee:45:42:f3:cf:a9:ed:
35:15:bf:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfAP+cS7ulycvYe7BdeAaSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjUwNjMwMDk1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MThmNmI0NzE3Y2E3YWQ5N2QyNjkwMTA3OGVkMzU2NTExOTE0ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMVwsHVvtbvXnjeYtEZ5mPlRFll4
ScVy4r/potoTCHrBcMrdUfF0MgLy3yzhPUycZP04mexsdzNa2fekO+Yc+0kpyS11
mrnVySPKNSlQi3Tcp5MdA2oVVm37FbzOavR2pnwkdHuJwOC7x7K1L2/Qwf2KOIcj
bvnpQ0QFUZVgFIlmfOzvulRnx/d6zzICCD2UMAHkm456GRDnIsGWg8EoWyGnf9vH
qlb7yzbw0Ojk93DJ56dx7LUGsSAnkaHZknvz46qqdOJ/yIkNPOeXfQ+UOYP1Ua6x
ryctjcYP37cUSZkn/IELL5uwD5cXQ1oEEyJlTek/P95LU4icU7gTE1g+bQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHGPa0cXynrZfSaQEHjtNWURkUggMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvY1k5clJ4ZktldGw5SnBBUWVPMDFaUkdSU0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAuZuvAwQC
ucP4AwQAwpOsMAwDBADCk+MDBADCk+QwDQYJKoZIhvcNAQELBQADggEBAIicM0vx
1/8oV/I0YQpBl/6/XJhuF1D3Da42RZQBBZbTlOPbBOIvbo/3WskzTrC/D+8NilVh
MkF5LgSYWbe5WSgtWjx5Kef51zi4e9Y0DBGEgPs9mNRfrwoq9NT9WQoXuSHwjUEa
vp4WB1MzCPiGq5CJnMO2JgMh1AVUsoH1Ls2CevQO972HnagWZ32T+iAkmrVS3jnF
bsR1QUARPSHG378FJD2WvuK7e/WqrUDzx8KMP2hyo3/byKa/SahO0cRyYaJLdvAp
qLSQhaHH752U2RFrCmOHYB5ullpcZH6aONt5wQk//MJqc49QVgD6D3wMpJLTsQsx
7kVC88+p7TUVv8Y=
-----END CERTIFICATE-----
Generated at Wed Jul 2 12:26:03 2025 by rpki-client