Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DGDWXAEz8wmqMENNJimniC0PVpo.roa
File: DGDWXAEz8wmqMENNJimniC0PVpo.roa (raw, json)
Hash identifier: mbYW3HFSwh6ri5hlqB+D7LfeYWK8gmuyBp0nK7k+Jlk=
Subject key identifier: 0C:60:D6:5C:01:33:F3:09:AA:30:43:4D:26:29:A7:88:2D:0F:56:9A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0198AC6AE9289B00962198F8D4617BC4B279
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DGDWXAEz8wmqMENNJimniC0PVpo.roa
Signing time: Fri 15 Aug 2025 06:29:04 +0000
ROA not before: Fri 15 Aug 2025 06:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 46.244.98.0/24 maxlen: 24
66.56.83.0/24 maxlen: 24
92.240.148.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
124.198.134.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
158.173.133.0/24 maxlen: 24
185.102.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:6a:e9:28:9b:00:96:21:98:f8:d4:61:7b:c4:b2:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 15 06:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c60d65c0133f309aa30434d2629a7882d0f569a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6a:c5:b2:00:02:27:af:c3:e7:7b:14:c3:48:
6d:92:5a:f2:97:45:c4:4b:2b:99:e3:3a:fc:4d:26:
7c:c2:d6:1b:05:6d:4f:08:b5:98:89:e3:ea:f2:b1:
a0:eb:ce:bc:69:11:98:a4:39:96:91:03:dc:c6:4a:
c4:87:a6:2c:dd:19:43:c5:7e:28:34:fb:07:62:ec:
34:0c:c1:71:8f:2c:a6:fa:76:43:13:d4:93:2a:71:
c1:e7:b4:df:69:a9:d6:45:4f:0f:8b:79:01:60:dd:
d5:3b:15:6b:9e:26:a3:e3:63:0f:c4:64:16:00:c6:
98:b9:7b:dd:a4:54:c2:cf:39:55:6d:1e:e2:bb:1f:
ef:9b:a1:a9:9a:e0:38:da:5f:d1:03:9d:6a:d7:b6:
f7:ef:6d:24:83:7a:ee:2d:65:5d:56:bc:83:10:54:
f5:31:65:fa:43:db:33:dd:1d:07:a1:25:ce:b4:31:
0f:cf:89:01:47:07:5c:4c:23:9d:22:3b:db:06:63:
73:4f:dd:55:68:c5:a5:e2:78:4b:29:dd:1a:80:32:
5f:72:5f:3a:8d:bd:61:b1:dc:c2:aa:51:c0:78:0b:
88:ee:23:d6:df:52:33:97:9d:6b:ba:18:73:c1:db:
71:1a:e8:06:86:a0:0d:0a:92:6a:71:b7:20:12:32:
22:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:60:D6:5C:01:33:F3:09:AA:30:43:4D:26:29:A7:88:2D:0F:56:9A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DGDWXAEz8wmqMENNJimniC0PVpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.98.0/24
66.56.83.0/24
92.240.148.0/24
103.138.78.0/24
124.198.134.0/24
155.2.193.0/24
155.2.220.0/24
158.173.133.0/24
185.102.168.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:95:d2:06:2d:70:3d:aa:6a:fa:73:a7:03:58:75:48:72:33:
5b:30:f2:e0:f6:69:a5:4f:2b:8f:36:61:f9:5a:97:67:6f:94:
30:e5:83:4e:12:68:97:d0:a8:38:49:f5:ab:1a:0b:48:30:ef:
57:70:e3:1f:df:5b:cc:59:12:96:0c:4b:69:6e:28:2e:1c:d9:
b1:32:28:5e:77:54:b1:c8:04:2c:99:49:45:64:72:94:bd:3c:
73:63:39:d5:62:b2:9d:a6:19:3a:f2:72:9e:f8:3c:12:5c:81:
1d:d7:db:39:e2:de:a5:86:97:7d:f7:eb:cf:7b:5f:8c:87:23:
43:5e:0b:44:26:f2:b1:2d:b9:22:34:cb:46:49:23:74:55:6b:
94:37:e7:12:32:bd:22:ff:ed:46:2e:80:20:f3:0b:cd:15:95:
12:35:d6:e6:c4:3d:17:11:27:0f:59:b7:39:d7:9e:9c:0f:4b:
15:75:8e:d2:e6:da:45:1d:1c:c0:25:94:db:79:ee:b5:ac:e6:
23:a6:63:d4:ed:70:29:de:dc:51:8c:ed:49:89:64:42:6c:c6:
88:e9:a5:b5:af:c0:04:b1:6b:d1:6a:98:46:e6:3a:45:c3:e7:
cc:cc:7a:01:cc:0b:4f:8b:6b:3e:16:1f:cf:79:06:6f:a1:93:
3b:5c:90:19
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZisaukomwCWIZj41GF7xLJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwODE1MDYyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYwZDY1YzAxMzNmMzA5YWEzMDQzNGQyNjI5YTc4ODJkMGY1NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWrFsgACJ6/D53sUw0htklryl0XE
SyuZ4zr8TSZ8wtYbBW1PCLWYiePq8rGg6868aRGYpDmWkQPcxkrEh6Ys3RlDxX4o
NPsHYuw0DMFxjyym+nZDE9STKnHB57TfaanWRU8Pi3kBYN3VOxVrniaj42MPxGQW
AMaYuXvdpFTCzzlVbR7iux/vm6GpmuA42l/RA51q17b3720kg3ruLWVdVryDEFT1
MWX6Q9sz3R0HoSXOtDEPz4kBRwdcTCOdIjvbBmNzT91VaMWl4nhLKd0agDJfcl86
jb1hsdzCqlHAeAuI7iPW31Izl51ruhhzwdtxGugGhqANCpJqcbcgEjIiBwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAxg1lwBM/MJqjBDTSYpp4gtD1aaMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvREdEV1hBRXo4d21xTUVOTkppbW5pQzBQVnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALvRiAwQA
QjhTAwQAXPCUAwQAZ4pOAwQAfMaGAwQAmwLBAwQAmwLcAwQAnq2FAwQAuWaoMA0G
CSqGSIb3DQEBCwUAA4IBAQBdldIGLXA9qmr6c6cDWHVIcjNbMPLg9mmlTyuPNmH5
Wpdnb5Qw5YNOEmiX0Kg4SfWrGgtIMO9XcOMf31vMWRKWDEtpbiguHNmxMihed1Sx
yAQsmUlFZHKUvTxzYznVYrKdphk68nKe+DwSXIEd19s54t6lhpd99+vPe1+MhyND
XgtEJvKxLbkiNMtGSSN0VWuUN+cSMr0i/+1GLoAg8wvNFZUSNdbmxD0XEScPWbc5
156cD0sVdY7S5tpFHRzAJZTbee61rOYjpmPU7XAp3txRjO1JiWRCbMaI6aW1r8AE
sWvRaphG5jpFw+fMzHoBzAtPi2s+Fh/PeQZvoZM7XJAZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:52:35 2025 by rpki-client