Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/1-pr3Ei1SAi03zriZ2YxxK2My5xc.roa
File: 1-pr3Ei1SAi03zriZ2YxxK2My5xc.roa (raw, json)
Hash identifier: zQiqPG2qSn25xqgBTrMUyr+bMNmg0bry5+ur5lPK/ps=
Subject key identifier: FA:9A:F7:12:2D:52:02:2D:37:CE:B8:99:D9:8C:71:2B:63:32:E7:17
Certificate issuer: /CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6
Certificate serial: 0198AF048131B179697DE3AD8FCC4E74F928
Authority key identifier: BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/1-pr3Ei1SAi03zriZ2YxxK2My5xc.roa
Signing time: Fri 15 Aug 2025 18:36:04 +0000
ROA not before: Fri 15 Aug 2025 18:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400810
IP address blocks: 185.240.134.0/23 maxlen: 23
185.240.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:af:04:81:31:b1:79:69:7d:e3:ad:8f:cc:4e:74:f9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6
Validity
Not Before: Aug 15 18:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa9af7122d52022d37ceb899d98c712b6332e717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e7:d5:d4:93:cd:e9:20:25:c5:41:be:5c:09:
f8:93:84:6e:3e:bc:0a:a2:60:86:5a:95:cd:6d:07:
0d:f9:0e:43:90:52:47:ed:1c:44:2e:7e:05:fd:90:
d7:e0:47:80:92:92:5f:1a:df:8f:5c:45:55:c1:fe:
3f:b1:8c:dd:66:b9:8e:46:9a:f6:4b:80:f6:fe:d1:
b5:d4:46:e3:3c:ea:b0:90:be:ee:f4:14:9c:75:06:
dc:10:0f:aa:b4:5b:1d:c4:34:f3:e0:06:3d:88:00:
d9:5a:a7:1f:7c:63:f6:7d:d4:6d:58:68:d4:67:37:
85:f2:18:30:b8:77:4f:21:fa:b2:eb:ba:45:ee:73:
92:03:5e:6b:bf:e7:26:16:32:da:2f:37:f6:f2:49:
8f:4e:e2:c7:6b:ff:4e:4a:9f:35:b8:c5:02:17:bc:
ed:64:96:65:dd:ea:e9:af:4b:4b:8b:dd:33:12:53:
bc:26:09:d8:65:62:4e:52:f7:36:d1:ae:cb:37:77:
d9:93:97:13:fb:58:96:ad:7e:2c:16:45:cb:a9:bc:
f9:2e:9c:2e:7d:10:9a:a1:2d:dc:56:b1:06:6d:33:
69:e4:9f:2f:f3:89:5a:63:d4:0f:63:dd:2d:b6:a6:
18:ce:0b:9f:2f:e0:3d:e1:c4:3e:fc:77:c4:e1:5f:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9A:F7:12:2D:52:02:2D:37:CE:B8:99:D9:8C:71:2B:63:32:E7:17
X509v3 Authority Key Identifier:
keyid:BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/1-pr3Ei1SAi03zriZ2YxxK2My5xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.134.0/23
Signature Algorithm: sha256WithRSAEncryption
80:20:5f:5e:e9:66:9c:a6:97:35:87:59:66:7c:ac:60:95:47:
08:60:22:9a:ad:a2:74:5f:c5:b1:d9:46:e0:74:f6:d9:49:1f:
a8:b6:ea:3c:77:98:6f:47:e0:47:7f:a9:81:46:7d:b6:35:5f:
98:12:c6:7d:02:2b:63:c8:e5:4b:8c:35:3c:11:6e:5b:c7:8d:
ff:99:c0:6e:ae:60:7b:78:41:81:5b:39:6e:7d:e1:dc:50:40:
49:e8:4c:fc:1e:f1:4e:93:31:39:3d:a9:16:3e:5c:55:5d:6e:
b1:53:e8:9a:14:4b:c5:06:6c:a2:39:7a:78:7c:90:d8:2c:68:
4f:99:a7:07:60:12:3f:11:6f:1c:44:bd:6f:d1:d3:49:dd:03:
34:d4:d7:44:aa:86:5f:41:f9:49:36:04:1b:0b:ae:54:1d:6d:
a6:76:67:fa:65:a1:44:02:29:53:35:b3:4e:87:50:24:3c:50:
6c:30:c4:a3:c1:cb:6c:4d:09:25:f6:29:03:8d:18:00:1b:72:
fa:64:9a:41:11:3d:57:4a:a0:d1:c2:35:1f:ee:c2:12:fd:30:
76:9a:e2:21:ab:3f:ba:e0:44:2f:8f:fb:94:9d:9e:d7:5c:36:
2c:d5:74:e3:61:46:0a:54:3a:1d:15:de:79:c7:80:2a:08:cb:
1e:71:ab:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZivBIExsXlpfeOtj8xOdPkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDg0YmM0NGRiZGE1YmFiZmM0OTQwYmNjYzE2MzVlMTUz
YjI0YjYwHhcNMjUwODE1MTgzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTlhZjcxMjJkNTIwMjJkMzdjZWI4OTlkOThjNzEyYjYzMzJlNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OfV1JPN6SAlxUG+XAn4k4RuPrwK
omCGWpXNbQcN+Q5DkFJH7RxELn4F/ZDX4EeAkpJfGt+PXEVVwf4/sYzdZrmORpr2
S4D2/tG11EbjPOqwkL7u9BScdQbcEA+qtFsdxDTz4AY9iADZWqcffGP2fdRtWGjU
ZzeF8hgwuHdPIfqy67pF7nOSA15rv+cmFjLaLzf28kmPTuLHa/9OSp81uMUCF7zt
ZJZl3erpr0tLi90zElO8JgnYZWJOUvc20a7LN3fZk5cT+1iWrX4sFkXLqbz5Lpwu
fRCaoS3cVrEGbTNp5J8v84laY9QPY90ttqYYzgufL+A94cQ+/HfE4V/V4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqa9xItUgItN864mdmMcStjMucXMB8GA1UdIwQY
MBaAFLvYS8RNvaW6v8SUC8zBY14VOyS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTloTHhFMjlwYnFfeEpRTHpNRmpYaFU3SkxZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS82MzliZTQtOTNlNi00MTgzLWFiNmYt
ZGZkZGIxMzY0MzYzLzEvMS1wcjNFaTFTQWkwM3pyaVoyWXh4SzJNeTV4Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNjM5YmU0LTkzZTYtNDE4My1hYjZmLWRmZGRiMTM2NDM2
My8xL3U5aEx4RTI5cGJxX3hKUUx6TUZqWGhVN0pMWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnwhjAN
BgkqhkiG9w0BAQsFAAOCAQEAgCBfXulmnKaXNYdZZnysYJVHCGAimq2idF/FsdlG
4HT22UkfqLbqPHeYb0fgR3+pgUZ9tjVfmBLGfQIrY8jlS4w1PBFuW8eN/5nAbq5g
e3hBgVs5bn3h3FBASehM/B7xTpMxOT2pFj5cVV1usVPomhRLxQZsojl6eHyQ2Cxo
T5mnB2ASPxFvHES9b9HTSd0DNNTXRKqGX0H5STYEGwuuVB1tpnZn+mWhRAIpUzWz
TodQJDxQbDDEo8HLbE0JJfYpA40YABty+mSaQRE9V0qg0cI1H+7CEv0wdpriIas/
uuBEL4/7lJ2e11w2LNV042FGClQ6HRXeeceAKgjLHnGrfw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:18:21 2025 by rpki-client