Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/sVsYT4pNI8d3ueUhClF4P5W88Ag.roa
File: sVsYT4pNI8d3ueUhClF4P5W88Ag.roa (raw, json)
Hash identifier: GeG4TGlRyxdsKQR1/yAkUQ6fi1nEvwVt+ojV5IVFhv4=
Subject key identifier: B1:5B:18:4F:8A:4D:23:C7:77:B9:E5:21:0A:51:78:3F:95:BC:F0:08
Certificate issuer: /CN=efa842e67147252505f41551f0f735b7f72e3e97
Certificate serial: 01979E2300E8433DEBBFD9E7CB8BBA522C8C
Authority key identifier: EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/sVsYT4pNI8d3ueUhClF4P5W88Ag.roa
Signing time: Mon 23 Jun 2025 18:53:03 +0000
ROA not before: Mon 23 Jun 2025 18:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 185.30.233.0/24 maxlen: 24
185.142.236.0/24 maxlen: 24
185.142.238.0/23 maxlen: 23
185.165.190.0/24 maxlen: 24
185.165.191.0/24 maxlen: 24
2a07:85c3::/48 maxlen: 48
2a07:85c5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:23:00:e8:43:3d:eb:bf:d9:e7:cb:8b:ba:52:2c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa842e67147252505f41551f0f735b7f72e3e97
Validity
Not Before: Jun 23 18:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b15b184f8a4d23c777b9e5210a51783f95bcf008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3f:84:d4:d7:81:9f:3e:96:01:71:bf:17:8a:
bd:78:9e:e2:85:8f:e4:a9:b7:07:d9:c7:65:b4:ec:
6a:3d:61:2b:d8:8c:88:af:ba:60:3a:bd:70:db:8f:
10:9d:c5:78:14:7f:37:c8:24:31:a5:3f:a8:4b:b8:
92:7b:bb:0b:ed:cf:38:75:7a:cb:fb:d7:de:6f:e2:
ea:45:fb:ba:38:76:39:cc:17:55:c4:60:f5:2a:91:
94:f5:62:15:36:0f:95:08:52:62:8f:a2:28:46:45:
8d:b1:da:7d:f2:1b:77:f5:6b:82:43:bf:ab:d5:b2:
55:3e:57:0a:fb:ae:75:f1:b7:4c:35:bb:ee:30:e7:
43:8f:5f:22:f8:e0:41:35:26:fc:ce:fe:dc:79:e7:
6b:fa:3d:72:c2:cb:56:4a:49:56:1b:ab:bd:db:f6:
4e:6f:e9:81:7a:47:11:5e:7b:5f:8d:82:ed:41:15:
97:f8:d0:7e:1c:77:6e:0f:0c:e7:0d:fe:51:4b:c9:
b4:4e:e7:ce:3e:9b:96:5a:53:86:1f:e4:ba:44:ec:
5a:71:7d:03:ea:f3:3d:20:46:f3:7f:8d:62:c9:87:
7e:85:30:50:80:09:4c:66:35:3f:d8:6c:32:f5:79:
01:9e:26:16:39:e3:a2:12:a2:d2:cc:4a:ac:c4:2a:
35:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5B:18:4F:8A:4D:23:C7:77:B9:E5:21:0A:51:78:3F:95:BC:F0:08
X509v3 Authority Key Identifier:
keyid:EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/sVsYT4pNI8d3ueUhClF4P5W88Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.233.0/24
185.142.236.0/24
185.142.238.0/23
185.165.190.0/23
IPv6:
2a07:85c3::/48
2a07:85c5::/48
Signature Algorithm: sha256WithRSAEncryption
1a:22:52:a4:dd:ef:2d:8e:cb:e2:c2:2a:66:42:5f:cb:df:ed:
1d:ae:55:45:90:36:1c:52:76:99:fd:c7:a0:2b:47:df:37:a2:
44:06:d6:5f:9e:d6:06:78:dc:32:cb:fe:4b:b1:82:01:94:04:
7f:15:f2:c0:33:ea:98:69:50:df:9e:a4:54:b6:a5:13:70:bd:
39:3e:e8:ad:fb:7b:5d:ad:51:31:fc:a4:48:8f:45:c7:fe:a7:
72:8d:c8:2f:35:39:15:9a:98:35:05:1a:a3:7f:6b:af:f4:4a:
ec:be:af:49:ad:d3:70:bd:fd:db:f4:23:d2:f2:dc:75:49:b6:
08:76:ce:85:60:f7:ee:1b:75:27:01:2b:ea:06:ba:e7:93:28:
61:cc:0f:36:66:c7:23:3d:9d:46:04:8a:d3:88:bf:91:fb:38:
da:79:cd:28:9d:f1:1f:84:52:2b:9f:e6:0a:f4:37:6c:e2:2c:
dc:67:4f:b7:2f:66:dd:cb:de:70:2b:92:1d:7e:c0:6d:2e:9f:
a6:3c:dd:63:90:bd:89:dd:7d:94:23:8c:cc:12:95:5e:7b:c9:
13:af:d5:07:0e:0e:78:fa:d6:e5:98:c6:b5:84:01:84:f0:75:
d9:cb:af:01:e2:c6:a3:95:c0:41:35:35:9a:b9:97:f4:1a:f9:
0c:b2:d4:84
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZeeIwDoQz3rv9nny4u6UiyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTg0MmU2NzE0NzI1MjUwNWY0MTU1MWYwZjczNWI3Zjcy
ZTNlOTcwHhcNMjUwNjIzMTg1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTViMTg0ZjhhNGQyM2M3NzdiOWU1MjEwYTUxNzgzZjk1YmNmMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D+E1NeBnz6WAXG/F4q9eJ7ihY/k
qbcH2cdltOxqPWEr2IyIr7pgOr1w248QncV4FH83yCQxpT+oS7iSe7sL7c84dXrL
+9feb+LqRfu6OHY5zBdVxGD1KpGU9WIVNg+VCFJij6IoRkWNsdp98ht39WuCQ7+r
1bJVPlcK+6518bdMNbvuMOdDj18i+OBBNSb8zv7ceedr+j1ywstWSklWG6u92/ZO
b+mBekcRXntfjYLtQRWX+NB+HHduDwznDf5RS8m0TufOPpuWWlOGH+S6ROxacX0D
6vM9IEbzf41iyYd+hTBQgAlMZjU/2Gwy9XkBniYWOeOiEqLSzEqsxCo1kwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLFbGE+KTSPHd7nlIQpReD+VvPAIMB8GA1UdIwQY
MBaAFO+oQuZxRyUlBfQVUfD3Nbf3Lj6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYt
OGUwYzMxMjIzZGI4LzEvc1ZzWVQ0cE5JOGQzdWVVaENsRjRQNVc4OEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYtOGUwYzMxMjIzZGI4
LzEvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAuR7pAwQA
uY7sAwQBuY7uAwQBuaW+MBgEAgACMBIDBwAqB4XDAAADBwAqB4XFAAAwDQYJKoZI
hvcNAQELBQADggEBABoiUqTd7y2Oy+LCKmZCX8vf7R2uVUWQNhxSdpn9x6ArR983
okQG1l+e1gZ43DLL/kuxggGUBH8V8sAz6phpUN+epFS2pRNwvTk+6K37e12tUTH8
pEiPRcf+p3KNyC81ORWamDUFGqN/a6/0Suy+r0mt03C9/dv0I9Ly3HVJtgh2zoVg
9+4bdScBK+oGuueTKGHMDzZmxyM9nUYEitOIv5H7ONp5zSid8R+EUiuf5gr0N2zi
LNxnT7cvZt3L3nArkh1+wG0un6Y83WOQvYndfZQjjMwSlV57yROv1QcODnj61uWY
xrWEAYTwddnLrwHixqOVwEE1NZq5l/Qa+Qyy1IQ=
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:45:52 2025 by rpki-client