Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/liGvOqZEMZVJ31qcvM63A-JRrWQ.roa
File: liGvOqZEMZVJ31qcvM63A-JRrWQ.roa (raw, json)
Hash identifier: 7Wp5rJr7TP0Q094F3fLaEjNmRJEAB/0CXre5MVFA1x0=
Subject key identifier: 96:21:AF:3A:A6:44:31:95:49:DF:5A:9C:BC:CE:B7:03:E2:51:AD:64
Certificate issuer: /CN=78220e2d4a591497c0f91b880ce6f0a3e47770e4
Certificate serial: 0198C1A9248F52D32A7D082A18AEC203B865
Authority key identifier: 78:22:0E:2D:4A:59:14:97:C0:F9:1B:88:0C:E6:F0:A3:E4:77:70:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eCIOLUpZFJfA-RuIDObwo-R3cOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/liGvOqZEMZVJ31qcvM63A-JRrWQ.roa
Signing time: Tue 19 Aug 2025 09:29:04 +0000
ROA not before: Tue 19 Aug 2025 09:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15368
IP address blocks: 213.183.192.0/20 maxlen: 20
213.183.208.0/21 maxlen: 21
2a00:4e00::/36 maxlen: 36
2a00:4e00:1000::/36 maxlen: 36
2a00:4e00:2000::/36 maxlen: 36
2a00:4e00:3000::/36 maxlen: 36
2a00:4e00:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/eCIOLUpZFJfA-RuIDObwo-R3cOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/eCIOLUpZFJfA-RuIDObwo-R3cOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/eCIOLUpZFJfA-RuIDObwo-R3cOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:a9:24:8f:52:d3:2a:7d:08:2a:18:ae:c2:03:b8:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78220e2d4a591497c0f91b880ce6f0a3e47770e4
Validity
Not Before: Aug 19 09:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9621af3aa644319549df5a9cbcceb703e251ad64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:2f:28:00:b6:d6:f8:7e:86:eb:f4:26:92:
2c:b9:5a:bb:22:6b:31:0c:b5:d4:72:7e:b4:15:28:
03:49:8b:e2:79:3b:08:07:c3:fa:d3:7c:0a:ea:a4:
b5:8e:fc:0a:3f:7b:25:c8:06:10:bd:54:25:93:df:
1f:53:0b:b1:58:cb:4a:13:68:0f:62:82:ae:94:2f:
54:15:1d:47:22:c8:99:9e:62:60:4b:0d:db:68:2f:
33:96:6e:01:98:48:ee:5a:be:41:a3:18:5f:f6:a6:
f0:14:20:14:8a:76:c4:ff:93:2c:09:8d:42:54:39:
1c:aa:9d:ff:32:36:48:8a:c2:c6:2c:d9:d5:77:f9:
2a:86:7f:a0:1c:50:7c:5e:3d:68:67:20:26:60:d5:
95:37:f5:df:46:f6:35:87:ca:f5:70:be:55:9a:8a:
3e:39:76:1e:6f:be:e9:82:15:19:3d:f5:fc:ea:38:
a8:16:1f:7e:54:fe:f5:d5:ee:82:91:09:37:03:74:
6b:b2:6e:a7:d5:5f:a1:de:19:a6:96:93:70:77:f7:
91:68:cd:9c:18:f4:ef:30:ac:16:34:28:f1:c2:08:
e5:82:03:74:a6:5d:86:ea:bd:9c:6c:ee:aa:eb:d7:
81:57:2a:49:ab:de:c9:00:d1:d4:75:30:9b:e2:f8:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:21:AF:3A:A6:44:31:95:49:DF:5A:9C:BC:CE:B7:03:E2:51:AD:64
X509v3 Authority Key Identifier:
keyid:78:22:0E:2D:4A:59:14:97:C0:F9:1B:88:0C:E6:F0:A3:E4:77:70:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eCIOLUpZFJfA-RuIDObwo-R3cOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/liGvOqZEMZVJ31qcvM63A-JRrWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe4179-a21d-4ea4-8a1a-d57a4da4cc1e/1/eCIOLUpZFJfA-RuIDObwo-R3cOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.183.192.0-213.183.215.255
IPv6:
2a00:4e00::-2a00:4e00:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:62:af:33:49:a4:67:af:95:ec:f4:d7:50:3e:2f:d4:23:af:
0b:0e:b1:54:58:79:8e:17:37:09:1e:d0:32:e0:7d:6b:ca:34:
85:74:a9:74:87:ad:11:ad:39:84:d7:f3:92:6a:63:0e:a9:af:
eb:cd:dc:77:6e:04:cf:58:c2:1b:6f:9b:60:7b:df:7c:38:a2:
6c:e3:31:6d:fe:ed:62:09:e2:7d:41:93:a4:ab:1e:e9:ea:68:
7c:5b:54:b1:a0:59:be:d2:37:bd:4a:f3:7c:71:1b:24:c3:5a:
54:2f:56:e4:74:73:cd:36:f5:30:1d:11:3d:47:6a:aa:ea:f0:
32:ff:c6:49:77:66:eb:ac:b4:de:73:bf:d0:24:b6:63:7a:e8:
27:0d:fa:c0:55:55:e3:aa:a1:ba:1e:a2:14:55:01:9b:00:64:
1c:62:5b:f1:76:39:41:f8:09:03:3b:7d:d5:0e:d6:ed:d9:ad:
8e:d8:bc:2e:23:e9:1e:13:e2:16:7c:0e:92:92:30:da:0b:91:
4c:db:7d:40:06:53:b4:27:a1:2b:38:93:2d:24:b4:96:76:6a:
66:6c:71:f6:f2:d4:66:ca:1f:a4:ec:40:5c:5e:20:5f:af:e0:
49:75:68:e2:fe:5e:2e:37:0b:93:e8:5b:c4:e8:fc:51:ad:b3:
c7:95:3f:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZjBqSSPUtMqfQgqGK7CA7hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MjIwZTJkNGE1OTE0OTdjMGY5MWI4ODBjZTZmMGEzZTQ3
NzcwZTQwHhcNMjUwODE5MDkyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjIxYWYzYWE2NDQzMTk1NDlkZjVhOWNiY2NlYjcwM2UyNTFhZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZovKAC21vh+huv0JpIsuVq7Imsx
DLXUcn60FSgDSYvieTsIB8P603wK6qS1jvwKP3slyAYQvVQlk98fUwuxWMtKE2gP
YoKulC9UFR1HIsiZnmJgSw3baC8zlm4BmEjuWr5Boxhf9qbwFCAUinbE/5MsCY1C
VDkcqp3/MjZIisLGLNnVd/kqhn+gHFB8Xj1oZyAmYNWVN/XfRvY1h8r1cL5Vmoo+
OXYeb77pghUZPfX86jioFh9+VP711e6CkQk3A3Rrsm6n1V+h3hmmlpNwd/eRaM2c
GPTvMKwWNCjxwgjlggN0pl2G6r2cbO6q69eBVypJq97JANHUdTCb4viBYwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJYhrzqmRDGVSd9anLzOtwPiUa1kMB8GA1UdIwQY
MBaAFHgiDi1KWRSXwPkbiAzm8KPkd3DkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUNJT0xVcFpGSmZBLVJ1SURPYndvLVIzY09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTQxNzktYTIxZC00ZWE0LThhMWEt
ZDU3YTRkYTRjYzFlLzEvbGlHdk9xWkVNWlZKMzFxY3ZNNjNBLUpScldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTQxNzktYTIxZC00ZWE0LThhMWEtZDU3YTRkYTRjYzFl
LzEvZUNJT0xVcFpGSmZBLVJ1SURPYndvLVIzY09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAbVt8AD
BAPVt9AwFgQCAAIwEDAOAwQBKgBOAwYEKgBOAEAwDQYJKoZIhvcNAQELBQADggEB
AJlirzNJpGevlez011A+L9QjrwsOsVRYeY4XNwke0DLgfWvKNIV0qXSHrRGtOYTX
85JqYw6pr+vN3HduBM9Ywhtvm2B733w4omzjMW3+7WIJ4n1Bk6SrHunqaHxbVLGg
Wb7SN71K83xxGyTDWlQvVuR0c8029TAdET1Haqrq8DL/xkl3ZuustN5zv9AktmN6
6CcN+sBVVeOqoboeohRVAZsAZBxiW/F2OUH4CQM7fdUO1u3ZrY7YvC4j6R4T4hZ8
DpKSMNoLkUzbfUAGU7QnoSs4ky0ktJZ2amZscfby1GbKH6TsQFxeIF+v4El1aOL+
Xi43C5PoW8To/FGts8eVP1Y=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:05:48 2025 by rpki-client