Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/IY8QfhC6OcTU5FbaNvDqTBTxYRY.roa
File: IY8QfhC6OcTU5FbaNvDqTBTxYRY.roa (raw, json)
Hash identifier: DSRdWvGhbx1EF7Vp7j75DrBjXKnTwLo/tZPs2C0WEP4=
Subject key identifier: 21:8F:10:7E:10:BA:39:C4:D4:E4:56:DA:36:F0:EA:4C:14:F1:61:16
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 0197A5E5592BB96CF184F2B612584E1F8FEF
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/IY8QfhC6OcTU5FbaNvDqTBTxYRY.roa
Signing time: Wed 25 Jun 2025 07:02:40 +0000
ROA not before: Wed 25 Jun 2025 07:02:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199152
IP address blocks: 91.239.23.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
176.116.0.0/24 maxlen: 24
2a11:7e41::/48 maxlen: 48
2a11:7e41:1::/48 maxlen: 48
2a11:7e41:2::/48 maxlen: 48
2a11:7e41:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 13:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a5:e5:59:2b:b9:6c:f1:84:f2:b6:12:58:4e:1f:8f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jun 25 07:02:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218f107e10ba39c4d4e456da36f0ea4c14f16116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2f:cc:ec:59:7d:7b:69:af:62:35:91:88:68:
72:0e:45:c0:8a:cd:e6:5d:35:82:c6:23:bb:fb:89:
61:db:97:a2:01:5e:83:ae:4e:58:7a:4f:80:58:24:
29:4b:24:9a:90:a7:31:7e:01:bf:d3:67:b0:ec:03:
eb:e0:18:b8:48:3c:3c:7b:e1:61:2c:7b:52:24:e2:
99:6e:d7:c1:71:f7:ae:a6:1f:f0:59:f2:c7:55:9d:
b0:0a:44:fd:44:08:b7:8d:38:3b:41:33:00:82:bb:
6d:04:ec:32:c5:72:96:a6:b6:72:26:dd:0f:92:f9:
96:57:b8:da:5a:3d:62:e7:d8:a3:e8:c4:b5:a5:4b:
da:00:f0:cd:a5:b3:ae:30:71:92:21:61:04:48:38:
93:61:8e:c5:0d:a1:09:df:f9:90:23:15:53:ba:cd:
64:2b:4e:56:87:37:7d:e7:52:41:94:d6:af:a4:35:
78:d6:93:4b:61:8d:02:d8:02:da:af:0f:ca:8d:10:
56:d4:98:a0:76:d8:be:5f:24:b7:5e:5e:0e:5e:0c:
3b:1b:2b:08:fc:b2:d1:e7:f3:e4:00:99:7c:dc:64:
16:61:f0:54:30:69:6c:cd:c8:53:d7:13:83:79:a6:
da:c2:cb:8c:8a:50:b7:c3:5d:50:5c:9e:89:82:8a:
e3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8F:10:7E:10:BA:39:C4:D4:E4:56:DA:36:F0:EA:4C:14:F1:61:16
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/IY8QfhC6OcTU5FbaNvDqTBTxYRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.23.0/24
94.247.137.0/24
146.19.84.0/24
176.116.0.0/24
IPv6:
2a11:7e41::/46
Signature Algorithm: sha256WithRSAEncryption
56:1a:c1:9a:82:93:42:95:f3:7d:70:2b:e7:ac:df:c5:f2:42:
5c:a2:4c:54:75:41:b0:39:da:3c:14:04:3a:96:72:51:29:9d:
e8:07:86:00:a9:33:51:6d:15:e4:fc:e9:b9:c7:cf:fd:ec:01:
8c:5b:95:7a:d3:ec:56:f3:02:0f:8f:ab:55:2d:95:2c:c5:93:
5e:a4:87:95:db:be:f8:9d:4f:20:9a:b6:11:c4:6c:96:82:38:
b6:35:b3:f6:d6:7a:7c:c0:93:32:e1:b2:e2:3e:7f:8a:15:19:
03:e0:46:c8:48:42:9c:a8:36:a6:ce:ab:ef:59:0f:fa:cd:6a:
66:a4:0e:98:9a:7c:d4:a1:58:a7:19:f9:f1:a2:08:c2:4f:d5:
6d:29:ad:c6:d0:4d:37:c4:f5:7f:04:2c:e3:c2:cd:7c:e4:aa:
f0:f5:2c:e5:55:2e:05:b9:33:17:42:5e:d3:e9:64:6c:7e:e2:
39:0d:70:1e:09:37:04:e9:d8:01:d0:6f:af:39:83:87:71:09:
5f:aa:74:e7:96:8e:da:d6:1c:f2:9f:d5:48:7b:49:3f:6b:4f:
5c:de:61:a1:9e:3e:35:78:cc:6b:be:69:0d:5b:47:2d:77:e6:
c9:38:15:68:af:30:15:4c:2a:fc:08:4c:6b:2e:cb:e9:3c:cd:
9e:39:f8:e8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZel5VkruWzxhPK2ElhOH4/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwNjI1MDcwMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThmMTA3ZTEwYmEzOWM0ZDRlNDU2ZGEzNmYwZWE0YzE0ZjE2MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC/M7Fl9e2mvYjWRiGhyDkXAis3m
XTWCxiO7+4lh25eiAV6Drk5Yek+AWCQpSySakKcxfgG/02ew7APr4Bi4SDw8e+Fh
LHtSJOKZbtfBcfeuph/wWfLHVZ2wCkT9RAi3jTg7QTMAgrttBOwyxXKWprZyJt0P
kvmWV7jaWj1i59ij6MS1pUvaAPDNpbOuMHGSIWEESDiTYY7FDaEJ3/mQIxVTus1k
K05Whzd951JBlNavpDV41pNLYY0C2ALarw/KjRBW1Jigdti+XyS3Xl4OXgw7GysI
/LLR5/PkAJl83GQWYfBUMGlszchT1xODeabawsuMilC3w11QXJ6JgorjuwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCGPEH4QujnE1ORW2jbw6kwU8WEWMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvSVk4UWZoQzZPY1RVNUZiYU52RHFUQlR4WVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW+8XAwQA
XveJAwQAkhNUAwQAsHQAMA8EAgACMAkDBwIqEX5BAAAwDQYJKoZIhvcNAQELBQAD
ggEBAFYawZqCk0KV831wK+es38XyQlyiTFR1QbA52jwUBDqWclEpnegHhgCpM1Ft
FeT86bnHz/3sAYxblXrT7FbzAg+Pq1UtlSzFk16kh5XbvvidTyCathHEbJaCOLY1
s/bWenzAkzLhsuI+f4oVGQPgRshIQpyoNqbOq+9ZD/rNamakDpiafNShWKcZ+fGi
CMJP1W0prcbQTTfE9X8ELOPCzXzkqvD1LOVVLgW5MxdCXtPpZGx+4jkNcB4JNwTp
2AHQb685g4dxCV+qdOeWjtrWHPKf1Uh7ST9rT1zeYaGePjV4zGu+aQ1bRy135sk4
FWivMBVMKvwITGsuy+k8zZ45+Og=
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:44:21 2025 by rpki-client