Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/tr3Mau39VcKJ_XgMpDq905F47G0.roa
File: tr3Mau39VcKJ_XgMpDq905F47G0.roa (raw, json)
Hash identifier: MVZ9b8y+XoeBXJPJhRIiCaVtjlCBIl4VmA21jHMQa5o=
Subject key identifier: B6:BD:CC:6A:ED:FD:55:C2:89:FD:78:0C:A4:3A:BD:D3:91:78:EC:6D
Certificate issuer: /CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Certificate serial: 0197A61C49A7F194347DFB92036BBF9EDD5A
Authority key identifier: C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/tr3Mau39VcKJ_XgMpDq905F47G0.roa
Signing time: Wed 25 Jun 2025 08:02:41 +0000
ROA not before: Wed 25 Jun 2025 08:02:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197014
IP address blocks: 185.36.216.0/22 maxlen: 24
194.247.26.0/23 maxlen: 24
2001:67c:2024::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:1c:49:a7:f1:94:34:7d:fb:92:03:6b:bf:9e:dd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Validity
Not Before: Jun 25 08:02:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6bdcc6aedfd55c289fd780ca43abdd39178ec6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1f:8c:72:a4:d4:75:73:88:32:4d:8b:84:24:
85:93:4b:3b:f3:de:15:d2:43:72:8d:b6:12:90:40:
f1:c0:62:5d:07:f6:76:9d:27:fa:95:8f:2e:06:d9:
48:75:2a:fa:3e:4e:d2:b2:44:47:95:4c:18:22:67:
12:5d:25:59:01:fa:a4:b4:24:8c:f4:3d:b3:02:26:
ad:18:eb:2d:b2:cc:c0:12:c7:22:5f:18:95:ea:2a:
d4:7b:bc:9d:7e:26:3b:2e:a6:13:74:40:89:23:79:
de:3e:e6:58:fd:b1:35:90:c5:38:67:95:54:a0:9e:
6a:58:e1:e9:dd:bd:c7:0a:ff:3d:4a:f6:ad:01:96:
7d:65:19:60:05:5e:b6:fc:06:a8:de:ee:90:d6:bc:
a0:4f:0f:82:9b:2c:fc:0f:32:bd:08:b6:9d:01:2f:
44:5b:48:43:dc:79:77:70:bf:88:99:80:d1:84:bb:
79:74:2a:31:2a:5b:d3:be:1c:a9:9a:2a:d6:56:f5:
29:04:f7:e9:eb:5e:c6:6b:d6:a5:37:f0:d5:58:23:
00:2c:59:63:e5:8d:c9:f8:0c:db:80:8a:18:56:2b:
2a:a0:c0:e5:44:85:89:73:38:c0:11:26:d4:21:f3:
db:bd:b5:7b:04:cf:41:b1:d5:c4:79:25:6d:ee:75:
f2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BD:CC:6A:ED:FD:55:C2:89:FD:78:0C:A4:3A:BD:D3:91:78:EC:6D
X509v3 Authority Key Identifier:
keyid:C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/tr3Mau39VcKJ_XgMpDq905F47G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.216.0/22
194.247.26.0/23
IPv6:
2001:67c:2024::/48
Signature Algorithm: sha256WithRSAEncryption
1b:ce:b5:c5:fa:ab:f8:70:ca:09:d2:12:8c:a2:40:06:89:f0:
d5:e5:55:e2:29:f8:c8:e1:79:78:0e:69:67:bd:61:21:ff:09:
06:4c:97:64:7d:eb:fe:11:4e:3b:15:46:fb:98:e5:ba:7a:25:
e2:07:21:2b:e1:1e:51:5b:0d:92:7d:22:8d:83:c2:1f:ac:55:
61:43:63:1c:c1:d3:35:92:89:20:b4:19:4f:07:3c:dc:62:bb:
51:16:a8:35:0c:6a:28:3a:e7:c6:e7:42:c3:c3:8a:d8:ad:ce:
dd:74:07:70:a2:c4:cb:ee:80:39:c4:13:39:1d:85:9b:1c:8b:
cd:51:d4:ec:8e:f9:83:80:dd:9f:22:c4:a5:f5:2f:4c:06:61:
30:8f:1a:5f:e3:fa:55:bd:8c:f2:e0:52:c7:61:7d:81:32:ff:
20:98:3d:40:d1:90:ab:20:61:b0:74:07:a3:43:b3:b7:dc:0d:
4e:28:fa:f4:a7:60:98:03:65:02:33:b6:cf:c1:a7:05:b2:02:
10:ba:c6:67:92:c5:e8:70:e4:1c:f6:95:24:f7:a6:1f:9e:18:
e8:89:2b:f1:d4:19:21:f5:ca:a6:76:d9:d1:8d:2e:04:21:f7:
e4:3d:61:a6:9a:9c:d5:8f:d5:43:84:87:5d:34:32:cc:46:c8:
33:ea:83:95
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZemHEmn8ZQ0ffuSA2u/nt1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDcwYWU0MThlZWRkZDZiMzlkYWU5ZTdhMTc3YTE5Yzc3
OTljNDEwHhcNMjUwNjI1MDgwMjQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJkY2M2YWVkZmQ1NWMyODlmZDc4MGNhNDNhYmRkMzkxNzhlYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx+McqTUdXOIMk2LhCSFk0s7894V
0kNyjbYSkEDxwGJdB/Z2nSf6lY8uBtlIdSr6Pk7SskRHlUwYImcSXSVZAfqktCSM
9D2zAiatGOstsszAEsciXxiV6irUe7ydfiY7LqYTdECJI3nePuZY/bE1kMU4Z5VU
oJ5qWOHp3b3HCv89SvatAZZ9ZRlgBV62/Aao3u6Q1rygTw+Cmyz8DzK9CLadAS9E
W0hD3Hl3cL+ImYDRhLt5dCoxKlvTvhypmirWVvUpBPfp617Ga9alN/DVWCMALFlj
5Y3J+AzbgIoYVisqoMDlRIWJczjAESbUIfPbvbV7BM9BsdXEeSVt7nXyRQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLa9zGrt/VXCif14DKQ6vdOReOxtMB8GA1UdIwQY
MBaAFMlHCuQY7t3Ws52unnoXehnHeZxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMt
YjA5MTIxNWQ1ZTRkLzEvdHIzTWF1MzlWY0tKX1hnTXBEcTkwNUY0N0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMtYjA5MTIxNWQ1ZTRk
LzEveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuSTYAwQB
wvcaMA8EAgACMAkDBwAgAQZ8ICQwDQYJKoZIhvcNAQELBQADggEBABvOtcX6q/hw
ygnSEoyiQAaJ8NXlVeIp+MjheXgOaWe9YSH/CQZMl2R96/4RTjsVRvuY5bp6JeIH
ISvhHlFbDZJ9Io2Dwh+sVWFDYxzB0zWSiSC0GU8HPNxiu1EWqDUMaig658bnQsPD
ititzt10B3CixMvugDnEEzkdhZsci81R1OyO+YOA3Z8ixKX1L0wGYTCPGl/j+lW9
jPLgUsdhfYEy/yCYPUDRkKsgYbB0B6NDs7fcDU4o+vSnYJgDZQIzts/BpwWyAhC6
xmeSxehw5Bz2lST3ph+eGOiJK/HUGSH1yqZ22dGNLgQh9+Q9YaaanNWP1UOEh100
MsxGyDPqg5U=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:34:20 2025 by rpki-client