Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YMiovkkM1pTRsj2s2pWWavdNH3M.roa
File: YMiovkkM1pTRsj2s2pWWavdNH3M.roa (raw, json)
Hash identifier: d26rfkrfXfTKQZRjWJD5TAVJi3E84OTuQPo2eEaVnMI=
Subject key identifier: 60:C8:A8:BE:49:0C:D6:94:D1:B2:3D:AC:DA:95:96:6A:F7:4D:1F:73
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019784A2994772124B56A6FCDD1337F2AC3F
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YMiovkkM1pTRsj2s2pWWavdNH3M.roa
Signing time: Wed 18 Jun 2025 20:02:17 +0000
ROA not before: Wed 18 Jun 2025 20:02:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 48
2a0a:9f40:babe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:84:a2:99:47:72:12:4b:56:a6:fc:dd:13:37:f2:ac:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jun 18 20:02:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60c8a8be490cd694d1b23dacda95966af74d1f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:ef:8b:56:de:e9:15:be:d5:04:34:7d:66:
ab:5f:9e:f5:fa:97:86:6f:e6:23:ca:5a:17:19:98:
9e:cb:8a:61:0b:05:ea:0d:b1:37:59:4c:9a:0d:cc:
24:0f:17:d2:d3:bd:f7:2c:35:92:5d:56:cd:0a:a5:
6c:64:a7:2c:95:8d:17:47:9f:58:36:06:73:b9:ee:
3d:7d:41:2e:a0:a2:c3:b9:5d:45:72:9d:10:45:ca:
38:2f:fa:69:d7:9a:b3:d8:74:66:8b:16:8c:2c:57:
7f:52:48:b5:11:2b:d4:31:9d:2a:f1:b3:1f:90:14:
f8:8d:5f:30:fe:83:70:ca:46:d8:c2:dc:aa:d6:14:
36:dc:02:4a:f5:df:44:92:d9:f8:1b:f8:0f:41:64:
35:6d:3d:08:da:c4:d3:3f:24:89:02:8c:36:51:d9:
23:b7:fa:29:2a:a8:cb:3c:da:d4:ad:6f:ba:76:66:
41:f2:36:29:f3:b1:23:6d:85:ea:7d:d3:03:e5:20:
60:89:93:cd:27:e9:40:ef:69:07:6e:14:8b:13:cf:
6d:ea:8c:98:36:15:0c:16:ce:ab:2d:bf:37:d8:19:
ea:76:e7:e6:b2:be:8e:0c:96:e4:cf:ed:7d:b7:7e:
36:b7:c2:40:29:9c:1b:69:88:3e:fc:f3:73:b8:e3:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C8:A8:BE:49:0C:D6:94:D1:B2:3D:AC:DA:95:96:6A:F7:4D:1F:73
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YMiovkkM1pTRsj2s2pWWavdNH3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
78:9a:ac:d3:b6:f2:ed:2d:88:61:62:2f:1c:78:b1:76:bb:7d:
63:a1:77:2f:f3:a3:28:b4:59:6c:6f:43:fe:6e:17:ab:fc:6f:
5e:11:b5:d9:a8:a8:ad:0d:b4:b7:07:6a:1b:e4:3a:6b:6c:6e:
d0:2d:34:07:83:7d:0d:48:44:94:ae:3e:15:17:ed:d9:20:59:
61:f2:3f:fd:0b:cd:cd:2f:62:4d:b6:f9:2c:12:87:f2:cc:db:
c0:64:a0:6e:41:e9:44:0d:92:8a:ca:be:53:6a:aa:24:f2:95:
1c:02:48:eb:c9:77:01:3e:ee:b1:e5:ff:60:8e:d0:07:fd:f5:
a5:c0:06:31:60:90:2a:e7:3c:14:e6:36:1d:ba:a7:f6:dc:44:
1d:a7:ec:f1:88:8e:3b:9e:65:9a:03:26:59:17:be:66:d9:be:
3f:0c:5b:f8:36:09:3e:80:42:80:e7:b0:67:d9:a2:73:0d:23:
93:32:99:d4:b1:c7:56:43:13:8e:cb:b0:8d:e9:0a:7f:18:18:
d5:12:8c:91:a2:55:8f:02:f5:d7:6d:33:6c:70:0a:ed:30:10:
02:63:d3:be:f2:93:ba:c3:8d:e5:86:51:53:8e:6d:0b:c7:7c:
9e:fd:6f:e3:14:5a:1e:34:8b:93:19:52:8e:b2:2e:b3:40:2a:
b4:c2:2e:d0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZeEoplHchJLVqb83RM38qw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwNjE4MjAwMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM4YThiZTQ5MGNkNjk0ZDFiMjNkYWNkYTk1OTY2YWY3NGQxZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAjvi1be6RW+1QQ0fWarX571+peG
b+YjyloXGZiey4phCwXqDbE3WUyaDcwkDxfS0733LDWSXVbNCqVsZKcslY0XR59Y
NgZzue49fUEuoKLDuV1Fcp0QRco4L/pp15qz2HRmixaMLFd/Uki1ESvUMZ0q8bMf
kBT4jV8w/oNwykbYwtyq1hQ23AJK9d9Ektn4G/gPQWQ1bT0I2sTTPySJAow2Udkj
t/opKqjLPNrUrW+6dmZB8jYp87EjbYXqfdMD5SBgiZPNJ+lA72kHbhSLE89t6oyY
NhUMFs6rLb832Bnqdufmsr6ODJbkz+19t342t8JAKZwbaYg+/PNzuONrkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGDIqL5JDNaU0bI9rNqVlmr3TR9zMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvWU1pb3Zra00xcFRSc2oyczJwV1dhdmROSDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcgAwQC
uYx8MA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQB4mqzTtvLtLYhh
Yi8ceLF2u31joXcv86MotFlsb0P+bher/G9eEbXZqKitDbS3B2ob5DprbG7QLTQH
g30NSESUrj4VF+3ZIFlh8j/9C83NL2JNtvksEofyzNvAZKBuQelEDZKKyr5Taqok
8pUcAkjryXcBPu6x5f9gjtAH/fWlwAYxYJAq5zwU5jYduqf23EQdp+zxiI47nmWa
AyZZF75m2b4/DFv4Ngk+gEKA57Bn2aJzDSOTMpnUscdWQxOOy7CN6Qp/GBjVEoyR
olWPAvXXbTNscArtMBACY9O+8pO6w43lhlFTjm0Lx3ye/W/jFFoeNIuTGVKOsi6z
QCq0wi7Q
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:58:39 2025 by rpki-client