Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/2cqLG7f7M7EO1CExAEwed3q2RJY.roa
File: 2cqLG7f7M7EO1CExAEwed3q2RJY.roa (raw, json)
Hash identifier: oMyZToCAGoMS3fuIPl6elQvL2EBYTw46vFWwPyR2dhM=
Subject key identifier: D9:CA:8B:1B:B7:FB:33:B1:0E:D4:21:31:00:4C:1E:77:7A:B6:44:96
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 0198C6CDAB10AAE5125900D4981976DD1738
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/2cqLG7f7M7EO1CExAEwed3q2RJY.roa
Signing time: Wed 20 Aug 2025 09:27:04 +0000
ROA not before: Wed 20 Aug 2025 09:27:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43298
IP address blocks: 185.121.243.0/24 maxlen: 24
2a06:a180:20::/48 maxlen: 48
2a06:a180:90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:cd:ab:10:aa:e5:12:59:00:d4:98:19:76:dd:17:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Aug 20 09:27:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9ca8b1bb7fb33b10ed42131004c1e777ab64496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:81:a2:34:1b:3b:cc:43:33:00:98:2f:81:7e:
e4:78:5b:5c:3c:95:25:49:5c:d1:5e:34:de:d5:2c:
04:69:78:e5:f9:a0:a5:51:08:6c:15:a1:3d:89:43:
db:3b:1c:81:be:6f:77:e0:34:8d:d1:2d:44:66:9e:
3b:86:11:7b:16:95:28:a7:df:73:05:04:2b:45:19:
f4:d6:3f:7c:4a:4c:b4:8f:5d:4b:da:c0:97:84:8a:
b3:34:6c:c7:86:a3:af:00:3d:60:12:00:53:4c:0d:
0a:d8:51:82:63:d7:cb:8f:01:d6:5a:93:f0:42:d3:
ac:bc:86:b2:ce:bb:07:0b:7f:08:14:45:81:18:55:
a6:59:e1:f3:8c:73:9d:44:36:ab:84:e0:63:4c:7c:
58:87:f6:6e:e7:d1:0b:42:56:59:28:e9:8d:f1:3c:
ff:06:63:e9:1e:a3:ae:1f:19:fa:83:a6:ff:a0:85:
73:56:19:12:b0:95:88:85:67:ad:fe:b9:f6:26:fa:
d7:0e:fd:e3:f9:9f:95:e8:47:12:98:47:c3:7c:3c:
63:42:9a:81:07:cb:eb:53:70:a0:bb:6e:05:70:4d:
da:8d:0b:b3:16:66:b0:10:70:10:74:fa:90:91:bf:
32:3c:94:b8:76:aa:4d:d6:69:fd:08:4a:97:a5:58:
ab:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CA:8B:1B:B7:FB:33:B1:0E:D4:21:31:00:4C:1E:77:7A:B6:44:96
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/2cqLG7f7M7EO1CExAEwed3q2RJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.243.0/24
IPv6:
2a06:a180:20::/48
2a06:a180:90::/48
Signature Algorithm: sha256WithRSAEncryption
50:31:78:2b:03:44:95:9f:e5:0c:8d:01:83:14:92:5d:af:fc:
ed:80:9d:f3:30:df:38:dd:ff:d5:2d:e5:c1:92:a2:c0:50:8e:
71:bd:9b:21:79:3d:1a:0b:dd:a6:8d:12:b5:4c:60:68:a8:47:
66:31:c9:f6:4b:86:dc:e3:7a:47:d9:04:5b:85:44:d0:87:ae:
fa:7d:0c:b9:51:f0:c6:3c:95:a4:a8:36:40:7f:aa:04:e3:90:
e0:17:ed:ac:e5:83:fb:75:d5:f4:ac:64:bf:1b:3b:8e:89:64:
7d:b3:96:0c:d7:95:31:5c:ae:38:f1:37:6e:d9:96:40:24:9c:
c7:1f:8e:90:54:86:f8:c9:fd:e0:76:c8:53:93:1a:d7:8c:df:
86:83:99:4e:76:3f:09:85:ce:41:11:54:cd:28:9d:17:4a:a6:
aa:2d:d7:50:c4:09:0b:ac:30:c6:17:81:40:5d:1a:12:ad:c1:
a6:5d:8a:04:47:d1:35:bb:bc:49:df:49:49:6d:f0:c0:d9:4b:
c2:cf:49:b9:a7:e8:d2:4e:7f:f0:3c:af:4a:5a:ec:3a:23:78:
71:43:98:5e:31:6d:77:9e:15:0b:38:d1:49:d8:c0:a2:9c:f4:
a3:a4:28:3a:f0:5a:ff:3e:a8:e0:49:40:b3:72:73:6a:4a:24:
0e:35:84:81
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZjGzasQquUSWQDUmBl23Rc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjUwODIwMDkyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNhOGIxYmI3ZmIzM2IxMGVkNDIxMzEwMDRjMWU3NzdhYjY0NDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoGiNBs7zEMzAJgvgX7keFtcPJUl
SVzRXjTe1SwEaXjl+aClUQhsFaE9iUPbOxyBvm934DSN0S1EZp47hhF7FpUop99z
BQQrRRn01j98Sky0j11L2sCXhIqzNGzHhqOvAD1gEgBTTA0K2FGCY9fLjwHWWpPw
QtOsvIayzrsHC38IFEWBGFWmWeHzjHOdRDarhOBjTHxYh/Zu59ELQlZZKOmN8Tz/
BmPpHqOuHxn6g6b/oIVzVhkSsJWIhWet/rn2JvrXDv3j+Z+V6EcSmEfDfDxjQpqB
B8vrU3Cgu24FcE3ajQuzFmawEHAQdPqQkb8yPJS4dqpN1mn9CEqXpViryQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNnKixu3+zOxDtQhMQBMHnd6tkSWMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvMmNxTEc3ZjdNN0VPMUNFeEFFd2VkM3EyUkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuXnzMBgE
AgACMBIDBwAqBqGAACADBwAqBqGAAJAwDQYJKoZIhvcNAQELBQADggEBAFAxeCsD
RJWf5QyNAYMUkl2v/O2AnfMw3zjd/9Ut5cGSosBQjnG9myF5PRoL3aaNErVMYGio
R2YxyfZLhtzjekfZBFuFRNCHrvp9DLlR8MY8laSoNkB/qgTjkOAX7azlg/t11fSs
ZL8bO46JZH2zlgzXlTFcrjjxN27ZlkAknMcfjpBUhvjJ/eB2yFOTGteM34aDmU52
PwmFzkERVM0onRdKpqot11DECQusMMYXgUBdGhKtwaZdigRH0TW7vEnfSUlt8MDZ
S8LPSbmn6NJOf/A8r0pa7DojeHFDmF4xbXeeFQs40UnYwKKc9KOkKDrwWv8+qOBJ
QLNyc2pKJA41hIE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:52:49 2025 by rpki-client