Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/YtwlFDJbdeOHm-szbyMlsHvjfHo.roa
File: YtwlFDJbdeOHm-szbyMlsHvjfHo.roa (raw, json)
Hash identifier: JgRE5cgFBiNbrrghhM3fGudxVJeqa7P1fiqWvm5ea0Y=
Subject key identifier: 62:DC:25:14:32:5B:75:E3:87:9B:EB:33:6F:23:25:B0:7B:E3:7C:7A
Certificate issuer: /CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Certificate serial: 0197ADD45D408C55098A927795CF13499806
Authority key identifier: D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/YtwlFDJbdeOHm-szbyMlsHvjfHo.roa
Signing time: Thu 26 Jun 2025 20:01:05 +0000
ROA not before: Thu 26 Jun 2025 20:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36224
IP address blocks: 164.138.69.0/24 maxlen: 24
185.33.114.0/24 maxlen: 24
202.162.49.0/24 maxlen: 24
202.162.51.0/24 maxlen: 24
202.162.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 02:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:d4:5d:40:8c:55:09:8a:92:77:95:cf:13:49:98:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Validity
Not Before: Jun 26 20:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62dc2514325b75e3879beb336f2325b07be37c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ad:66:0e:40:d3:a3:cf:78:72:3a:fc:9b:be:
ce:2a:06:04:55:9e:8e:02:b9:1e:57:64:9b:8f:79:
1a:d5:58:cb:64:62:9b:c5:a4:e7:6b:2a:e6:f8:00:
35:1f:b5:c4:17:11:d3:23:a3:f1:15:2d:53:0d:4c:
cd:a0:6f:43:b5:db:35:a8:56:6d:6c:36:6c:be:3a:
f3:40:36:83:d3:f7:fe:39:25:d9:a1:b1:5a:44:8f:
b4:7f:4c:24:37:cf:c2:bf:87:d9:d1:bb:65:17:50:
18:d9:1d:38:66:c9:43:49:53:69:d7:46:00:1a:46:
ac:fd:90:bb:c1:66:3b:73:a7:ed:1c:ad:33:3f:85:
68:1c:a3:11:9c:d8:c3:d2:0a:21:72:ed:ed:27:ec:
13:26:87:d0:3f:f2:48:a1:a5:a2:57:78:a9:a7:e8:
28:34:bd:e2:5c:0a:1b:d1:eb:3b:d8:26:a3:26:c4:
d3:4a:8f:da:6d:14:ce:0f:ab:d9:3b:ae:95:22:25:
21:57:8c:60:8b:5f:44:87:8f:db:df:83:0b:76:0f:
45:ec:2d:8a:a9:dc:00:a6:63:b0:5f:b3:f1:47:91:
8e:8a:ac:d6:7f:89:f6:e6:ad:76:46:79:b2:75:48:
6e:a4:91:b8:55:c8:c6:a0:10:22:7c:97:c7:b1:42:
57:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DC:25:14:32:5B:75:E3:87:9B:EB:33:6F:23:25:B0:7B:E3:7C:7A
X509v3 Authority Key Identifier:
keyid:D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/YtwlFDJbdeOHm-szbyMlsHvjfHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.69.0/24
185.33.114.0/24
202.162.49.0/24
202.162.51.0-202.162.52.255
Signature Algorithm: sha256WithRSAEncryption
8c:01:87:86:a2:d1:99:12:58:f0:b9:65:f3:dc:94:d2:54:a6:
96:78:6e:76:af:a0:08:cb:95:30:c3:4d:b1:b2:c2:4c:a4:73:
eb:1f:4e:48:b5:0c:ea:94:42:10:96:36:fa:ac:65:bd:59:92:
c2:90:b8:b0:79:46:6d:ee:26:41:6f:7d:0d:0a:82:a9:b7:d0:
d7:6b:ef:c1:af:ca:01:ff:83:5a:a2:72:3a:ad:f3:95:6b:69:
81:cb:52:51:b0:26:31:67:0f:71:3c:5d:2b:e0:1c:62:a8:f1:
3b:75:09:04:05:aa:0a:23:07:ad:3c:31:33:a4:a3:a3:ba:cb:
0c:3b:2a:4f:14:92:90:56:66:95:e3:31:c6:3a:54:73:26:1d:
d2:e2:5f:3c:94:5d:3c:ef:91:08:e6:0a:1e:18:e0:a6:ee:04:
18:97:11:00:f7:5e:6d:2d:16:fa:fc:0c:e5:f1:64:e1:b1:c6:
1b:3f:5a:73:92:a0:e8:e7:66:e1:32:bc:45:c3:42:bf:a2:2f:
dd:8e:ef:1c:ef:6b:50:a5:58:79:d7:37:91:23:50:ed:84:31:
91:b3:84:c7:5e:ec:5c:bd:ae:37:76:9d:66:37:4f:a1:a2:d4:
14:d0:aa:7c:60:ca:64:dd:30:f3:8f:37:39:12:84:25:3f:60:
cf:21:f2:66
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZet1F1AjFUJipJ3lc8TSZgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YzYwYTU0ZTAzYzlmODE1Y2MzM2FmZDQ1ZDNjNGRiOWFm
NzZmMTYwHhcNMjUwNjI2MjAwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRjMjUxNDMyNWI3NWUzODc5YmViMzM2ZjIzMjViMDdiZTM3YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA361mDkDTo894cjr8m77OKgYEVZ6O
ArkeV2Sbj3ka1VjLZGKbxaTnayrm+AA1H7XEFxHTI6PxFS1TDUzNoG9Dtds1qFZt
bDZsvjrzQDaD0/f+OSXZobFaRI+0f0wkN8/Cv4fZ0btlF1AY2R04ZslDSVNp10YA
Gkas/ZC7wWY7c6ftHK0zP4VoHKMRnNjD0gohcu3tJ+wTJofQP/JIoaWiV3ipp+go
NL3iXAob0es72CajJsTTSo/abRTOD6vZO66VIiUhV4xgi19Eh4/b34MLdg9F7C2K
qdwApmOwX7PxR5GOiqzWf4n25q12RnmydUhupJG4VcjGoBAifJfHsUJXNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGLcJRQyW3Xjh5vrM28jJbB743x6MB8GA1UdIwQY
MBaAFNfGClTgPJ+BXMM6/UXTxNua928WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgt
MzgzMWYzZWQxY2E4LzEvWXR3bEZESmJkZU9IbS1zemJ5TWxzSHZqZkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgtMzgzMWYzZWQxY2E4
LzEvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQApIpFAwQA
uSFyAwQAyqIxMAwDBADKojMDBADKojQwDQYJKoZIhvcNAQELBQADggEBAIwBh4ai
0ZkSWPC5ZfPclNJUppZ4bnavoAjLlTDDTbGywkykc+sfTki1DOqUQhCWNvqsZb1Z
ksKQuLB5Rm3uJkFvfQ0Kgqm30Ndr78GvygH/g1qicjqt85VraYHLUlGwJjFnD3E8
XSvgHGKo8Tt1CQQFqgojB608MTOko6O6yww7Kk8UkpBWZpXjMcY6VHMmHdLiXzyU
XTzvkQjmCh4Y4KbuBBiXEQD3Xm0tFvr8DOXxZOGxxhs/WnOSoOjnZuEyvEXDQr+i
L92O7xzva1ClWHnXN5EjUO2EMZGzhMde7Fy9rjd2nWY3T6Gi1BTQqnxgymTdMPOP
NzkShCU/YM8h8mY=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:09:39 2025 by rpki-client