Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/_SIVUqOCoAD9QAv9j_FoehRwqCQ.roa
File: _SIVUqOCoAD9QAv9j_FoehRwqCQ.roa (raw, json)
Hash identifier: sSOjeJjB03HHhjQxuEaox3x4XiuehbGVKeOJQiC5f04=
Subject key identifier: FD:22:15:52:A3:82:A0:00:FD:40:0B:FD:8F:F1:68:7A:14:70:A8:24
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 019782E027E155828F228BD8CE860F2A6D73
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/_SIVUqOCoAD9QAv9j_FoehRwqCQ.roa
Signing time: Wed 18 Jun 2025 11:50:17 +0000
ROA not before: Wed 18 Jun 2025 11:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210848
IP address blocks: 185.156.74.0/24 maxlen: 24
185.193.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 02:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:e0:27:e1:55:82:8f:22:8b:d8:ce:86:0f:2a:6d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jun 18 11:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd221552a382a000fd400bfd8ff1687a1470a824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:a6:37:ae:85:7d:df:e5:e5:21:f1:51:17:
0e:71:b1:7f:17:07:0f:a2:2d:48:db:50:c1:b1:cf:
16:f4:de:10:91:be:82:85:de:73:41:95:d4:a1:3e:
f9:b8:b3:3e:ce:83:cd:8d:bb:77:56:c5:06:87:cf:
a6:2c:c2:01:b2:73:a7:4d:03:bc:87:d7:12:71:46:
ab:7a:d3:6d:b9:68:3a:50:b0:aa:84:7a:93:b2:0f:
a2:91:f8:9b:a5:7f:98:10:ef:98:e4:21:62:d6:7d:
00:e4:be:f3:d9:33:42:b6:7d:9c:8c:aa:50:d8:f8:
72:fa:cd:69:32:40:9b:c0:cf:6f:af:8a:6d:2d:54:
dc:70:60:69:1e:7c:76:0f:39:40:6c:9b:4a:7f:c0:
f0:e6:46:8b:d9:c6:fd:15:bf:a5:28:2d:75:b9:b3:
3b:f6:96:24:ae:fa:f4:49:8b:af:1e:67:cd:14:7d:
95:68:47:64:0f:10:1b:2e:7c:1e:08:38:42:5f:4a:
16:1a:68:74:d0:99:b6:3c:25:62:ed:b3:02:82:fe:
8b:c3:52:e3:20:58:22:ba:34:ae:dc:54:f1:3c:68:
78:c9:db:7a:88:d9:21:18:2d:58:32:fa:1d:c0:34:
b8:02:10:04:b6:cf:d0:ba:b5:58:e2:58:56:9d:37:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:22:15:52:A3:82:A0:00:FD:40:0B:FD:8F:F1:68:7A:14:70:A8:24
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/_SIVUqOCoAD9QAv9j_FoehRwqCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.74.0/24
185.193.88.0/24
Signature Algorithm: sha256WithRSAEncryption
73:35:77:af:b2:9f:f6:27:e1:d5:71:dc:ae:0e:b1:3f:47:ab:
ea:5c:6b:a3:09:a4:84:1f:34:f9:75:55:9d:06:15:91:ec:60:
8c:0a:1a:70:6f:73:87:92:a4:0c:9c:11:21:2d:70:5c:05:9e:
0c:6c:85:d6:26:2a:44:9d:d4:af:11:93:4a:e0:ad:78:40:5b:
1e:ff:68:70:b9:9e:1c:c0:90:c6:fa:a2:cc:46:45:17:9d:3a:
6d:ba:58:db:77:04:82:6c:96:11:a3:db:24:6b:60:2e:d4:46:
da:1a:c8:7d:1e:bc:f0:f3:25:32:fb:bf:98:ad:19:af:6d:44:
bc:10:a1:5a:ea:4e:0a:e6:65:90:5a:ae:1c:50:52:f2:1f:45:
f9:ca:f9:28:c4:7b:43:fd:57:0e:32:1f:de:9c:21:55:64:ee:
75:8a:6c:d5:bc:03:ad:c0:80:7d:3b:61:1e:4b:c8:46:7a:a3:
0f:48:6e:96:88:59:97:87:8c:ad:29:45:d2:19:dd:b5:a1:e4:
49:1c:05:ee:a3:7d:f6:91:b3:18:1d:6a:ca:42:ca:2e:9f:21:
2d:0c:79:f8:dc:bb:ee:e6:9e:50:96:ee:1d:29:12:8d:4a:cd:
77:17:c8:8b:3e:6f:f3:fd:28:90:c5:77:5e:a5:2a:e7:e2:81:
41:ea:bf:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeC4CfhVYKPIovYzoYPKm1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjUwNjE4MTE1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDIyMTU1MmEzODJhMDAwZmQ0MDBiZmQ4ZmYxNjg3YTE0NzBhODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCOmN66Ffd/l5SHxURcOcbF/FwcP
oi1I21DBsc8W9N4Qkb6Chd5zQZXUoT75uLM+zoPNjbt3VsUGh8+mLMIBsnOnTQO8
h9cScUaretNtuWg6ULCqhHqTsg+ikfibpX+YEO+Y5CFi1n0A5L7z2TNCtn2cjKpQ
2Phy+s1pMkCbwM9vr4ptLVTccGBpHnx2DzlAbJtKf8Dw5kaL2cb9Fb+lKC11ubM7
9pYkrvr0SYuvHmfNFH2VaEdkDxAbLnweCDhCX0oWGmh00Jm2PCVi7bMCgv6Lw1Lj
IFgiujSu3FTxPGh4ydt6iNkhGC1YMvodwDS4AhAEts/QurVY4lhWnTdvDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0iFVKjgqAA/UAL/Y/xaHoUcKgkMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvX1NJVlVxT0NvQUQ5UUF2OWpfRm9laFJ3cUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZxKAwQA
ucFYMA0GCSqGSIb3DQEBCwUAA4IBAQBzNXevsp/2J+HVcdyuDrE/R6vqXGujCaSE
HzT5dVWdBhWR7GCMChpwb3OHkqQMnBEhLXBcBZ4MbIXWJipEndSvEZNK4K14QFse
/2hwuZ4cwJDG+qLMRkUXnTptuljbdwSCbJYRo9ska2Au1EbaGsh9Hrzw8yUy+7+Y
rRmvbUS8EKFa6k4K5mWQWq4cUFLyH0X5yvkoxHtD/VcOMh/enCFVZO51imzVvAOt
wIB9O2EeS8hGeqMPSG6WiFmXh4ytKUXSGd21oeRJHAXuo332kbMYHWrKQsounyEt
DHn43Lvu5p5Qlu4dKRKNSs13F8iLPm/z/SiQxXdepSrn4oFB6r+R
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:07:11 2025 by rpki-client