Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DfbQw2CZdvV9g5JBQnDX05ka_o.roa
File: 2DfbQw2CZdvV9g5JBQnDX05ka_o.roa (raw, json)
Hash identifier: 3QLPWu5thUR8l/WSM5Yx6aYV4L3PWvcWLK6yTg1yUCY=
Subject key identifier: D8:37:DB:43:0D:82:65:DB:D5:F6:0E:49:05:09:C3:5F:4E:64:6B:FA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01997FE9AA825A74CC12D30DF87AAB2C664E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DfbQw2CZdvV9g5JBQnDX05ka_o.roa
Signing time: Thu 25 Sep 2025 08:07:23 +0000
ROA not before: Thu 25 Sep 2025 08:07:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210676
IP address blocks: 185.99.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:e9:aa:82:5a:74:cc:12:d3:0d:f8:7a:ab:2c:66:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 25 08:07:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d837db430d8265dbd5f60e490509c35f4e646bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:ca:11:99:a2:69:36:2c:39:35:ac:bc:22:
da:fd:c2:8a:6f:de:52:6a:6a:f6:28:94:0c:e0:7d:
45:36:cb:0b:b2:3e:27:d2:b2:08:00:db:82:2b:40:
e6:d8:3a:eb:a0:f0:82:f1:f7:ac:18:b0:ff:e6:16:
ed:3f:9a:77:48:17:03:e9:4b:de:40:b8:df:14:43:
72:ed:e9:78:87:95:09:51:4e:b5:38:1a:28:02:4a:
79:48:9d:04:e9:73:06:29:4f:45:cb:a9:19:a6:25:
d1:82:84:83:7c:be:27:03:4d:db:d5:5a:c5:58:d8:
88:ea:f8:5a:5f:20:f5:9b:bb:fc:a8:6c:bf:14:48:
f4:67:a2:ba:b2:5a:c9:52:15:49:34:0a:04:98:6c:
fe:a1:cc:76:58:89:57:61:e8:4b:44:3b:fb:88:b8:
5c:ae:6e:8a:ec:6f:4b:0f:14:7c:37:5b:ba:b2:42:
b4:05:3d:f2:e5:e7:ee:8d:90:ca:b4:1e:40:21:b8:
f9:51:fa:82:ce:18:cf:41:14:4b:ff:2b:83:25:ef:
28:40:09:40:72:47:c7:1c:fd:20:2b:72:a5:7d:fd:
39:7e:1a:93:5e:e5:33:3a:83:a6:d1:f3:8d:eb:7a:
46:8f:d1:2a:9d:5e:cf:e7:2c:fb:cf:60:75:ab:79:
29:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:37:DB:43:0D:82:65:DB:D5:F6:0E:49:05:09:C3:5F:4E:64:6B:FA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2DfbQw2CZdvV9g5JBQnDX05ka_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.97.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6a:ec:0f:b0:d0:2e:ec:45:ce:fd:f5:e7:98:05:c9:ba:0c:
2a:e6:e6:b0:39:0d:4d:7d:98:ce:69:2a:a3:c3:0a:a6:47:d7:
16:d8:16:24:91:09:e4:20:d8:e0:50:e9:00:f5:74:5c:09:0b:
1c:ce:42:42:7a:bb:45:e8:a1:bd:ac:33:68:1a:3e:a6:2e:d5:
8d:f4:0b:ba:ec:ca:96:11:98:fa:c6:b1:ba:db:20:f8:2e:08:
e4:a6:30:5e:ad:cc:6a:52:35:ea:e3:94:cc:7e:54:1c:63:03:
cd:62:a3:03:c7:bc:d0:65:44:3f:1e:5f:eb:ce:50:47:4d:06:
0b:67:ae:38:db:5c:87:bf:5e:68:0d:af:98:e1:fd:cc:1b:2b:
a9:58:11:ad:ae:aa:9b:5b:15:46:0d:61:9b:b6:72:28:e4:2f:
98:21:42:fa:9f:4f:02:83:78:5e:1d:8f:fc:dd:e5:b5:8c:be:
b5:9a:08:8b:73:03:78:b6:82:65:6b:03:a1:84:67:df:ba:48:
fe:31:ce:e6:ca:30:4e:61:7d:bd:4b:b4:2b:45:7e:9a:69:d7:
4d:69:ba:bf:34:1f:42:0b:c9:41:66:e7:71:59:ed:5d:4f:f9:
68:d9:1d:9d:b2:dc:6a:be:75:9c:4f:fa:e4:e7:35:54:55:65:
8c:9c:07:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl/6aqCWnTMEtMN+HqrLGZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTI1MDgwNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM3ZGI0MzBkODI2NWRiZDVmNjBlNDkwNTA5YzM1ZjRlNjQ2YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0/KEZmiaTYsOTWsvCLa/cKKb95S
amr2KJQM4H1FNssLsj4n0rIIANuCK0Dm2DrroPCC8fesGLD/5hbtP5p3SBcD6Uve
QLjfFENy7el4h5UJUU61OBooAkp5SJ0E6XMGKU9Fy6kZpiXRgoSDfL4nA03b1VrF
WNiI6vhaXyD1m7v8qGy/FEj0Z6K6slrJUhVJNAoEmGz+ocx2WIlXYehLRDv7iLhc
rm6K7G9LDxR8N1u6skK0BT3y5efujZDKtB5AIbj5UfqCzhjPQRRL/yuDJe8oQAlA
ckfHHP0gK3Klff05fhqTXuUzOoOm0fON63pGj9EqnV7P5yz7z2B1q3kpAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNg320MNgmXb1fYOSQUJw19OZGv6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMkRmYlF3MkNaZHZWOWc1SkJRbkRYMDVrYV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWNhMA0G
CSqGSIb3DQEBCwUAA4IBAQApauwPsNAu7EXO/fXnmAXJugwq5uawOQ1NfZjOaSqj
wwqmR9cW2BYkkQnkINjgUOkA9XRcCQsczkJCertF6KG9rDNoGj6mLtWN9Au67MqW
EZj6xrG62yD4LgjkpjBercxqUjXq45TMflQcYwPNYqMDx7zQZUQ/Hl/rzlBHTQYL
Z64421yHv15oDa+Y4f3MGyupWBGtrqqbWxVGDWGbtnIo5C+YIUL6n08Cg3heHY/8
3eW1jL61mgiLcwN4toJlawOhhGffukj+Mc7myjBOYX29S7QrRX6aaddNabq/NB9C
C8lBZudxWe1dT/lo2R2dstxqvnWcT/rk5zVUVWWMnAcI
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:11:15 2025 by rpki-client