Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/pA69kigPY-rHAuVsRrW13R0aZeM.roa
File: pA69kigPY-rHAuVsRrW13R0aZeM.roa (raw, json)
Hash identifier: pYVfBq1JCxgc3lobgl41dLccuxJHZgCaSlieF8Jm/Tc=
Subject key identifier: A4:0E:BD:92:28:0F:63:EA:C7:02:E5:6C:46:B5:B5:DD:1D:1A:65:E3
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 019778B1A5D553C76CA20EDED8ED58D92782
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/pA69kigPY-rHAuVsRrW13R0aZeM.roa
Signing time: Mon 16 Jun 2025 12:23:17 +0000
ROA not before: Mon 16 Jun 2025 12:23:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204348
IP address blocks: 185.249.255.0/24 maxlen: 24
185.252.112.0/24 maxlen: 24
185.252.113.0/24 maxlen: 24
185.252.115.0/24 maxlen: 24
2a04:b800::/32 maxlen: 32
2a04:b801::/32 maxlen: 32
2a04:b802::/32 maxlen: 32
2a04:b803::/32 maxlen: 32
2a04:b804::/32 maxlen: 32
2a04:b805::/32 maxlen: 32
2a04:b806::/32 maxlen: 32
2a04:b807::/32 maxlen: 32
2a0e:e7c0::/32 maxlen: 32
2a0e:e7c1::/32 maxlen: 32
2a0e:e7c2::/32 maxlen: 32
2a0e:e7c3::/32 maxlen: 32
2a0e:e7c4::/32 maxlen: 32
2a0e:e7c5::/32 maxlen: 32
2a0e:e7c6::/32 maxlen: 32
2a0e:e7c7::/32 maxlen: 32
2a10:a6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:b1:a5:d5:53:c7:6c:a2:0e:de:d8:ed:58:d9:27:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Jun 16 12:23:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a40ebd92280f63eac702e56c46b5b5dd1d1a65e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:31:b9:ec:68:85:04:63:3e:f6:5e:72:5f:ec:
af:da:90:44:75:80:49:63:6c:3b:b3:e3:55:18:b9:
51:02:ea:8d:e2:6b:d6:32:62:e0:16:5a:1f:4d:d1:
a4:6d:00:c0:de:5f:7a:9c:3c:18:71:12:0f:9a:6b:
e8:bf:5a:eb:d6:14:14:4c:70:4c:a5:6f:e3:73:20:
ff:19:49:50:c5:d6:51:ab:04:55:c6:0b:4e:54:f4:
64:6c:13:df:b9:d4:45:8b:da:da:6d:64:aa:5f:45:
46:f3:7c:d0:d9:a5:66:41:90:08:9b:9f:e0:55:3b:
9b:18:a3:09:07:d9:56:25:9b:42:9f:71:79:bc:14:
5f:db:d1:75:9e:f5:19:14:a7:18:19:d2:f5:ea:0f:
47:64:62:5f:7a:30:cc:09:bc:f2:a1:75:be:77:8d:
a1:89:86:22:0f:74:59:ce:ae:b1:2f:42:fd:a2:48:
7b:66:75:8d:75:f8:a5:a6:a6:50:3c:38:d9:20:87:
5a:ac:62:6d:ed:de:bd:5b:e8:25:78:86:c9:7e:ef:
47:d9:a2:2c:97:cb:f2:f6:5b:77:ed:42:e4:58:b0:
10:0e:71:6a:72:ca:38:aa:2a:c5:46:78:2b:ef:3c:
44:eb:db:fa:15:82:88:42:6f:96:8b:10:fe:58:74:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0E:BD:92:28:0F:63:EA:C7:02:E5:6C:46:B5:B5:DD:1D:1A:65:E3
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/pA69kigPY-rHAuVsRrW13R0aZeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.255.0/24
185.252.112.0/23
185.252.115.0/24
IPv6:
2a04:b800::/29
2a0e:e7c0::/29
2a10:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:ab:5c:28:db:ab:1d:55:75:12:6b:31:93:f9:98:79:f1:a0:
69:75:19:ef:3b:ec:98:4f:2c:1c:20:81:19:b8:84:17:9a:47:
44:3c:2a:96:b7:73:e0:12:c4:27:42:f1:48:bf:ea:76:de:11:
fe:cf:e7:98:63:d9:e4:2a:f6:bc:7b:da:0c:87:dd:9f:15:2c:
fc:69:fc:dc:14:7a:c8:6e:a9:5b:4d:89:a4:e0:f7:83:c2:66:
54:7f:14:be:b4:94:b7:ad:fa:4e:0d:3e:82:25:b9:5e:fd:04:
7a:77:71:37:d2:52:30:02:45:62:8f:f6:82:5e:32:68:60:f3:
29:2f:1d:47:5d:0b:f5:97:e0:1e:94:dd:a3:d4:1d:7d:3e:c9:
40:6b:c0:8a:e8:c2:00:7a:0c:93:24:29:e6:ae:64:d5:28:7e:
8e:86:fc:30:ef:e9:b3:ed:a9:22:1d:32:e7:48:81:ec:1c:a6:
f9:59:d0:ea:a7:28:fe:66:f8:48:6d:f4:5f:ff:bf:50:97:72:
1f:d6:7d:09:26:7f:3c:97:10:81:65:38:2d:c5:7d:ba:21:f5:
47:c7:60:b4:b9:92:9d:2a:7c:f9:6f:0f:b7:38:01:a7:f2:95:
fb:6d:00:38:ec:fa:5f:8c:71:68:b0:79:bb:ea:10:6f:7f:47:
8f:be:ca:77
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZd4saXVU8dsog7e2O1Y2SeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YjIyZWVhNGE0YTNiODE2NTRhMjI3ZWRhOTRlMGU3NTkz
N2IwMTUwHhcNMjUwNjE2MTIyMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBlYmQ5MjI4MGY2M2VhYzcwMmU1NmM0NmI1YjVkZDFkMWE2NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzG57GiFBGM+9l5yX+yv2pBEdYBJ
Y2w7s+NVGLlRAuqN4mvWMmLgFlofTdGkbQDA3l96nDwYcRIPmmvov1rr1hQUTHBM
pW/jcyD/GUlQxdZRqwRVxgtOVPRkbBPfudRFi9rabWSqX0VG83zQ2aVmQZAIm5/g
VTubGKMJB9lWJZtCn3F5vBRf29F1nvUZFKcYGdL16g9HZGJfejDMCbzyoXW+d42h
iYYiD3RZzq6xL0L9okh7ZnWNdfilpqZQPDjZIIdarGJt7d69W+gleIbJfu9H2aIs
l8vy9lt37ULkWLAQDnFqcso4qirFRngr7zxE69v6FYKIQm+WixD+WHRhSQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKQOvZIoD2PqxwLlbEa1td0dGmXjMB8GA1UdIwQY
MBaAFGiyLupKSjuBZUoiftqU4OdZN7AVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUxJdTZrcEtPNEZsU2lKLTJwVGc1MWszc0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OWNiYzAtYjZjNS00ZTY3LWE3M2It
MmI2NWE3YThiZThjLzEvcEE2OWtpZ1BZLXJIQXVWc1JyVzEzUjBhWmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OWNiYzAtYjZjNS00ZTY3LWE3M2ItMmI2NWE3YThiZThj
LzEvYUxJdTZrcEtPNEZsU2lKLTJwVGc1MWszc0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAufn/AwQB
ufxwAwQAufxzMBsEAgACMBUDBQMqBLgAAwUDKg7nwAMFAyoQpsAwDQYJKoZIhvcN
AQELBQADggEBADyrXCjbqx1VdRJrMZP5mHnxoGl1Ge877JhPLBwggRm4hBeaR0Q8
Kpa3c+ASxCdC8Ui/6nbeEf7P55hj2eQq9rx72gyH3Z8VLPxp/NwUeshuqVtNiaTg
94PCZlR/FL60lLet+k4NPoIluV79BHp3cTfSUjACRWKP9oJeMmhg8ykvHUddC/WX
4B6U3aPUHX0+yUBrwIrowgB6DJMkKeauZNUofo6G/DDv6bPtqSIdMudIgewcpvlZ
0OqnKP5m+Eht9F//v1CXch/WfQkmfzyXEIFlOC3Ffboh9UfHYLS5kp0qfPlvD7c4
AafylfttADjs+l+McWiwebvqEG9/R4++ync=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:47:43 2025 by rpki-client