Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/2vth8JCO_Wyd-5uRLg3PTDr-fFg.roa
File: 2vth8JCO_Wyd-5uRLg3PTDr-fFg.roa (raw, json)
Hash identifier: 9LUpst7vMTMHTa3hQ4R9T7kLec7gteJsYM3fKAc8ccE=
Subject key identifier: DA:FB:61:F0:90:8E:FD:6C:9D:FB:9B:91:2E:0D:CF:4C:3A:FE:7C:58
Certificate issuer: /CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Certificate serial: 0197AC6B4C6389666DF6CDD039E2E3923FBB
Authority key identifier: 01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/2vth8JCO_Wyd-5uRLg3PTDr-fFg.roa
Signing time: Thu 26 Jun 2025 13:26:42 +0000
ROA not before: Thu 26 Jun 2025 13:26:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31424
IP address blocks: 77.245.16.0/20 maxlen: 20
185.22.104.0/22 maxlen: 22
185.83.60.0/22 maxlen: 22
217.147.208.0/20 maxlen: 20
2001:4168::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:6b:4c:63:89:66:6d:f6:cd:d0:39:e2:e3:92:3f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Validity
Not Before: Jun 26 13:26:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dafb61f0908efd6c9dfb9b912e0dcf4c3afe7c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c7:b2:39:ce:ef:c1:ed:46:36:1b:02:ba:f1:
60:0e:cb:cc:4a:d1:8d:f9:7e:02:b7:14:c9:75:bb:
c7:5a:b4:df:3a:4b:60:c4:fd:2d:02:59:12:ba:31:
c2:f5:df:3b:6f:7d:10:6c:c0:2b:e0:5d:f7:68:2d:
57:7c:9e:68:20:93:45:75:a6:76:3f:73:6a:4f:af:
bc:da:f9:74:8d:8a:1c:b6:b9:e3:42:a2:79:fe:cb:
04:30:db:64:f2:b7:bf:91:87:f4:a0:eb:d3:dd:57:
92:14:c8:40:39:a6:d9:0c:1b:42:8b:39:96:30:65:
b4:fe:04:a8:5f:17:94:f4:76:7b:54:4a:85:10:4e:
f7:2c:b3:94:fb:bf:a5:c2:c7:c3:75:b5:ca:06:e3:
3b:c6:f5:dd:60:19:6f:e9:30:d3:aa:16:c7:e0:43:
31:1b:21:a7:21:57:29:15:7e:37:f2:59:bd:7e:da:
d2:0d:65:87:cf:a3:d3:ac:04:fa:1e:0b:f2:ad:79:
0a:8d:90:88:75:61:0b:f7:b9:92:bb:a8:44:b7:fd:
c0:3f:b7:41:f8:4c:e1:50:b4:61:5d:ec:d9:10:cc:
3f:a1:d0:1b:92:32:ec:80:8b:b2:c3:d2:95:c4:4e:
8e:ba:4b:42:c0:dd:e2:cb:71:c7:40:66:55:ef:e6:
52:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FB:61:F0:90:8E:FD:6C:9D:FB:9B:91:2E:0D:CF:4C:3A:FE:7C:58
X509v3 Authority Key Identifier:
keyid:01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/2vth8JCO_Wyd-5uRLg3PTDr-fFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.16.0/20
185.22.104.0/22
185.83.60.0/22
217.147.208.0/20
IPv6:
2001:4168::/32
Signature Algorithm: sha256WithRSAEncryption
54:ab:26:5a:40:3d:6e:e0:c6:ab:d7:37:7c:ea:4b:bf:45:d6:
82:72:3a:9f:d4:79:4b:56:31:96:7f:e3:9c:5d:90:9b:29:cc:
15:12:ad:c7:45:a7:08:19:93:28:d5:f6:5a:53:9d:c9:93:35:
46:55:f0:ce:46:ce:47:a2:99:f7:da:84:d9:3f:b3:b9:a9:3d:
33:fa:37:24:ca:f7:dc:07:92:c1:65:94:17:4b:1a:f8:44:44:
74:8e:a7:72:de:1c:93:a1:44:75:0c:a4:7e:e0:02:24:56:e1:
74:21:5f:2f:2f:e7:70:55:11:1f:68:83:8c:18:97:db:ba:db:
b8:87:3b:68:fb:9f:d0:ed:6c:97:3e:f9:ab:90:0a:f2:e9:97:
e7:a7:ea:6c:94:c2:85:e5:fb:4a:52:e6:cc:bd:09:52:4e:ab:
5f:8d:bf:01:05:cc:20:d7:d4:e5:3d:03:eb:00:86:5c:e1:c8:
37:f7:9c:5a:a3:53:96:04:40:6b:41:e9:a1:ac:36:59:60:e4:
b5:00:cf:f1:8e:c2:2d:8c:66:db:9f:3d:23:8a:18:9a:db:cb:
12:1e:d5:76:45:45:b0:f5:17:c7:ee:c8:c1:31:ca:e8:50:82:
0a:96:b6:61:01:a6:e8:34:d3:59:be:75:53:90:d7:f7:a2:01:
00:45:4b:e1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZesa0xjiWZt9s3QOeLjkj+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYmZlODgyZDEzZTgwM2ZjMTk0MzczZWE0MGQ4YTVhOWU2
OWYzMDQwHhcNMjUwNjI2MTMyNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZiNjFmMDkwOGVmZDZjOWRmYjliOTEyZTBkY2Y0YzNhZmU3YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtseyOc7vwe1GNhsCuvFgDsvMStGN
+X4CtxTJdbvHWrTfOktgxP0tAlkSujHC9d87b30QbMAr4F33aC1XfJ5oIJNFdaZ2
P3NqT6+82vl0jYoctrnjQqJ5/ssEMNtk8re/kYf0oOvT3VeSFMhAOabZDBtCizmW
MGW0/gSoXxeU9HZ7VEqFEE73LLOU+7+lwsfDdbXKBuM7xvXdYBlv6TDTqhbH4EMx
GyGnIVcpFX438lm9ftrSDWWHz6PTrAT6HgvyrXkKjZCIdWEL97mSu6hEt/3AP7dB
+EzhULRhXezZEMw/odAbkjLsgIuyw9KVxE6OuktCwN3iy3HHQGZV7+ZSDwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNr7YfCQjv1snfubkS4Nz0w6/nxYMB8GA1UdIwQY
MBaAFAG/6ILRPoA/wZQ3PqQNilqeafMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJfb2d0RS1nRF9CbERjLXBBMktXcDVwOHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NmMwOGEtZWU1OS00NzcxLWE4ZjIt
MmE1NTM5OWE4MGIwLzEvMnZ0aDhKQ09fV3lkLTV1UkxnM1BURHItZkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NmMwOGEtZWU1OS00NzcxLWE4ZjItMmE1NTM5OWE4MGIw
LzEvQWJfb2d0RS1nRF9CbERjLXBBMktXcDVwOHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfUQAwQC
uRZoAwQCuVM8AwQE2ZPQMA0EAgACMAcDBQAgAUFoMA0GCSqGSIb3DQEBCwUAA4IB
AQBUqyZaQD1u4Mar1zd86ku/RdaCcjqf1HlLVjGWf+OcXZCbKcwVEq3HRacIGZMo
1fZaU53JkzVGVfDORs5Hopn32oTZP7O5qT0z+jckyvfcB5LBZZQXSxr4RER0jqdy
3hyToUR1DKR+4AIkVuF0IV8vL+dwVREfaIOMGJfbutu4hzto+5/Q7WyXPvmrkAry
6Zfnp+pslMKF5ftKUubMvQlSTqtfjb8BBcwg19TlPQPrAIZc4cg395xao1OWBEBr
QemhrDZZYOS1AM/xjsItjGbbnz0jihia28sSHtV2RUWw9RfH7sjBMcroUIIKlrZh
AaboNNNZvnVTkNf3ogEARUvh
-----END CERTIFICATE-----
Generated at Tue Jul 1 03:58:31 2025 by rpki-client