Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3vYzfXYQLPNTc9kY4ROihGJ7KEw.roa
File: 3vYzfXYQLPNTc9kY4ROihGJ7KEw.roa (raw, json)
Hash identifier: tqWNfZjN2KyMHu4fpg/tSXFDXHh33+1xtfAU6L41eGA=
Subject key identifier: DE:F6:33:7D:76:10:2C:F3:53:73:D9:18:E1:13:A2:84:62:7B:28:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0198B7D9DCBE5414F8E3DED4BF58B863101B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3vYzfXYQLPNTc9kY4ROihGJ7KEw.roa
Signing time: Sun 17 Aug 2025 11:46:04 +0000
ROA not before: Sun 17 Aug 2025 11:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 185.206.250.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:d9:dc:be:54:14:f8:e3:de:d4:bf:58:b8:63:10:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 17 11:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=def6337d76102cf35373d918e113a284627b284c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:09:3d:7e:73:dd:90:6d:08:a2:9f:a9:bb:22:
4b:ba:f8:52:33:75:d3:a6:dd:06:80:52:66:d5:05:
1b:df:82:a1:d5:1f:c3:46:12:27:f3:f3:90:2c:3f:
2f:c2:5f:24:fe:fd:79:98:8d:f6:0c:e9:92:b4:ee:
ca:cf:70:63:4c:3d:47:e8:d2:c9:6f:b8:9c:e1:aa:
8a:5d:12:aa:64:3e:cc:2f:1e:dd:7b:81:68:56:26:
14:a7:2f:b7:d4:41:07:eb:d6:14:7b:8b:f3:21:33:
de:6d:be:4b:bb:98:09:9e:f2:13:14:b0:46:38:5a:
b1:ea:13:be:cf:01:0f:b4:c8:c1:50:13:a1:49:8a:
96:28:88:b4:fb:a3:40:5a:a2:34:10:68:e0:86:68:
02:c0:36:8a:75:a6:32:29:1c:26:00:c8:e2:b2:a0:
d1:fd:80:8c:26:62:f6:d9:7d:50:92:46:21:a1:b2:
f9:b6:4d:99:66:ed:63:04:19:14:f6:1c:97:76:d1:
8d:34:50:72:95:ef:63:f4:fe:7a:49:8a:7c:2d:59:
a8:d6:5b:33:e3:7a:d1:d9:5c:17:ea:eb:65:bf:b8:
a3:0a:36:9e:b0:4f:9e:48:69:04:8f:a8:dd:52:04:
6f:b8:46:83:b1:48:21:a8:b6:40:95:57:a2:22:ff:
fb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F6:33:7D:76:10:2C:F3:53:73:D9:18:E1:13:A2:84:62:7B:28:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3vYzfXYQLPNTc9kY4ROihGJ7KEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.250.0/24
185.210.235.0/24
185.218.20.0/24
185.226.107.0/24
Signature Algorithm: sha256WithRSAEncryption
92:4f:0a:57:ab:8a:a6:85:52:67:3a:c4:24:20:7b:ec:46:fb:
d8:34:63:fc:64:5a:c2:d4:97:83:83:c8:0e:0b:93:4e:94:0d:
a5:de:bc:f2:5f:ec:4e:d3:f9:e2:20:05:38:6f:6a:a0:3f:55:
fe:a8:ce:a6:68:d0:74:23:ab:6d:bf:84:95:85:f9:ac:d3:a3:
9d:f8:7f:80:29:9a:1c:e9:db:e9:d2:b9:5d:9c:41:c9:7e:0d:
f8:2c:0a:cb:1f:e4:4b:96:ab:da:ad:aa:b7:fe:3b:50:6d:fd:
06:66:c7:5f:97:a7:6a:46:78:94:87:bb:ab:f4:ec:aa:63:00:
46:55:b1:53:d3:a9:d7:a3:a2:cb:99:32:6d:82:a9:9b:18:9e:
a2:be:ae:d0:4b:27:9b:5d:7d:44:c0:d2:39:f7:ed:9c:50:e7:
42:05:c5:de:dd:33:9d:e1:53:58:e0:94:d8:14:4f:97:aa:28:
43:8b:68:bd:50:1d:e6:20:d7:73:e5:f2:b1:37:2b:5d:14:e5:
ec:d6:22:97:5c:3b:5c:2d:b6:79:5c:8b:d4:0c:4d:88:65:a0:
66:11:fe:85:e7:7c:94:94:cc:68:ef:54:a9:db:40:b2:30:22:
7b:30:64:56:dc:cc:6d:6d:34:0d:0b:9b:93:63:80:fe:7a:1b:
32:c1:ad:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZi32dy+VBT4497Uv1i4YxAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwODE3MTE0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY2MzM3ZDc2MTAyY2YzNTM3M2Q5MThlMTEzYTI4NDYyN2IyODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQk9fnPdkG0Iop+puyJLuvhSM3XT
pt0GgFJm1QUb34Kh1R/DRhIn8/OQLD8vwl8k/v15mI32DOmStO7Kz3BjTD1H6NLJ
b7ic4aqKXRKqZD7MLx7de4FoViYUpy+31EEH69YUe4vzITPebb5Lu5gJnvITFLBG
OFqx6hO+zwEPtMjBUBOhSYqWKIi0+6NAWqI0EGjghmgCwDaKdaYyKRwmAMjisqDR
/YCMJmL22X1QkkYhobL5tk2ZZu1jBBkU9hyXdtGNNFByle9j9P56SYp8LVmo1lsz
43rR2VwX6utlv7ijCjaesE+eSGkEj6jdUgRvuEaDsUghqLZAlVeiIv/7xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN72M312ECzzU3PZGOETooRieyhMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM3ZZemZYWVFMUE5UYzlrWTRST2loR0o3S0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuc76AwQA
udLrAwQAudoUAwQAueJrMA0GCSqGSIb3DQEBCwUAA4IBAQCSTwpXq4qmhVJnOsQk
IHvsRvvYNGP8ZFrC1JeDg8gOC5NOlA2l3rzyX+xO0/niIAU4b2qgP1X+qM6maNB0
I6ttv4SVhfms06Od+H+AKZoc6dvp0rldnEHJfg34LArLH+RLlqvaraq3/jtQbf0G
Zsdfl6dqRniUh7ur9OyqYwBGVbFT06nXo6LLmTJtgqmbGJ6ivq7QSyebXX1EwNI5
9+2cUOdCBcXe3TOd4VNY4JTYFE+XqihDi2i9UB3mINdz5fKxNytdFOXs1iKXXDtc
LbZ5XIvUDE2IZaBmEf6F53yUlMxo71Sp20CyMCJ7MGRW3MxtbTQNC5uTY4D+ehsy
wa3G
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:44:21 2025 by rpki-client