Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ekWG1QETzFmKGRL6SbCFL8bi_jY.roa
File: ekWG1QETzFmKGRL6SbCFL8bi_jY.roa (raw, json)
Hash identifier: NUaS9Oby/ezLol135Ba10mGx8sFU73geGaCBhXW51jU=
Subject key identifier: 7A:45:86:D5:01:13:CC:59:8A:19:12:FA:49:B0:85:2F:C6:E2:FE:36
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0198B7D9DD0BFA5046219836F195D8FAE557
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ekWG1QETzFmKGRL6SbCFL8bi_jY.roa
Signing time: Sun 17 Aug 2025 11:46:05 +0000
ROA not before: Sun 17 Aug 2025 11:46:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 185.206.250.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:d9:dd:0b:fa:50:46:21:98:36:f1:95:d8:fa:e5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 17 11:46:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4586d50113cc598a1912fa49b0852fc6e2fe36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:27:80:80:f9:e8:32:8d:39:30:de:69:6f:8d:
53:af:45:c1:fd:6c:da:02:1e:4e:df:03:e4:d0:e6:
a2:92:76:df:e8:43:d2:09:8c:59:ba:92:c8:6b:11:
60:a1:bf:17:91:ad:c3:81:6a:2a:bf:01:05:58:97:
25:3c:73:88:f0:e6:65:9d:7b:da:47:b2:cf:61:5d:
50:3d:97:cc:b9:98:c1:a3:f4:86:f9:b4:fc:ec:75:
78:4f:62:5d:16:62:a9:c7:01:3a:9a:79:bd:27:f4:
81:5b:0c:1b:12:94:79:9d:db:5b:34:03:b8:e0:4c:
08:74:03:7f:12:34:47:9c:c7:67:1a:dd:58:4f:0c:
15:17:07:6f:ef:a3:77:6c:16:f4:c7:21:33:94:b6:
04:d1:a6:00:49:c6:34:56:54:e5:91:63:25:da:aa:
52:20:c0:6b:16:76:01:86:25:b7:8f:3f:b8:a4:69:
6c:21:f3:f1:54:e3:80:2f:ed:cb:f6:ff:93:5b:ea:
59:3d:f6:76:5f:c8:54:34:2a:82:e9:43:6c:a5:ad:
63:d7:e6:f6:56:2b:c2:76:da:12:5d:76:12:b3:51:
b7:9c:d6:b5:f2:0e:9e:74:ee:59:c7:59:61:c5:56:
46:12:bb:ce:2e:42:30:12:95:ce:0b:55:b6:7f:b2:
56:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:45:86:D5:01:13:CC:59:8A:19:12:FA:49:B0:85:2F:C6:E2:FE:36
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ekWG1QETzFmKGRL6SbCFL8bi_jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.250.0/24
185.210.235.0/24
185.218.20.0/24
185.226.107.0/24
Signature Algorithm: sha256WithRSAEncryption
10:45:f8:b9:53:39:1e:7b:d4:e0:47:aa:02:c5:d5:ff:29:97:
fe:83:33:cc:cb:49:37:e5:28:19:67:a9:b6:42:72:02:90:ed:
b2:4a:4e:9f:ec:cf:f0:80:0f:39:6f:5a:25:42:b2:84:a3:94:
b1:91:08:5f:dd:6f:17:a3:7a:10:67:9f:0c:05:f6:c6:d3:b0:
1a:25:ef:80:d0:82:70:3e:60:90:ce:e9:c4:0c:bb:93:a0:28:
c2:53:44:7c:f9:99:05:ab:96:f9:ba:64:76:75:d2:5f:d2:b0:
3d:be:a1:c7:80:96:29:bc:2c:e1:63:22:8f:b4:43:40:33:48:
87:fa:c2:57:f8:8e:36:5b:56:41:d9:cd:88:c8:ac:6f:1b:f5:
b8:90:79:1d:c9:31:75:9d:fb:f0:24:84:5a:65:53:09:ac:a9:
44:49:3d:d5:58:b4:ac:a7:83:dc:87:f8:64:07:df:f3:22:01:
78:62:89:92:cd:3a:b4:b3:5b:a1:51:a8:65:98:c6:7c:fb:4c:
d9:95:ca:4a:5d:61:5e:b1:08:35:1c:70:66:68:2e:0f:1c:ae:
85:44:58:81:b1:a1:04:ee:f5:35:1c:6b:ea:41:b1:b8:b4:c1:
a4:ad:67:df:d7:a9:b2:51:19:f3:a2:b3:e8:6c:f2:ac:37:68:
4d:a5:a6:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZi32d0L+lBGIZg28ZXY+uVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwODE3MTE0NjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ1ODZkNTAxMTNjYzU5OGExOTEyZmE0OWIwODUyZmM2ZTJmZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyeAgPnoMo05MN5pb41Tr0XB/Wza
Ah5O3wPk0Oaiknbf6EPSCYxZupLIaxFgob8Xka3DgWoqvwEFWJclPHOI8OZlnXva
R7LPYV1QPZfMuZjBo/SG+bT87HV4T2JdFmKpxwE6mnm9J/SBWwwbEpR5ndtbNAO4
4EwIdAN/EjRHnMdnGt1YTwwVFwdv76N3bBb0xyEzlLYE0aYAScY0VlTlkWMl2qpS
IMBrFnYBhiW3jz+4pGlsIfPxVOOAL+3L9v+TW+pZPfZ2X8hUNCqC6UNspa1j1+b2
VivCdtoSXXYSs1G3nNa18g6edO5Zx1lhxVZGErvOLkIwEpXOC1W2f7JWpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHpFhtUBE8xZihkS+kmwhS/G4v42MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZWtXRzFRRVR6Rm1LR1JMNlNiQ0ZMOGJpX2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuc76AwQA
udLrAwQAudoUAwQAueJrMA0GCSqGSIb3DQEBCwUAA4IBAQAQRfi5Uzkee9TgR6oC
xdX/KZf+gzPMy0k35SgZZ6m2QnICkO2ySk6f7M/wgA85b1olQrKEo5SxkQhf3W8X
o3oQZ58MBfbG07AaJe+A0IJwPmCQzunEDLuToCjCU0R8+ZkFq5b5umR2ddJf0rA9
vqHHgJYpvCzhYyKPtENAM0iH+sJX+I42W1ZB2c2IyKxvG/W4kHkdyTF1nfvwJIRa
ZVMJrKlEST3VWLSsp4Pch/hkB9/zIgF4YomSzTq0s1uhUahlmMZ8+0zZlcpKXWFe
sQg1HHBmaC4PHK6FRFiBsaEE7vU1HGvqQbG4tMGkrWff16myURnzorPobPKsN2hN
pabG
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:42:40 2025 by rpki-client