Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/iBvouIeGNb-tETlrG7R7kd8KLJk.roa
File: iBvouIeGNb-tETlrG7R7kd8KLJk.roa (raw, json)
Hash identifier: ZFh8TKmia8sW44WOw2BVZ15xBNpA9QpJzWskGjFsYMo=
Subject key identifier: 88:1B:E8:B8:87:86:35:BF:AD:11:39:6B:1B:B4:7B:91:DF:0A:2C:99
Certificate issuer: /CN=c07081a6f721a37a9e1d799315bb3ea2758b8877
Certificate serial: 01979D1400DF4BADD0642927AE41F886278F
Authority key identifier: C0:70:81:A6:F7:21:A3:7A:9E:1D:79:93:15:BB:3E:A2:75:8B:88:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHCBpvcho3qeHXmTFbs-onWLiHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/iBvouIeGNb-tETlrG7R7kd8KLJk.roa
Signing time: Mon 23 Jun 2025 13:57:03 +0000
ROA not before: Mon 23 Jun 2025 13:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209531
IP address blocks: 147.78.168.0/22 maxlen: 22
147.78.168.0/23 maxlen: 23
147.78.170.0/23 maxlen: 23
194.110.119.0/24 maxlen: 24
2a09:27c0::/29 maxlen: 29
2a09:27c0::/30 maxlen: 30
2a09:27c4::/30 maxlen: 30
2a14:5980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/wHCBpvcho3qeHXmTFbs-onWLiHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/wHCBpvcho3qeHXmTFbs-onWLiHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHCBpvcho3qeHXmTFbs-onWLiHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:14:00:df:4b:ad:d0:64:29:27:ae:41:f8:86:27:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c07081a6f721a37a9e1d799315bb3ea2758b8877
Validity
Not Before: Jun 23 13:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=881be8b8878635bfad11396b1bb47b91df0a2c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:a6:0d:42:58:97:a6:8d:cf:40:da:24:f3:
70:7f:22:d7:60:f9:7c:91:e8:ea:f4:87:6e:57:b0:
4e:e3:71:da:1d:fe:94:fc:c7:52:76:7d:b2:1a:b2:
7f:2f:05:49:99:35:ca:60:9c:9e:8e:a7:fc:4b:94:
53:cc:41:3c:27:4f:31:b1:54:7a:71:33:3e:e0:85:
b8:7b:30:fb:a6:64:cc:02:65:7e:a6:95:13:f0:a4:
1f:ff:18:ce:fb:08:04:18:a3:bd:7d:08:af:9d:01:
e8:37:49:46:45:83:d2:7b:53:95:10:72:23:6a:ae:
9c:af:04:70:d9:00:dc:92:38:1e:3a:6f:ea:bf:61:
2f:fc:a2:3c:04:75:57:a2:e5:07:ea:c6:7f:f4:83:
5d:34:6f:0b:9d:f9:b0:e8:00:e6:31:fe:70:39:bc:
ba:08:e6:41:35:79:87:e8:c0:32:9f:ec:57:57:8e:
91:98:d8:70:6d:ef:04:6c:62:07:49:ca:20:b2:46:
5e:c0:9f:a0:4d:34:8f:4a:7d:38:1f:f4:fe:ff:bb:
47:d5:c9:2a:af:ba:cc:b5:5b:20:0f:6c:70:02:8c:
df:52:41:32:26:ed:49:32:5d:21:be:76:17:c3:cf:
20:7e:9f:2b:75:ab:b2:76:2b:2c:d2:19:28:d3:a9:
3a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1B:E8:B8:87:86:35:BF:AD:11:39:6B:1B:B4:7B:91:DF:0A:2C:99
X509v3 Authority Key Identifier:
keyid:C0:70:81:A6:F7:21:A3:7A:9E:1D:79:93:15:BB:3E:A2:75:8B:88:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHCBpvcho3qeHXmTFbs-onWLiHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/iBvouIeGNb-tETlrG7R7kd8KLJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/9afd23-d280-495c-b252-f600317b1978/1/wHCBpvcho3qeHXmTFbs-onWLiHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.168.0/22
194.110.119.0/24
IPv6:
2a09:27c0::/29
2a14:5980::/29
Signature Algorithm: sha256WithRSAEncryption
62:ab:42:bb:8f:81:53:46:dd:35:0e:bb:63:40:b5:ee:65:39:
da:09:35:00:37:9a:57:b9:52:7f:ed:4c:30:ee:d8:de:a8:8f:
33:22:bd:78:05:9b:ec:a1:41:d1:21:59:8a:ef:f2:3d:62:34:
a9:9f:c9:34:d5:27:ec:07:5c:ac:08:59:14:db:90:ab:a0:27:
14:97:77:4f:54:f2:c3:9e:ae:e0:62:ce:6d:3f:78:4d:43:4c:
b7:4a:71:d3:b5:f9:0c:56:e8:98:01:e9:0c:0f:45:2b:a7:78:
5a:c2:cf:c5:cc:3d:ef:c1:25:43:a8:40:a9:c9:10:6c:3b:53:
53:b7:0f:46:71:06:41:7c:b6:8c:70:e4:66:d3:30:7b:67:20:
05:aa:d7:c3:f6:ef:12:6d:3b:53:b5:b9:11:11:06:7f:e4:55:
59:43:56:35:d7:6e:50:e7:cb:dd:6a:98:e0:8a:ad:f1:98:d9:
53:57:95:4f:50:41:5e:28:ae:86:20:79:1a:52:ac:23:04:ac:
53:a0:aa:34:f5:01:2f:10:3c:e6:8c:cc:8c:71:2d:13:4e:f9:
03:24:27:4e:45:44:24:07:82:dd:5b:6d:91:41:34:c8:6a:ea:
c1:6d:36:90:8d:96:69:a2:00:f3:ba:47:f0:80:91:d7:dc:ed:
1b:1e:fa:3d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZedFADfS63QZCknrkH4hiePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzA4MWE2ZjcyMWEzN2E5ZTFkNzk5MzE1YmIzZWEyNzU4
Yjg4NzcwHhcNMjUwNjIzMTM1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFiZThiODg3ODYzNWJmYWQxMTM5NmIxYmI0N2I5MWRmMGEyYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIamDUJYl6aNz0DaJPNwfyLXYPl8
kejq9IduV7BO43HaHf6U/MdSdn2yGrJ/LwVJmTXKYJyejqf8S5RTzEE8J08xsVR6
cTM+4IW4ezD7pmTMAmV+ppUT8KQf/xjO+wgEGKO9fQivnQHoN0lGRYPSe1OVEHIj
aq6crwRw2QDckjgeOm/qv2Ev/KI8BHVXouUH6sZ/9INdNG8Lnfmw6ADmMf5wOby6
COZBNXmH6MAyn+xXV46RmNhwbe8EbGIHScogskZewJ+gTTSPSn04H/T+/7tH1ckq
r7rMtVsgD2xwAozfUkEyJu1JMl0hvnYXw88gfp8rdauydiss0hko06k6fwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIgb6LiHhjW/rRE5axu0e5HfCiyZMB8GA1UdIwQY
MBaAFMBwgab3IaN6nh15kxW7PqJ1i4h3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hDQnB2Y2hvM3FlSFhtVEZicy1vbldMaUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85YWZkMjMtZDI4MC00OTVjLWIyNTIt
ZjYwMDMxN2IxOTc4LzEvaUJ2b3VJZUdOYi10RVRsckc3UjdrZDhLTEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85YWZkMjMtZDI4MC00OTVjLWIyNTItZjYwMDMxN2IxOTc4
LzEvd0hDQnB2Y2hvM3FlSFhtVEZicy1vbldMaUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCk06oAwQA
wm53MBQEAgACMA4DBQMqCSfAAwUDKhRZgDANBgkqhkiG9w0BAQsFAAOCAQEAYqtC
u4+BU0bdNQ67Y0C17mU52gk1ADeaV7lSf+1MMO7Y3qiPMyK9eAWb7KFB0SFZiu/y
PWI0qZ/JNNUn7AdcrAhZFNuQq6AnFJd3T1Tyw56u4GLObT94TUNMt0px07X5DFbo
mAHpDA9FK6d4WsLPxcw978ElQ6hAqckQbDtTU7cPRnEGQXy2jHDkZtMwe2cgBarX
w/bvEm07U7W5EREGf+RVWUNWNdduUOfL3WqY4Iqt8ZjZU1eVT1BBXiiuhiB5GlKs
IwSsU6CqNPUBLxA85ozMjHEtE075AyQnTkVEJAeC3VttkUE0yGrqwW02kI2WaaIA
87pH8ICR19ztGx76PQ==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:39:37 2025 by rpki-client