Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1evkszs2RO1EBgAnw03GIWCf5bI.roa
File: 1evkszs2RO1EBgAnw03GIWCf5bI.roa (raw, json)
Hash identifier: UKlG8AB/VC73U4gZPldNr0DNjVEMew1n/J24LlvnB1A=
Subject key identifier: D5:EB:E4:B3:3B:36:44:ED:44:06:00:27:C3:4D:C6:21:60:9F:E5:B2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01994C5B4ED98159F4E90BF4DAD8495C3D31
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1evkszs2RO1EBgAnw03GIWCf5bI.roa
Signing time: Mon 15 Sep 2025 07:51:16 +0000
ROA not before: Mon 15 Sep 2025 07:51:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.68.238.0/24 maxlen: 24
194.71.178.0/24 maxlen: 24
194.71.179.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.132.60.0/24 maxlen: 24
194.132.128.0/22 maxlen: 22
2a01:280:310::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:5b:4e:d9:81:59:f4:e9:0b:f4:da:d8:49:5c:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 15 07:51:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5ebe4b33b3644ed44060027c34dc621609fe5b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:57:53:e1:37:2f:04:1b:a7:c0:14:f4:af:a7:
98:61:4a:87:b6:f7:fd:69:2f:37:d9:1b:ea:55:ee:
9f:a9:fb:0e:0c:88:cb:19:9d:e1:14:b5:a5:eb:8e:
6d:62:f5:46:d5:c8:d1:6c:7b:f9:b5:fd:f4:72:c0:
0f:56:1c:9a:e4:87:5a:cb:2a:24:9a:0e:24:60:8f:
b8:d9:35:33:ee:71:95:be:8f:ba:9e:f3:2a:f4:68:
c2:be:90:65:4f:0f:2c:68:b2:9c:8b:06:f2:04:35:
37:1d:6c:54:68:ad:4b:ce:20:26:29:1c:83:59:5c:
40:8d:ae:22:6e:7b:ca:df:36:66:08:36:fd:b4:72:
b6:2a:8a:2f:90:c8:9c:96:b6:8e:9a:5d:f3:77:d7:
84:fc:8e:62:99:75:36:ce:8b:bb:a5:bb:af:44:19:
a5:ed:08:a4:98:5d:41:9a:c0:f3:cf:32:c4:db:fe:
d5:32:3a:0d:70:1c:f2:91:51:a7:44:18:65:80:81:
35:0e:01:69:66:55:e3:f9:ca:f4:da:2c:aa:23:2b:
1c:94:aa:dd:d4:08:19:af:4a:91:e2:ce:2b:b8:48:
aa:25:a1:de:49:5e:bf:c6:26:00:3d:6f:e1:0e:f7:
f0:81:7f:af:68:ca:13:1e:cc:dc:1d:9e:76:e8:bc:
00:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:EB:E4:B3:3B:36:44:ED:44:06:00:27:C3:4D:C6:21:60:9F:E5:B2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1evkszs2RO1EBgAnw03GIWCf5bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.16.0/24
193.234.87.0/24
193.234.177.0/24
194.68.238.0/24
194.71.178.0/23
194.71.248.0/21
194.103.24.0/22
194.132.60.0/24
194.132.128.0/22
IPv6:
2a01:280:310::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ab:e6:87:7c:62:c5:11:58:e6:3f:36:bb:bd:e9:a0:1a:fd:
e4:34:32:06:29:11:66:29:aa:47:fc:a6:4a:61:84:e8:32:4d:
8c:5f:8b:f3:a5:b3:1e:54:40:20:29:67:02:3f:3a:89:70:1b:
9a:c4:09:01:8f:2d:77:ee:1e:b9:20:3e:02:24:4d:8a:a5:52:
54:48:13:8d:ae:8e:2d:c0:b8:6a:e2:95:03:6d:0b:65:12:67:
4e:10:48:08:d1:2b:96:73:5c:a4:68:d2:a0:3c:73:61:3e:1a:
64:01:56:7b:12:0b:e0:e2:b6:09:93:0f:d8:e2:c3:8d:c5:aa:
03:2f:15:1f:25:4b:2e:0f:69:47:8b:85:23:9b:ed:6c:50:c7:
e8:e2:0a:98:ea:75:dd:7e:6a:a9:62:aa:9f:0e:d0:69:16:3f:
5e:c3:db:25:57:40:cf:de:0d:9e:c0:cd:4c:fc:5c:90:e9:cb:
c5:74:af:e8:4a:5c:3a:04:e0:3e:4d:92:c3:94:2c:1c:62:cb:
b7:87:74:c9:a7:96:f5:4e:86:47:ed:57:d6:a8:24:c4:e0:bf:
5d:fe:75:b9:cf:cb:46:35:8e:c4:86:08:79:bd:93:18:f2:7a:
27:40:32:3f:d3:4e:5b:2e:19:e7:92:9f:40:d7:4f:98:3e:56:
38:62:64:a0
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZlMW07ZgVn06Qv02thJXD0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwOTE1MDc1MTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWViZTRiMzNiMzY0NGVkNDQwNjAwMjdjMzRkYzYyMTYwOWZlNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ldT4TcvBBunwBT0r6eYYUqHtvf9
aS832RvqVe6fqfsODIjLGZ3hFLWl645tYvVG1cjRbHv5tf30csAPVhya5Idayyok
mg4kYI+42TUz7nGVvo+6nvMq9GjCvpBlTw8saLKciwbyBDU3HWxUaK1LziAmKRyD
WVxAja4ibnvK3zZmCDb9tHK2KoovkMiclraOml3zd9eE/I5imXU2zou7pbuvRBml
7QikmF1BmsDzzzLE2/7VMjoNcBzykVGnRBhlgIE1DgFpZlXj+cr02iyqIysclKrd
1AgZr0qR4s4ruEiqJaHeSV6/xiYAPW/hDvfwgX+vaMoTHszcHZ526LwAfwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFNXr5LM7NkTtRAYAJ8NNxiFgn+WyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMWV2a3N6czJSTzFFQmdBbncwM0dJV0NmNWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYAQCAAEwWgMEAMBHtAME
AMBH3AMEAMG0zwMEAMG08AMEAMG09wMEAMG1AgMEAMHqEAMEAMHqVwMEAMHqsQME
AMJE7gMEAcJHsgMEA8JH+AMEAsJnGAMEAMKEPAMEAsKEgDAPBAIAAjAJAwcAKgEC
gAMQMA0GCSqGSIb3DQEBCwUAA4IBAQBtq+aHfGLFEVjmPza7vemgGv3kNDIGKRFm
KapH/KZKYYToMk2MX4vzpbMeVEAgKWcCPzqJcBuaxAkBjy137h65ID4CJE2KpVJU
SBONro4twLhq4pUDbQtlEmdOEEgI0SuWc1ykaNKgPHNhPhpkAVZ7Egvg4rYJkw/Y
4sONxaoDLxUfJUsuD2lHi4Ujm+1sUMfo4gqY6nXdfmqpYqqfDtBpFj9ew9slV0DP
3g2ewM1M/FyQ6cvFdK/oSlw6BOA+TZLDlCwcYsu3h3TJp5b1ToZH7VfWqCTE4L9d
/nW5z8tGNY7Ehgh5vZMY8nonQDI/005bLhnnkp9A10+YPlY4YmSg
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:45 2025 by rpki-client