Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/b61HSuiy0Na7f4UrfLY9NGImbD0.roa
File: b61HSuiy0Na7f4UrfLY9NGImbD0.roa (raw, json)
Hash identifier: 4Mj7zGLGzr8nVHR6LExTV7YXmw9nn79uJnC/gfTDV6E=
Subject key identifier: 6F:AD:47:4A:E8:B2:D0:D6:BB:7F:85:2B:7C:B6:3D:34:62:26:6C:3D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0198BC1FE8AC0523443FF25F6004661F6BAA
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/b61HSuiy0Na7f4UrfLY9NGImbD0.roa
Signing time: Mon 18 Aug 2025 07:41:04 +0000
ROA not before: Mon 18 Aug 2025 07:41:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:1f:e8:ac:05:23:44:3f:f2:5f:60:04:66:1f:6b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 18 07:41:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fad474ae8b2d0d6bb7f852b7cb63d3462266c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:75:86:68:15:21:e5:76:0f:af:3d:cd:d4:9b:
74:27:52:df:94:62:e7:d2:f3:e8:b2:91:5d:08:78:
f6:98:ee:3e:73:96:9e:2e:95:c3:53:9d:1e:ff:14:
ea:6b:5a:a4:7e:3a:66:d7:05:8e:48:41:1f:65:30:
56:0c:ce:cd:25:51:25:68:36:4d:15:bb:57:38:f3:
b6:da:06:2e:c7:93:79:01:ea:3a:b3:41:21:90:06:
82:a2:fe:4e:bf:28:91:07:bf:82:3a:df:8b:90:76:
39:fd:09:8a:8f:10:3e:77:31:15:4b:ff:d9:41:02:
80:64:cb:25:91:ef:bd:24:42:4c:d4:08:88:d8:f8:
80:2c:8e:37:c8:54:93:0e:a7:c3:35:a5:62:3c:ec:
65:81:8d:c1:c9:73:6c:8e:c7:cc:34:32:a2:b5:8c:
70:f5:d7:e1:2b:63:00:ac:7b:ef:90:33:7a:68:48:
17:f5:b2:5e:38:26:da:31:3b:56:a9:99:49:c7:8e:
e3:2c:01:36:6c:0f:3d:dd:8b:3c:59:36:0e:5a:de:
11:c7:c9:8d:ef:66:16:b2:bb:07:7c:7d:57:1a:d9:
84:12:40:e5:10:7f:08:c7:a1:33:8f:bc:f1:1f:11:
8b:a5:2c:6f:39:bc:d3:59:95:b1:6c:4d:31:07:ce:
52:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AD:47:4A:E8:B2:D0:D6:BB:7F:85:2B:7C:B6:3D:34:62:26:6C:3D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/b61HSuiy0Na7f4UrfLY9NGImbD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.201.0/24
88.209.207.0/24
88.209.232.0/22
88.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:8b:87:38:f2:d8:ac:f6:7f:dc:98:e2:c6:59:54:b6:17:bb:
2e:31:4a:69:d0:0a:02:3c:cf:5b:49:bc:80:5a:2a:63:e1:a3:
7d:ba:fe:27:df:f2:4c:be:94:1d:0d:bd:45:81:d8:c7:77:43:
7a:58:84:56:cb:48:3f:7d:2d:a6:4c:50:78:6f:17:d2:0a:de:
b7:5c:63:cb:c9:e2:f9:21:b5:5c:56:93:e4:62:2f:d0:a0:a7:
ff:38:a0:e4:cd:43:36:12:93:4d:db:e8:66:ca:4b:60:e5:48:
1f:f4:33:04:81:ed:46:91:fb:0d:a1:5a:00:62:a9:2b:83:72:
d2:3c:08:af:6b:86:8f:cc:05:6b:24:25:2a:a1:8f:1b:e9:c5:
14:cc:fd:74:ff:12:32:9e:5e:23:6f:92:28:e6:94:9d:5a:02:
28:6f:d8:65:6a:25:90:6a:34:ce:66:34:67:42:ac:13:ce:e8:
f5:49:8e:a2:85:c9:d3:8e:b0:d0:e5:21:f1:b6:e0:b5:7d:45:
5f:76:2f:55:68:43:08:d1:b5:cb:37:d5:96:27:d0:34:e7:e6:
f6:88:96:79:c7:23:ac:59:4d:50:5b:3f:af:6b:56:b1:d8:c8:
70:b9:dd:a7:52:3e:30:a9:fb:90:21:94:57:49:45:54:f5:ca:
56:9d:6d:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZi8H+isBSNEP/JfYARmH2uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwODE4MDc0MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFkNDc0YWU4YjJkMGQ2YmI3Zjg1MmI3Y2I2M2QzNDYyMjY2YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nWGaBUh5XYPrz3N1Jt0J1LflGLn
0vPospFdCHj2mO4+c5aeLpXDU50e/xTqa1qkfjpm1wWOSEEfZTBWDM7NJVElaDZN
FbtXOPO22gYux5N5Aeo6s0EhkAaCov5OvyiRB7+COt+LkHY5/QmKjxA+dzEVS//Z
QQKAZMslke+9JEJM1AiI2PiALI43yFSTDqfDNaViPOxlgY3ByXNsjsfMNDKitYxw
9dfhK2MArHvvkDN6aEgX9bJeOCbaMTtWqZlJx47jLAE2bA893Ys8WTYOWt4Rx8mN
72YWsrsHfH1XGtmEEkDlEH8Ix6Ezj7zxHxGLpSxvObzTWZWxbE0xB85SOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG+tR0rostDWu3+FK3y2PTRiJmw9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYjYxSFN1aXkwTmE3ZjRVcmZMWTlOR0ltYkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTfKSAwQB
WJc4AwQAWNHJAwQAWNHPAwQCWNHoAwQAWNH+MA0GCSqGSIb3DQEBCwUAA4IBAQCn
i4c48tis9n/cmOLGWVS2F7suMUpp0AoCPM9bSbyAWipj4aN9uv4n3/JMvpQdDb1F
gdjHd0N6WIRWy0g/fS2mTFB4bxfSCt63XGPLyeL5IbVcVpPkYi/QoKf/OKDkzUM2
EpNN2+hmyktg5Ugf9DMEge1GkfsNoVoAYqkrg3LSPAiva4aPzAVrJCUqoY8b6cUU
zP10/xIynl4jb5Io5pSdWgIob9hlaiWQajTOZjRnQqwTzuj1SY6ihcnTjrDQ5SHx
tuC1fUVfdi9VaEMI0bXLN9WWJ9A05+b2iJZ5xyOsWU1QWz+va1ax2Mhwud2nUj4w
qfuQIZRXSUVU9cpWnW1E
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:18:27 2025 by rpki-client