Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/rG4uV5FpPy0fw9yTiKRJUxEEj4o.roa
File: rG4uV5FpPy0fw9yTiKRJUxEEj4o.roa (raw, json)
Hash identifier: BaS8t7omCzvSgmaV1xikWxIAkO9HyfZ7kCUC9REWlSg=
Subject key identifier: AC:6E:2E:57:91:69:3F:2D:1F:C3:DC:93:88:A4:49:53:11:04:8F:8A
Certificate issuer: /CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Certificate serial: 01977CF4F50ECC98A9560239751FEE6B85ED
Authority key identifier: 0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/rG4uV5FpPy0fw9yTiKRJUxEEj4o.roa
Signing time: Tue 17 Jun 2025 08:15:17 +0000
ROA not before: Tue 17 Jun 2025 08:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50949
IP address blocks: 193.201.98.0/24 maxlen: 24
194.28.88.0/22 maxlen: 24
2001:67c:320::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:f4:f5:0e:cc:98:a9:56:02:39:75:1f:ee:6b:85:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Validity
Not Before: Jun 17 08:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac6e2e5791693f2d1fc3dc9388a4495311048f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e2:0f:f7:04:97:52:06:18:a2:b9:84:da:c6:
31:50:c7:3c:c7:63:1f:0d:6d:1f:e8:06:bd:1c:60:
d0:93:30:f6:ba:f8:eb:2f:05:37:ed:b2:3f:4d:f2:
d7:b4:fb:81:83:01:0d:00:e8:11:91:38:d7:cb:33:
d4:9e:b9:f0:2e:b3:d9:48:64:60:3b:f2:87:8a:ba:
99:fb:4c:28:0f:cc:93:23:87:d8:ef:0f:61:1d:88:
48:69:a5:03:ff:ef:f9:86:d7:d2:4d:88:a1:b5:07:
07:b7:63:b9:a6:87:c8:31:19:5c:e6:51:53:1b:b9:
00:d9:83:26:f3:63:28:56:f6:17:9b:28:3a:32:f1:
0d:2e:81:10:1e:85:f1:7c:66:85:64:e5:b8:9c:9a:
a1:02:5f:90:ac:0d:98:31:fa:b3:fe:21:4f:3c:97:
fa:00:b2:e0:bf:68:87:54:35:2e:c4:de:80:07:bd:
81:d8:85:a6:04:fb:98:90:87:93:4a:5a:8c:a3:55:
7c:e6:87:c9:94:ad:4b:87:47:72:d7:45:6f:b7:db:
83:c8:d6:17:37:d6:18:3e:6e:36:cf:c6:18:cf:93:
b8:19:24:ff:69:32:be:2f:f7:c7:88:9e:b0:b5:c7:
46:26:18:f0:2c:fd:4f:fb:8f:dc:90:0d:0f:33:a7:
39:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6E:2E:57:91:69:3F:2D:1F:C3:DC:93:88:A4:49:53:11:04:8F:8A
X509v3 Authority Key Identifier:
keyid:0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/rG4uV5FpPy0fw9yTiKRJUxEEj4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.98.0/24
194.28.88.0/22
IPv6:
2001:67c:320::/48
Signature Algorithm: sha256WithRSAEncryption
52:22:7b:a0:4b:e2:88:07:0c:0f:4e:57:4c:7b:02:f5:4d:3b:
80:01:b1:a6:2d:3e:25:ea:95:78:9b:a4:bb:52:01:c0:65:4e:
41:ea:5f:3c:42:40:da:ad:7b:d1:36:58:4a:d3:b7:28:8c:88:
26:9c:37:7a:27:d8:a6:0e:be:5d:bf:83:89:0e:a3:2c:86:ba:
91:03:4f:15:2d:6b:4c:6d:7f:45:6e:7b:66:d6:7d:21:d5:c4:
41:10:aa:da:15:fb:0c:13:70:67:6d:8f:15:89:25:2f:4a:67:
fa:59:f3:d1:90:39:6f:e8:c2:17:cd:40:11:6f:f9:a4:de:f0:
5a:fe:e1:82:ff:c5:60:7c:77:5a:11:d0:6b:e1:f3:cb:2e:52:
d3:fd:72:9c:fe:aa:73:c0:a2:b5:ed:3b:89:c6:ff:e1:53:25:
e3:33:7f:15:68:18:15:fa:3e:77:5d:7c:98:10:43:39:46:f2:
fc:82:f1:4d:93:cc:04:4d:8f:d0:70:8e:8b:39:e0:f4:96:00:
d7:be:9a:21:4c:ce:9f:92:6b:e4:e5:fd:e1:a6:14:92:76:77:
11:e1:58:71:5c:75:e5:93:73:14:95:21:e0:c2:57:20:a3:f2:
d8:1a:b8:d9:dc:69:c9:c4:1c:fc:d0:8e:2d:2e:51:6a:f5:cd:
d4:01:b7:52
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZd89PUOzJipVgI5dR/ua4XtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYjUxMGQ3YzkxNWE0YmU2ZGY2YjE2ZmY1ODJmZDJkNmFk
MjM2MDUwHhcNMjUwNjE3MDgxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzZlMmU1NzkxNjkzZjJkMWZjM2RjOTM4OGE0NDk1MzExMDQ4ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuIP9wSXUgYYormE2sYxUMc8x2Mf
DW0f6Aa9HGDQkzD2uvjrLwU37bI/TfLXtPuBgwENAOgRkTjXyzPUnrnwLrPZSGRg
O/KHirqZ+0woD8yTI4fY7w9hHYhIaaUD/+/5htfSTYihtQcHt2O5pofIMRlc5lFT
G7kA2YMm82MoVvYXmyg6MvENLoEQHoXxfGaFZOW4nJqhAl+QrA2YMfqz/iFPPJf6
ALLgv2iHVDUuxN6AB72B2IWmBPuYkIeTSlqMo1V85ofJlK1Lh0dy10Vvt9uDyNYX
N9YYPm42z8YYz5O4GST/aTK+L/fHiJ6wtcdGJhjwLP1P+4/ckA0PM6c5XwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKxuLleRaT8tH8Pck4ikSVMRBI+KMB8GA1UdIwQY
MBaAFA61ENfJFaS+bfaxb/WC/S1q0jYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHJVUTE4a1ZwTDV0OXJGdjlZTDlMV3JTTmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NmJlM2QtZDdkMi00NzUzLWE3ODMt
ZDYzOGEzYmU4OGNhLzEvckc0dVY1RnBQeTBmdzl5VGlLUkpVeEVFajRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NmJlM2QtZDdkMi00NzUzLWE3ODMtZDYzOGEzYmU4OGNh
LzEvRHJVUTE4a1ZwTDV0OXJGdjlZTDlMV3JTTmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwcliAwQC
whxYMA8EAgACMAkDBwAgAQZ8AyAwDQYJKoZIhvcNAQELBQADggEBAFIie6BL4ogH
DA9OV0x7AvVNO4ABsaYtPiXqlXibpLtSAcBlTkHqXzxCQNqte9E2WErTtyiMiCac
N3on2KYOvl2/g4kOoyyGupEDTxUta0xtf0Vue2bWfSHVxEEQqtoV+wwTcGdtjxWJ
JS9KZ/pZ89GQOW/owhfNQBFv+aTe8Fr+4YL/xWB8d1oR0Gvh88suUtP9cpz+qnPA
orXtO4nG/+FTJeMzfxVoGBX6PnddfJgQQzlG8vyC8U2TzARNj9Bwjos54PSWANe+
miFMzp+Sa+Tl/eGmFJJ2dxHhWHFcdeWTcxSVIeDCVyCj8tgauNncacnEHPzQji0u
UWr1zdQBt1I=
-----END CERTIFICATE-----
Generated at Sun Jun 29 15:11:07 2025 by rpki-client