Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IqOWD9aJ14QW67iQSHAr_IsG4xE.roa
File: IqOWD9aJ14QW67iQSHAr_IsG4xE.roa (raw, json)
Hash identifier: w3ZVvZLPlnQKzQOQmLMJRlyI3uHeVIilgUta/ectFxM=
Subject key identifier: 22:A3:96:0F:D6:89:D7:84:16:EB:B8:90:48:70:2B:FC:8B:06:E3:11
Certificate issuer: /CN=77328f3213ea26144eccba90cd5d8344821faf3b
Certificate serial: 0197B03DFEEE754D482A463A892237B568C5
Authority key identifier: 77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IqOWD9aJ14QW67iQSHAr_IsG4xE.roa
Signing time: Fri 27 Jun 2025 07:15:42 +0000
ROA not before: Fri 27 Jun 2025 07:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204342
IP address blocks: 185.251.164.0/22 maxlen: 22
185.251.184.0/22 maxlen: 22
188.240.40.0/23 maxlen: 23
2a0c:2e40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/dzKPMhPqJhROzLqQzV2DRIIfrzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/dzKPMhPqJhROzLqQzV2DRIIfrzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:3d:fe:ee:75:4d:48:2a:46:3a:89:22:37:b5:68:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77328f3213ea26144eccba90cd5d8344821faf3b
Validity
Not Before: Jun 27 07:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22a3960fd689d78416ebb89048702bfc8b06e311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:65:49:72:af:61:7a:10:7b:a0:bc:2f:af:93:
3c:a3:77:35:66:6c:75:c4:b2:1c:21:e8:1d:72:7f:
1b:fd:0a:10:ec:46:0b:ff:95:04:aa:c9:ca:b0:5f:
84:b5:4e:02:4b:b1:a8:c1:61:a5:a9:49:ad:2f:25:
26:ef:e6:36:a6:74:78:4d:f0:dd:aa:4c:99:66:a5:
f8:0a:86:cb:ad:f6:2d:11:b6:11:95:c0:4f:bc:26:
e3:04:1b:19:78:f3:61:63:29:de:16:4f:2e:2b:ed:
7f:b8:ea:32:c0:d0:84:18:9b:1d:e7:82:52:43:e4:
4c:4c:11:f1:8f:8c:6f:be:37:12:89:61:96:b2:24:
6a:f9:8d:35:00:f9:c3:6e:81:0f:38:f9:48:2d:8e:
ee:76:0c:84:2d:d1:27:09:7d:d9:2c:7c:80:1f:e4:
11:2f:60:4e:53:dd:25:74:79:71:16:89:07:b7:c5:
01:77:78:43:4b:99:6a:25:43:bd:88:e0:3e:e9:3d:
25:cc:b9:00:ae:e6:c3:97:34:2b:81:ad:bb:53:3d:
c9:64:7b:11:de:97:72:2f:d9:e5:24:fa:7e:0f:3b:
b9:bb:8e:e4:1a:17:62:18:c8:c6:87:02:26:9f:c0:
35:cb:61:b0:14:02:e0:a1:7f:18:9b:af:26:f8:f5:
89:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A3:96:0F:D6:89:D7:84:16:EB:B8:90:48:70:2B:FC:8B:06:E3:11
X509v3 Authority Key Identifier:
keyid:77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/IqOWD9aJ14QW67iQSHAr_IsG4xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/dzKPMhPqJhROzLqQzV2DRIIfrzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.164.0/22
185.251.184.0/22
188.240.40.0/23
IPv6:
2a0c:2e40::/30
Signature Algorithm: sha256WithRSAEncryption
70:e1:8c:3f:57:5f:10:ec:64:c3:9b:1a:1b:b6:b7:b7:f0:f5:
b4:14:da:66:12:9e:8f:7e:f9:61:4b:56:ac:88:04:61:04:17:
73:23:64:d3:7a:a8:03:cb:3e:4a:2d:3e:d0:7b:35:0d:e3:e7:
c6:72:79:e1:ea:ac:ce:c2:04:98:90:bb:36:6a:d3:26:cc:02:
2e:91:98:19:5b:11:e8:8c:03:69:ba:18:a3:e1:fe:35:03:45:
59:84:54:d7:3f:e5:da:bc:5f:35:c1:80:e6:25:79:0b:1e:ed:
f9:ac:78:17:c4:51:b3:ca:cb:15:44:2b:6c:2d:99:f7:13:3f:
98:32:f9:d8:c7:ff:47:32:29:bf:1b:8e:33:de:dd:a3:f2:9e:
7f:0e:e2:15:53:cb:30:ed:86:6c:c0:02:ec:7c:df:e5:6e:d1:
eb:38:d6:91:ce:cc:1e:db:3a:2f:10:16:e6:bd:6e:36:69:0c:
71:ab:4a:fd:6a:4b:ca:76:ed:0f:d9:97:ca:0a:d1:9f:fc:93:
a1:b4:00:75:00:a6:ec:74:3c:e6:64:5d:45:4a:96:09:93:80:
0d:a4:71:28:c1:07:e2:c1:93:f2:22:41:36:27:01:80:7e:9e:
77:ec:7f:50:1f:4b:91:89:7d:71:62:21:eb:7b:d6:15:77:87:
de:86:6a:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZewPf7udU1IKkY6iSI3tWjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzI4ZjMyMTNlYTI2MTQ0ZWNjYmE5MGNkNWQ4MzQ0ODIx
ZmFmM2IwHhcNMjUwNjI3MDcxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmEzOTYwZmQ2ODlkNzg0MTZlYmI4OTA0ODcwMmJmYzhiMDZlMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGVJcq9hehB7oLwvr5M8o3c1Zmx1
xLIcIegdcn8b/QoQ7EYL/5UEqsnKsF+EtU4CS7GowWGlqUmtLyUm7+Y2pnR4TfDd
qkyZZqX4CobLrfYtEbYRlcBPvCbjBBsZePNhYyneFk8uK+1/uOoywNCEGJsd54JS
Q+RMTBHxj4xvvjcSiWGWsiRq+Y01APnDboEPOPlILY7udgyELdEnCX3ZLHyAH+QR
L2BOU90ldHlxFokHt8UBd3hDS5lqJUO9iOA+6T0lzLkArubDlzQrga27Uz3JZHsR
3pdyL9nlJPp+Dzu5u47kGhdiGMjGhwImn8A1y2GwFALgoX8Ym68m+PWJwQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCKjlg/WideEFuu4kEhwK/yLBuMRMB8GA1UdIwQY
MBaAFHcyjzIT6iYUTsy6kM1dg0SCH687MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYt
ODc4MjdlNTcxMzIzLzEvSXFPV0Q5YUoxNFFXNjdpUVNIQXJfSXNHNHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYtODc4MjdlNTcxMzIz
LzEvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCufukAwQC
ufu4AwQBvPAoMA0EAgACMAcDBQIqDC5AMA0GCSqGSIb3DQEBCwUAA4IBAQBw4Yw/
V18Q7GTDmxobtre38PW0FNpmEp6PfvlhS1asiARhBBdzI2TTeqgDyz5KLT7QezUN
4+fGcnnh6qzOwgSYkLs2atMmzAIukZgZWxHojANpuhij4f41A0VZhFTXP+XavF81
wYDmJXkLHu35rHgXxFGzyssVRCtsLZn3Ez+YMvnYx/9HMim/G44z3t2j8p5/DuIV
U8sw7YZswALsfN/lbtHrONaRzswe2zovEBbmvW42aQxxq0r9akvKdu0P2ZfKCtGf
/JOhtAB1AKbsdDzmZF1FSpYJk4ANpHEowQfiwZPyIkE2JwGAfp537H9QH0uRiX1x
YiHre9YVd4fehmqs
-----END CERTIFICATE-----
Generated at Sun Jun 29 17:08:54 2025 by rpki-client