Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c74lQpkJokmkMor_DfOcialtTrU.roa
File: c74lQpkJokmkMor_DfOcialtTrU.roa (raw, json)
Hash identifier: 28xc9hyFY5+w3/cux1vSkYzvJIhPRdB3PtCBbM2FFQ4=
Subject key identifier: 73:BE:25:42:99:09:A2:49:A4:32:8A:FF:0D:F3:9C:89:A9:6D:4E:B5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0197CB61F099DB938DBAB7D351964FE0919D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c74lQpkJokmkMor_DfOcialtTrU.roa
Signing time: Wed 02 Jul 2025 13:44:42 +0000
ROA not before: Wed 02 Jul 2025 13:44:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215346
IP address blocks: 193.124.15.0/24 maxlen: 24
194.58.37.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:61:f0:99:db:93:8d:ba:b7:d3:51:96:4f:e0:91:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 2 13:44:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73be25429909a249a4328aff0df39c89a96d4eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f2:38:a4:f5:63:4d:ca:d9:ef:96:7e:0e:c0:
1d:4c:af:3f:30:80:b3:50:84:89:a6:2f:25:c8:c6:
fe:5e:44:d3:50:73:47:3d:0a:66:93:15:10:5b:39:
80:92:59:4e:66:a2:b2:b3:3d:e7:6f:05:74:b0:40:
b2:04:67:10:24:3b:ef:6f:80:52:7a:fe:10:7f:ec:
42:e1:69:c9:cf:a5:00:76:0c:0f:05:ed:f6:89:90:
c0:08:23:4e:c0:b3:16:cb:00:ff:4b:fb:2b:dd:40:
fb:a4:2c:f8:f1:36:41:4d:06:7a:ef:9a:cb:3d:1f:
f6:86:01:d4:ce:14:0d:10:14:12:e1:8c:ab:2c:d3:
ac:a4:90:c6:d5:db:8b:b2:a1:9d:e8:4e:f3:6e:90:
49:dc:d8:36:8e:5d:95:f7:9e:75:c2:60:24:78:f8:
e5:7a:f4:15:eb:5a:4a:42:5e:dd:0e:4e:24:2a:28:
e7:f7:0c:67:f4:bd:9a:9b:ae:98:4d:8e:5f:be:99:
77:e0:08:ba:eb:1d:db:f0:60:89:9c:ce:ca:db:f6:
3c:8f:20:3a:09:5c:bb:99:9f:96:df:ce:17:cc:a6:
91:00:13:7e:08:46:7d:d3:ae:3a:80:27:50:e0:f0:
0e:ed:ac:2d:8b:4f:d2:7e:05:ec:87:6c:27:a5:06:
18:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BE:25:42:99:09:A2:49:A4:32:8A:FF:0D:F3:9C:89:A9:6D:4E:B5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c74lQpkJokmkMor_DfOcialtTrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
194.58.37.0/24
194.135.33.0/24
195.133.94.0/24
Signature Algorithm: sha256WithRSAEncryption
42:43:0b:1b:b5:bd:9b:d0:6d:b0:d5:20:18:d0:9c:38:6f:45:
50:37:4f:2a:c4:ec:7e:d4:fb:b2:d0:75:fb:d4:06:11:19:6d:
8e:49:9d:80:bb:12:41:28:91:cc:27:cf:f0:e7:d9:f2:61:1f:
db:50:32:69:56:6f:75:bd:ff:9e:ac:0a:f9:e7:cf:f7:47:e1:
e5:aa:82:3e:a6:33:86:35:97:ce:c3:a5:ac:66:4f:0f:f6:86:
05:6d:c0:a2:16:5f:a1:4d:48:1d:e2:69:41:eb:82:62:3c:6f:
75:21:26:53:0c:fe:c7:6b:9d:6b:a4:9f:11:ec:85:f5:fa:3b:
e5:d2:39:58:4c:1f:31:32:12:8f:02:78:af:43:52:e2:62:da:
86:37:cb:3e:9e:7e:7d:e1:db:9c:d3:23:e1:cf:a3:df:59:4f:
d3:de:08:5a:a6:5e:8c:81:29:0f:3f:77:1a:22:e1:11:12:93:
f1:3f:7f:a1:0e:15:ef:21:98:6f:35:ee:1d:eb:01:e9:1c:56:
23:7d:03:88:50:bc:3b:95:d5:47:eb:83:d6:57:4a:27:8b:a4:
a6:1e:eb:74:ed:af:45:92:52:04:d2:c4:c4:7e:f3:c7:c1:33:
34:c3:29:2b:e1:75:72:b7:32:15:7e:05:d2:b2:31:e9:4f:ba:
61:bf:32:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfLYfCZ25ONurfTUZZP4JGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNzAyMTM0NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JlMjU0Mjk5MDlhMjQ5YTQzMjhhZmYwZGYzOWM4OWE5NmQ0ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9/I4pPVjTcrZ75Z+DsAdTK8/MICz
UISJpi8lyMb+XkTTUHNHPQpmkxUQWzmAkllOZqKysz3nbwV0sECyBGcQJDvvb4BS
ev4Qf+xC4WnJz6UAdgwPBe32iZDACCNOwLMWywD/S/sr3UD7pCz48TZBTQZ675rL
PR/2hgHUzhQNEBQS4YyrLNOspJDG1duLsqGd6E7zbpBJ3Ng2jl2V9551wmAkePjl
evQV61pKQl7dDk4kKijn9wxn9L2am66YTY5fvpl34Ai66x3b8GCJnM7K2/Y8jyA6
CVy7mZ+W384XzKaRABN+CEZ90646gCdQ4PAO7awti0/SfgXsh2wnpQYYTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHO+JUKZCaJJpDKK/w3znImpbU61MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYzc0bFFwa0pva21rTW9yX0RmT2NpYWx0VHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwPAwQA
wjolAwQAwochAwQAw4VeMA0GCSqGSIb3DQEBCwUAA4IBAQBCQwsbtb2b0G2w1SAY
0Jw4b0VQN08qxOx+1Puy0HX71AYRGW2OSZ2AuxJBKJHMJ8/w59nyYR/bUDJpVm91
vf+erAr558/3R+HlqoI+pjOGNZfOw6WsZk8P9oYFbcCiFl+hTUgd4mlB64JiPG91
ISZTDP7Ha51rpJ8R7IX1+jvl0jlYTB8xMhKPAnivQ1LiYtqGN8s+nn594duc0yPh
z6PfWU/T3ghapl6MgSkPP3caIuEREpPxP3+hDhXvIZhvNe4d6wHpHFYjfQOIULw7
ldVH64PWV0oni6SmHut07a9FklIE0sTEfvPHwTM0wykr4XVytzIVfgXSsjHpT7ph
vzLL
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:22:19 2025 by rpki-client