Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/sUWqfK8lQ00leYnkVH10Ne2J_pg.roa
File: sUWqfK8lQ00leYnkVH10Ne2J_pg.roa (raw, json)
Hash identifier: /8L8fVSDnCy6dVHFrdbjnwTMBA89vKnVyPdJKfPn3Kk=
Subject key identifier: B1:45:AA:7C:AF:25:43:4D:25:79:89:E4:54:7D:74:35:ED:89:FE:98
Certificate issuer: /CN=7059e03a08e17416f66546307988349991b84a2e
Certificate serial: 01980C8041F12C45EAE5D7FBFF9ACBAF9CB7
Authority key identifier: 70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/sUWqfK8lQ00leYnkVH10Ne2J_pg.roa
Signing time: Tue 15 Jul 2025 05:13:08 +0000
ROA not before: Tue 15 Jul 2025 05:13:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42605
IP address blocks: 83.136.72.0/21 maxlen: 24
167.17.80.0/21 maxlen: 24
185.111.192.0/22 maxlen: 24
2a02:b28::/29 maxlen: 29
2a02:b28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0c:80:41:f1:2c:45:ea:e5:d7:fb:ff:9a:cb:af:9c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7059e03a08e17416f66546307988349991b84a2e
Validity
Not Before: Jul 15 05:13:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b145aa7caf25434d257989e4547d7435ed89fe98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0e:d1:be:37:6c:28:9a:07:b9:15:09:cd:c5:
be:ea:e2:47:bc:33:79:93:e7:e8:c5:3c:7c:90:db:
eb:c6:cd:5a:22:89:8b:75:a4:7d:ff:33:c2:25:fa:
0f:9d:26:eb:bb:b9:85:92:5a:10:80:57:f2:df:d9:
f4:9e:3e:41:aa:aa:e8:3b:9a:90:1c:33:95:79:2e:
4b:03:72:46:6d:39:6a:11:26:24:10:eb:36:cf:99:
2b:5b:64:82:a3:51:a9:19:95:7d:03:81:e5:60:61:
f7:e2:93:eb:44:5d:cb:c2:ce:49:54:fd:8b:50:3c:
3e:08:66:6e:ce:73:e6:8d:6c:6d:f0:e7:77:5f:8a:
66:9e:d1:6d:28:f5:a0:4d:04:ee:2b:79:72:ff:24:
e7:e7:f5:e5:ab:3b:eb:10:31:c6:ad:22:80:4c:d7:
dc:ab:49:5a:da:d9:b7:3b:e3:a7:9f:c4:55:f5:f2:
fc:95:a3:4b:40:18:33:a7:3f:a7:da:37:91:4c:01:
b8:c5:02:04:98:33:a0:06:a5:ce:e8:31:82:a3:ef:
9b:45:02:83:58:7f:5e:df:3a:82:e6:92:f5:fe:0b:
9e:84:53:12:4a:32:60:3e:10:79:b4:22:96:86:d0:
25:e8:e3:1b:09:06:85:5a:3b:b6:a2:f0:80:10:4f:
55:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:45:AA:7C:AF:25:43:4D:25:79:89:E4:54:7D:74:35:ED:89:FE:98
X509v3 Authority Key Identifier:
keyid:70:59:E0:3A:08:E1:74:16:F6:65:46:30:79:88:34:99:91:B8:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFngOgjhdBb2ZUYweYg0mZG4Si4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/sUWqfK8lQ00leYnkVH10Ne2J_pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/065dba-eef9-480d-a880-9175c8408e5e/1/cFngOgjhdBb2ZUYweYg0mZG4Si4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.72.0/21
167.17.80.0/21
185.111.192.0/22
IPv6:
2a02:b28::/29
Signature Algorithm: sha256WithRSAEncryption
a2:c6:c9:21:46:10:4e:8c:ea:43:db:b3:03:61:f9:c3:b3:00:
1f:b4:52:56:de:ec:32:c4:09:51:00:d6:16:a8:7d:ec:18:f0:
17:c5:8b:8a:6d:93:41:f1:ff:f7:d6:b5:e2:e4:08:bd:3d:e2:
f1:a8:84:9f:cf:61:e8:fd:d5:51:02:33:9c:13:28:be:78:30:
c5:90:bd:8e:f8:00:9f:ee:5e:61:d9:f8:24:7d:50:5f:00:46:
6e:c9:ba:e0:08:d8:48:51:02:d7:27:4e:c0:3a:ef:1b:ad:61:
78:5e:89:7e:24:74:cf:e6:56:74:5b:4f:6b:87:3a:41:de:d7:
96:04:c4:bc:bc:ea:8e:f0:3f:1c:08:cc:64:4c:77:18:13:fb:
f2:62:d3:e2:b8:4f:75:f5:70:dc:6f:13:f1:a4:86:c9:43:9a:
8b:cb:b7:55:d4:6b:d2:79:a8:2a:f5:6f:5d:32:0d:07:18:95:
76:b2:41:13:df:64:07:59:92:95:f5:fd:c0:fe:67:6a:14:f5:
10:08:d8:22:99:f4:d1:c8:b8:91:8d:c8:d1:7b:73:de:0f:2e:
41:7b:1a:72:af:09:ce:62:3a:20:71:55:5e:01:fb:1a:cb:c3:
13:22:ef:28:50:59:2c:aa:5d:ba:52:03:e2:0c:88:e8:f3:30:
28:f1:a1:bc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZgMgEHxLEXq5df7/5rLr5y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNTllMDNhMDhlMTc0MTZmNjY1NDYzMDc5ODgzNDk5OTFi
ODRhMmUwHhcNMjUwNzE1MDUxMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ1YWE3Y2FmMjU0MzRkMjU3OTg5ZTQ1NDdkNzQzNWVkODlmZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA7RvjdsKJoHuRUJzcW+6uJHvDN5
k+foxTx8kNvrxs1aIomLdaR9/zPCJfoPnSbru7mFkloQgFfy39n0nj5BqqroO5qQ
HDOVeS5LA3JGbTlqESYkEOs2z5krW2SCo1GpGZV9A4HlYGH34pPrRF3Lws5JVP2L
UDw+CGZuznPmjWxt8Od3X4pmntFtKPWgTQTuK3ly/yTn5/XlqzvrEDHGrSKATNfc
q0la2tm3O+Onn8RV9fL8laNLQBgzpz+n2jeRTAG4xQIEmDOgBqXO6DGCo++bRQKD
WH9e3zqC5pL1/guehFMSSjJgPhB5tCKWhtAl6OMbCQaFWju2ovCAEE9VBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLFFqnyvJUNNJXmJ5FR9dDXtif6YMB8GA1UdIwQY
MBaAFHBZ4DoI4XQW9mVGMHmINJmRuEouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAt
OTE3NWM4NDA4ZTVlLzEvc1VXcWZLOGxRMDBsZVlua1ZIMTBOZTJKX3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wNjVkYmEtZWVmOS00ODBkLWE4ODAtOTE3NWM4NDA4ZTVl
LzEvY0ZuZ09namhkQmIyWlVZd2VZZzBtWkc0U2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU4hIAwQD
pxFQAwQCuW/AMA0EAgACMAcDBQMqAgsoMA0GCSqGSIb3DQEBCwUAA4IBAQCixskh
RhBOjOpD27MDYfnDswAftFJW3uwyxAlRANYWqH3sGPAXxYuKbZNB8f/31rXi5Ai9
PeLxqISfz2Ho/dVRAjOcEyi+eDDFkL2O+ACf7l5h2fgkfVBfAEZuybrgCNhIUQLX
J07AOu8brWF4Xol+JHTP5lZ0W09rhzpB3teWBMS8vOqO8D8cCMxkTHcYE/vyYtPi
uE919XDcbxPxpIbJQ5qLy7dV1GvSeagq9W9dMg0HGJV2skET32QHWZKV9f3A/mdq
FPUQCNgimfTRyLiRjcjRe3PeDy5BexpyrwnOYjogcVVeAfsay8MTIu8oUFksql26
UgPiDIjo8zAo8aG8
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:48:59 2025 by rpki-client