Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/kqIK4ViX12p6eIuBG0T4dHMIIHI.roa
File: kqIK4ViX12p6eIuBG0T4dHMIIHI.roa (raw, json)
Hash identifier: PaO/dVKACGH2GQrFFW5fxxz+R4Obi2vhR9vhB2cSwQc=
Subject key identifier: 92:A2:0A:E1:58:97:D7:6A:7A:78:8B:81:1B:44:F8:74:73:08:20:72
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 0197E4CF55D2F3765C6D317B1956AFC6EFF8
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/kqIK4ViX12p6eIuBG0T4dHMIIHI.roa
Signing time: Mon 07 Jul 2025 12:14:42 +0000
ROA not before: Mon 07 Jul 2025 12:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/20 maxlen: 20
217.12.16.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.20.0/24 maxlen: 24
217.12.21.0/24 maxlen: 24
217.12.22.0/23 maxlen: 23
217.12.22.0/24 maxlen: 24
217.12.23.0/24 maxlen: 24
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:cf:55:d2:f3:76:5c:6d:31:7b:19:56:af:c6:ef:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Jul 7 12:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92a20ae15897d76a7a788b811b44f87473082072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:12:43:03:c9:be:aa:e2:09:d5:a1:b7:95:28:
a1:b2:c8:cc:82:64:37:83:d1:01:27:2f:93:e7:da:
3b:46:39:d5:e3:8c:4f:e0:c0:8f:5f:c4:a1:a8:ae:
af:00:63:1d:cd:3e:9c:0c:df:88:7b:72:04:1b:42:
09:2f:31:2f:c8:e2:c7:80:3d:1f:7a:c2:c5:cb:f0:
4b:81:aa:22:6b:0d:34:51:24:e0:90:11:f1:83:b8:
a6:20:4c:b4:86:7d:e5:af:68:c4:b2:1a:15:71:d5:
27:7d:0c:42:08:6f:ea:08:b5:02:18:94:fc:97:7d:
d3:86:18:7d:98:76:f6:ad:71:75:8b:33:cb:44:ed:
bd:b1:a0:2a:7e:c1:79:0a:72:62:21:75:3c:b0:73:
3f:07:de:40:48:29:5a:7d:96:e7:12:67:23:26:7f:
20:fa:6c:11:5f:46:de:fb:3a:05:e6:64:d5:cf:ba:
af:7e:ab:20:f7:48:cd:f0:c5:5f:63:77:5f:18:dc:
85:0d:e8:bb:3b:f8:8a:ca:ee:20:db:8c:17:46:dc:
6f:f1:2e:e3:bf:ba:cd:87:48:be:98:85:12:47:d7:
23:93:26:80:3c:40:e7:59:98:3c:80:e1:5d:94:d7:
f9:2c:5e:21:96:13:f8:1a:fb:cf:5f:e7:01:a5:2a:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A2:0A:E1:58:97:D7:6A:7A:78:8B:81:1B:44:F8:74:73:08:20:72
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/kqIK4ViX12p6eIuBG0T4dHMIIHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
a8:ca:73:a1:69:36:51:6d:5a:ae:21:a2:b1:9d:74:2e:0a:e2:
bc:e8:7a:b7:8d:03:59:e1:15:76:16:6e:a5:40:c8:20:c9:63:
fa:50:77:02:8f:28:63:47:7b:e0:44:10:11:5d:b4:7b:04:2e:
03:cf:fe:bd:4b:b9:9a:77:55:6a:e3:95:03:bd:62:b0:64:c2:
ea:7e:b1:7d:2e:e4:55:3b:76:6c:90:10:59:89:b1:53:fa:d8:
08:78:a6:ee:a3:56:49:70:4a:a8:63:11:c9:fc:49:b6:0c:ca:
5f:81:1b:90:e6:6e:3d:ff:65:8b:ad:13:2c:19:03:fc:48:0d:
fd:d9:f2:04:5e:c6:34:c7:2d:fd:0b:29:33:6a:c7:e3:a4:d5:
d8:d7:66:dd:5a:b5:b6:c3:fa:eb:bf:24:6d:35:3d:18:e3:e5:
8d:5a:11:e2:ba:e4:e2:1d:70:57:3f:bc:33:5c:5b:fb:84:0d:
e7:00:e5:f7:24:f9:09:2a:70:83:fe:f1:78:c3:6a:ed:90:fd:
58:4c:b8:19:57:68:48:33:3b:04:b5:64:bb:19:be:0e:f0:c2:
0f:89:11:cf:9f:8c:7f:23:9b:2d:ea:03:b8:1e:7d:ef:85:88:
20:55:23:25:6c:4e:a3:f8:fb:36:02:7d:14:e7:99:a5:34:ad:
a5:03:76:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfkz1XS83ZcbTF7GVavxu/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjUwNzA3MTIxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmEyMGFlMTU4OTdkNzZhN2E3ODhiODExYjQ0Zjg3NDczMDgyMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RJDA8m+quIJ1aG3lSihssjMgmQ3
g9EBJy+T59o7RjnV44xP4MCPX8ShqK6vAGMdzT6cDN+Ie3IEG0IJLzEvyOLHgD0f
esLFy/BLgaoiaw00USTgkBHxg7imIEy0hn3lr2jEshoVcdUnfQxCCG/qCLUCGJT8
l33Thhh9mHb2rXF1izPLRO29saAqfsF5CnJiIXU8sHM/B95ASClafZbnEmcjJn8g
+mwRX0be+zoF5mTVz7qvfqsg90jN8MVfY3dfGNyFDei7O/iKyu4g24wXRtxv8S7j
v7rNh0i+mIUSR9cjkyaAPEDnWZg8gOFdlNf5LF4hlhP4GvvPX+cBpSo0xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJKiCuFYl9dqeniLgRtE+HRzCCByMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEva3FJSzRWaVgxMnA2ZUl1QkcwVDRkSE1JSUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucX0AwQE
2QwQMA0GCSqGSIb3DQEBCwUAA4IBAQCoynOhaTZRbVquIaKxnXQuCuK86Hq3jQNZ
4RV2Fm6lQMggyWP6UHcCjyhjR3vgRBARXbR7BC4Dz/69S7mad1Vq45UDvWKwZMLq
frF9LuRVO3ZskBBZibFT+tgIeKbuo1ZJcEqoYxHJ/Em2DMpfgRuQ5m49/2WLrRMs
GQP8SA392fIEXsY0xy39CykzasfjpNXY12bdWrW2w/rrvyRtNT0Y4+WNWhHiuuTi
HXBXP7wzXFv7hA3nAOX3JPkJKnCD/vF4w2rtkP1YTLgZV2hIMzsEtWS7Gb4O8MIP
iRHPn4x/I5st6gO4Hn3vhYggVSMlbE6j+Ps2An0U55mlNK2lA3Z4
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:30:13 2025 by rpki-client