Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/Dh_PGcah1amxFNaKHyr8GSWi0PM.roa
File: Dh_PGcah1amxFNaKHyr8GSWi0PM.roa (raw, json)
Hash identifier: aWuvVvbhf111USH5RwpYaeoTHWgggPXcMAanGVjaecw=
Subject key identifier: 0E:1F:CF:19:C6:A1:D5:A9:B1:14:D6:8A:1F:2A:FC:19:25:A2:D0:F3
Certificate issuer: /CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Certificate serial: 0197E9866735AD1768B54D35D8A5CAA384A1
Authority key identifier: BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/Dh_PGcah1amxFNaKHyr8GSWi0PM.roa
Signing time: Tue 08 Jul 2025 10:13:08 +0000
ROA not before: Tue 08 Jul 2025 10:13:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12779
IP address blocks: 194.180.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.mft
rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:86:67:35:ad:17:68:b5:4d:35:d8:a5:ca:a3:84:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba77301e14d65b3a3d686daac16dfc49ac48c7cd
Validity
Not Before: Jul 8 10:13:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e1fcf19c6a1d5a9b114d68a1f2afc1925a2d0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:61:32:b4:2e:cc:f0:be:be:fa:53:92:b3:
a0:82:9e:ca:be:d6:a5:5b:fe:58:ad:c8:ce:3c:99:
81:6d:ce:07:be:d5:e7:a8:2c:0a:19:08:6f:ac:c3:
cb:61:44:f5:9e:44:51:5a:e3:ce:1d:d7:0f:99:4a:
77:bf:f2:39:53:52:8f:d1:14:85:da:b1:16:01:b1:
cd:8a:6c:66:92:0d:c3:f2:5f:8b:fa:e2:5c:db:e6:
b1:34:e2:7d:69:aa:6c:cb:36:3d:6a:fd:21:01:a3:
7c:69:a0:c4:bd:32:7b:00:cd:2c:ff:5a:cd:e1:33:
b6:22:65:0d:82:98:d7:99:e1:bb:21:b5:ef:39:44:
ae:2a:9e:07:b6:78:a2:1e:0c:22:e1:0b:f1:27:c9:
12:16:aa:b0:95:f9:15:12:20:a9:32:c3:e0:69:ca:
f3:ab:3c:57:eb:b4:d8:b9:d6:ad:7f:43:2f:cc:59:
6e:f5:8c:ab:de:d2:9c:49:86:7b:02:a9:04:96:24:
8f:5d:a4:47:e2:c7:e1:ab:26:24:f9:27:59:22:20:
e9:e3:a7:8c:59:03:ee:42:f9:7c:cb:6b:1c:33:87:
b0:f0:a2:58:ca:8e:d8:de:42:53:b4:9a:5d:25:bc:
4e:b4:9d:85:d7:96:9a:45:d2:5a:50:b1:37:94:97:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1F:CF:19:C6:A1:D5:A9:B1:14:D6:8A:1F:2A:FC:19:25:A2:D0:F3
X509v3 Authority Key Identifier:
keyid:BA:77:30:1E:14:D6:5B:3A:3D:68:6D:AA:C1:6D:FC:49:AC:48:C7:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uncwHhTWWzo9aG2qwW38SaxIx80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/Dh_PGcah1amxFNaKHyr8GSWi0PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b7393b-6818-48d3-b081-5c68f6b0b2c7/1/uncwHhTWWzo9aG2qwW38SaxIx80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.55.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d5:7a:5f:40:4d:6d:fe:c6:00:1d:5d:8f:cc:01:e1:57:d2:
e1:69:0b:43:67:9b:29:8e:79:6a:a0:c6:44:44:cd:29:bf:1c:
bf:3f:03:47:77:1e:70:11:74:2d:e0:b0:88:de:b1:7b:95:97:
3e:1f:4d:83:2e:d7:ca:70:95:49:7f:52:f7:0e:a9:27:45:95:
9d:e0:3e:8f:03:4f:e0:da:a0:27:56:e7:13:e7:ab:66:9d:79:
82:fb:11:6d:91:e7:a8:e0:c0:9d:1b:a8:41:6f:08:ea:ab:24:
71:98:be:cf:44:f4:cf:fa:c3:ba:63:54:ff:a7:68:47:3e:3d:
72:97:ea:72:ba:6d:7a:ab:e8:09:82:2d:87:a2:39:a2:87:b9:
60:47:87:7f:63:73:86:19:5d:f1:7d:3b:e1:ff:d9:e1:5e:4a:
bd:27:84:16:ca:8f:53:ba:e8:c1:dd:30:d0:5d:8e:01:6a:22:
1b:49:57:fd:d1:e0:5b:45:84:22:5e:9e:31:91:3d:3e:73:7c:
4d:3c:9d:56:f9:87:0f:54:7b:59:00:b6:3b:a4:39:d9:c2:2c:
23:5f:5d:8b:f4:79:ba:24:df:3e:76:5f:f1:9b:2f:7f:96:d5:
38:27:59:75:57:71:3b:9e:1e:2c:b0:af:de:e4:ed:2d:0f:3e:
f9:24:15:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfphmc1rRdotU012KXKo4ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzczMDFlMTRkNjViM2EzZDY4NmRhYWMxNmRmYzQ5YWM0
OGM3Y2QwHhcNMjUwNzA4MTAxMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFmY2YxOWM2YTFkNWE5YjExNGQ2OGExZjJhZmMxOTI1YTJkMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKBhMrQuzPC+vvpTkrOggp7Kvtal
W/5YrcjOPJmBbc4HvtXnqCwKGQhvrMPLYUT1nkRRWuPOHdcPmUp3v/I5U1KP0RSF
2rEWAbHNimxmkg3D8l+L+uJc2+axNOJ9aapsyzY9av0hAaN8aaDEvTJ7AM0s/1rN
4TO2ImUNgpjXmeG7IbXvOUSuKp4HtniiHgwi4QvxJ8kSFqqwlfkVEiCpMsPgacrz
qzxX67TYudatf0MvzFlu9Yyr3tKcSYZ7AqkEliSPXaRH4sfhqyYk+SdZIiDp46eM
WQPuQvl8y2scM4ew8KJYyo7Y3kJTtJpdJbxOtJ2F15aaRdJaULE3lJeTDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4fzxnGodWpsRTWih8q/BklotDzMB8GA1UdIwQY
MBaAFLp3MB4U1ls6PWhtqsFt/EmsSMfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEt
NWM2OGY2YjBiMmM3LzEvRGhfUEdjYWgxYW14Rk5hS0h5cjhHU1dpMFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzM5M2ItNjgxOC00OGQzLWIwODEtNWM2OGY2YjBiMmM3
LzEvdW5jd0hoVFdXem85YUcycXdXMzhTYXhJeDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrQ3MA0G
CSqGSIb3DQEBCwUAA4IBAQBr1XpfQE1t/sYAHV2PzAHhV9LhaQtDZ5spjnlqoMZE
RM0pvxy/PwNHdx5wEXQt4LCI3rF7lZc+H02DLtfKcJVJf1L3DqknRZWd4D6PA0/g
2qAnVucT56tmnXmC+xFtkeeo4MCdG6hBbwjqqyRxmL7PRPTP+sO6Y1T/p2hHPj1y
l+pyum16q+gJgi2Hojmih7lgR4d/Y3OGGV3xfTvh/9nhXkq9J4QWyo9TuujB3TDQ
XY4BaiIbSVf90eBbRYQiXp4xkT0+c3xNPJ1W+YcPVHtZALY7pDnZwiwjX12L9Hm6
JN8+dl/xmy9/ltU4J1l1V3E7nh4ssK/e5O0tDz75JBWL
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:18:47 2025 by rpki-client