Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/m30AM2TdwhKzdf1N10cQP_Viy_c.roa
File: m30AM2TdwhKzdf1N10cQP_Viy_c.roa (raw, json)
Hash identifier: CM1Hu68gDxVweB/504GwCoDAaC8vSBSM1qlN7Xy5w+M=
Subject key identifier: 9B:7D:00:33:64:DD:C2:12:B3:75:FD:4D:D7:47:10:3F:F5:62:CB:F7
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0197F37C7843D3C5CCE2D17005B4A61608DE
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/m30AM2TdwhKzdf1N10cQP_Viy_c.roa
Signing time: Thu 10 Jul 2025 08:38:30 +0000
ROA not before: Thu 10 Jul 2025 08:38:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8820
IP address blocks: 46.236.208.0/20 maxlen: 24
78.41.48.0/22 maxlen: 24
81.92.0.0/20 maxlen: 24
82.139.196.0/22 maxlen: 24
82.139.200.0/22 maxlen: 24
82.139.222.0/23 maxlen: 24
82.139.252.0/22 maxlen: 24
195.8.224.0/19 maxlen: 24
195.8.253.0/24 maxlen: 24
195.8.254.2/31 maxlen: 32
212.17.224.0/19 maxlen: 24
212.60.128.0/19 maxlen: 24
213.240.128.0/18 maxlen: 24
2a01:170::/32 maxlen: 64
2a01:170:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:7c:78:43:d3:c5:cc:e2:d1:70:05:b4:a6:16:08:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Jul 10 08:38:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b7d003364ddc212b375fd4dd747103ff562cbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:e2:90:94:35:dd:79:1d:2f:6b:20:bc:4b:
05:43:04:0e:41:5c:be:9f:e4:ff:0c:d4:69:d9:8e:
5f:5c:c4:f5:ef:78:b5:64:9f:99:6f:6f:3a:eb:7b:
bb:94:22:8b:99:28:d9:ac:ff:98:1c:4c:e0:b6:85:
90:fd:33:54:16:45:7a:03:aa:57:8c:64:f4:e1:0c:
8d:d5:53:ff:bf:0d:7f:17:a6:36:ae:7e:ed:65:b6:
9e:5e:f5:23:1b:6b:89:1b:9d:6e:f0:f3:fe:cd:92:
b8:78:bb:50:79:4e:74:8c:93:e9:eb:0c:7b:8d:6e:
7f:fa:6d:a3:b7:84:4a:f7:c0:ff:f6:27:de:85:24:
9d:1c:48:66:e9:a3:0f:67:33:c0:64:98:f3:b7:ef:
4e:d3:ce:7a:6d:07:a9:30:87:4f:53:99:02:e8:d3:
a1:54:3b:65:c4:79:f1:f2:94:a3:8d:63:8d:72:d8:
d3:6f:7e:e0:2e:7f:61:f1:7a:82:8f:35:00:a7:69:
5d:bc:d5:2e:d6:c2:1e:6f:0e:3f:10:2f:98:14:0f:
49:fd:13:a8:e2:a6:7e:b6:96:87:8d:92:4e:3f:64:
38:ef:c6:10:84:dd:37:06:ca:2d:be:39:af:cd:4e:
e6:ed:21:dc:f5:9d:1a:f4:d2:ee:aa:cc:0e:37:02:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7D:00:33:64:DD:C2:12:B3:75:FD:4D:D7:47:10:3F:F5:62:CB:F7
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/m30AM2TdwhKzdf1N10cQP_Viy_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.208.0/20
78.41.48.0/22
81.92.0.0/20
82.139.196.0-82.139.203.255
82.139.222.0/23
82.139.252.0/22
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
Signature Algorithm: sha256WithRSAEncryption
32:23:f8:78:41:cc:93:de:e1:b8:cc:47:87:8b:3a:2e:66:0d:
1c:7d:2a:fa:a4:3c:09:22:34:ae:5e:a2:6e:03:91:fd:1e:0c:
23:42:03:fb:87:93:07:29:7f:39:38:d0:e2:a8:a8:65:c9:4c:
3a:c5:a2:02:c8:96:5e:75:54:d5:d5:13:4e:0d:f0:99:69:1a:
4e:bf:99:6b:d8:c6:6d:21:93:a9:a1:c6:10:21:8c:60:f3:36:
34:05:4b:25:91:cf:d2:67:8a:7f:23:07:e0:5c:0a:9b:b4:06:
b8:f3:b2:e9:8f:98:a3:29:44:06:a3:02:19:a3:ce:f1:13:fe:
54:58:85:08:75:a5:2e:d1:43:73:d3:0b:7c:e9:1e:60:e4:ee:
08:5d:56:78:7a:94:19:42:52:80:6a:f9:ac:e2:51:0a:40:79:
54:be:d1:fb:30:d9:23:5d:a1:d6:a6:80:cf:10:64:94:50:f1:
be:a4:16:dc:0f:ec:68:70:0a:5c:9c:3b:24:2f:84:9c:c6:89:
7d:93:ee:13:8f:d0:20:29:7f:95:4e:b8:aa:b1:e6:8d:a4:65:
ed:f8:68:7b:4c:46:49:e9:9c:c1:b2:89:dd:39:b6:30:e4:ef:
49:81:bf:78:b2:29:af:b9:0f:a5:c8:9d:1f:8d:56:6c:6c:a8:
f5:17:40:11
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZfzfHhD08XM4tFwBbSmFgjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNzEwMDgzODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdkMDAzMzY0ZGRjMjEyYjM3NWZkNGRkNzQ3MTAzZmY1NjJjYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOfikJQ13XkdL2sgvEsFQwQOQVy+
n+T/DNRp2Y5fXMT173i1ZJ+Zb28663u7lCKLmSjZrP+YHEzgtoWQ/TNUFkV6A6pX
jGT04QyN1VP/vw1/F6Y2rn7tZbaeXvUjG2uJG51u8PP+zZK4eLtQeU50jJPp6wx7
jW5/+m2jt4RK98D/9ifehSSdHEhm6aMPZzPAZJjzt+9O0856bQepMIdPU5kC6NOh
VDtlxHnx8pSjjWONctjTb37gLn9h8XqCjzUAp2ldvNUu1sIebw4/EC+YFA9J/ROo
4qZ+tpaHjZJOP2Q478YQhN03BsotvjmvzU7m7SHc9Z0a9NLuqswONwJLzwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJt9ADNk3cISs3X9TddHED/1Ysv3MB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvbTMwQU0yVGR3aEt6ZGYxTjEwY1FQX1ZpeV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQELuzQAwQC
TikwAwQEUVwAMAwDBAJSi8QDBAJSi8gDBAFSi94DBAJSi/wDBAXDCOADBAXUEeAD
BAXUPIADBAbV8IAwDQQCAAIwBwMFACoBAXAwDQYJKoZIhvcNAQELBQADggEBADIj
+HhBzJPe4bjMR4eLOi5mDRx9KvqkPAkiNK5eom4Dkf0eDCNCA/uHkwcpfzk40OKo
qGXJTDrFogLIll51VNXVE04N8JlpGk6/mWvYxm0hk6mhxhAhjGDzNjQFSyWRz9Jn
in8jB+BcCpu0BrjzsumPmKMpRAajAhmjzvET/lRYhQh1pS7RQ3PTC3zpHmDk7ghd
Vnh6lBlCUoBq+aziUQpAeVS+0fsw2SNdodamgM8QZJRQ8b6kFtwP7GhwClycOyQv
hJzGiX2T7hOP0CApf5VOuKqx5o2kZe34aHtMRknpnMGyid05tjDk70mBv3iyKa+5
D6XInR+NVmxsqPUXQBE=
-----END CERTIFICATE-----
Generated at Wed Jul 23 11:56:34 2025 by rpki-client