
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/av04jWa8rKYQ3nk3tcQ4QNzDf24.roa
File: av04jWa8rKYQ3nk3tcQ4QNzDf24.roa (raw, json)
Hash identifier: sB985eweguyIFZeDXj+lMH1jkA5cLTMNgeC7bZvuV5I=
Subject key identifier: 6A:FD:38:8D:66:BC:AC:A6:10:DE:79:37:B5:C4:38:40:DC:C3:7F:6E
Certificate issuer: /CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Certificate serial: 0197E5197F633BBB8D0EC8881DA921D93285
Authority key identifier: 5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/av04jWa8rKYQ3nk3tcQ4QNzDf24.roa
Signing time: Mon 07 Jul 2025 13:35:42 +0000
ROA not before: Mon 07 Jul 2025 13:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12360
IP address blocks: 185.9.12.0/22 maxlen: 22
193.47.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/XfsHTUe34LyJHtBuqPxn447PUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/XfsHTUe34LyJHtBuqPxn447PUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:19:7f:63:3b:bb:8d:0e:c8:88:1d:a9:21:d9:32:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Validity
Not Before: Jul 7 13:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6afd388d66bcaca610de7937b5c43840dcc37f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6d:ae:a8:66:74:9a:02:02:b9:22:3b:f4:cb:
24:9e:aa:bc:bb:2e:19:5b:c0:32:37:e5:03:67:1e:
c7:5d:c4:41:ff:19:84:f8:a5:bd:39:05:c4:cb:9a:
f0:85:8c:59:e0:1b:0b:11:f9:71:7b:2c:53:9d:51:
e4:86:5c:7e:77:d3:18:29:ef:80:ea:96:be:98:69:
e8:12:ba:94:c2:28:fa:b1:d6:b8:a1:6c:fa:3b:58:
af:a1:9d:69:bc:f3:23:d3:e0:cc:3b:15:c2:db:89:
20:7f:d8:84:3e:ad:91:e3:47:35:85:7d:23:d4:31:
7b:64:ae:94:64:12:30:ea:d6:ad:f8:c1:10:03:c4:
4b:77:83:c4:a5:23:f2:b0:eb:6e:c8:10:12:d2:7d:
af:3a:ed:7e:29:a5:42:d7:80:e6:95:2b:03:2a:01:
fa:f5:24:17:cf:db:99:1f:ee:af:68:49:cb:bc:7c:
89:84:9b:b3:c3:f5:4e:f0:44:45:0b:b3:f4:58:fa:
21:f9:15:f7:5e:8b:a2:78:b6:32:e1:78:a5:09:50:
00:5d:ef:a9:37:82:ba:9b:af:d0:be:b0:82:0d:7f:
38:a4:04:18:bb:9c:65:27:f2:94:21:c0:8e:71:8a:
ef:5c:46:ef:6f:da:b9:6a:36:39:d4:9d:7f:91:ee:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FD:38:8D:66:BC:AC:A6:10:DE:79:37:B5:C4:38:40:DC:C3:7F:6E
X509v3 Authority Key Identifier:
keyid:5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/av04jWa8rKYQ3nk3tcQ4QNzDf24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/XfsHTUe34LyJHtBuqPxn447PUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.12.0/22
193.47.161.0/24
Signature Algorithm: sha256WithRSAEncryption
04:39:60:20:6f:07:a0:f3:20:03:1f:f1:cc:ef:1d:41:4c:cc:
56:44:1f:74:57:94:e2:a4:33:39:fe:3b:13:7e:a3:02:64:32:
c8:d8:cc:4d:17:35:dc:0b:93:38:b1:78:78:43:d0:45:00:6f:
40:63:f1:fc:ed:35:a8:17:3d:c0:de:b2:70:c2:55:75:07:57:
4a:ff:a1:46:92:7a:18:79:76:b9:47:41:bd:c1:b9:f4:5d:40:
b6:4e:d1:7b:fa:1e:7e:fe:a9:43:e4:ae:12:6c:18:95:18:c8:
e4:c9:97:a2:4b:df:8b:f3:0c:f2:c6:5c:83:be:f1:19:a4:b9:
d6:9b:98:60:ae:0c:b4:6e:cd:a2:92:9c:fb:6a:f3:8a:97:d9:
4c:5b:32:a1:ad:c1:81:e1:c9:af:d8:77:74:32:a0:12:6b:ec:
12:d5:5e:f3:98:a1:60:b2:3d:7b:1a:7e:10:d6:a8:92:31:18:
7f:fa:18:e7:0e:19:6e:35:1f:94:3c:87:6e:69:97:eb:cb:7e:
20:be:8b:50:c2:92:8f:b9:cf:35:5d:7f:d3:f4:24:15:9c:d1:
dc:a3:73:c4:eb:83:05:f6:03:a8:1d:22:28:cb:e3:a2:b7:f4:
7a:1d:b1:4e:59:3c:65:48:da:c9:3b:d3:e3:ac:dd:1c:a1:80:
8e:db:ff:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZflGX9jO7uNDsiIHakh2TKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmIwNzRkNDdiN2UwYmM4OTFlZDA2ZWE4ZmM2N2UzOGVj
ZjUwYTEwHhcNMjUwNzA3MTMzNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZkMzg4ZDY2YmNhY2E2MTBkZTc5MzdiNWM0Mzg0MGRjYzM3ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW2uqGZ0mgICuSI79Msknqq8uy4Z
W8AyN+UDZx7HXcRB/xmE+KW9OQXEy5rwhYxZ4BsLEflxeyxTnVHkhlx+d9MYKe+A
6pa+mGnoErqUwij6sda4oWz6O1ivoZ1pvPMj0+DMOxXC24kgf9iEPq2R40c1hX0j
1DF7ZK6UZBIw6tat+MEQA8RLd4PEpSPysOtuyBAS0n2vOu1+KaVC14DmlSsDKgH6
9SQXz9uZH+6vaEnLvHyJhJuzw/VO8ERFC7P0WPoh+RX3XouieLYy4XilCVAAXe+p
N4K6m6/QvrCCDX84pAQYu5xlJ/KUIcCOcYrvXEbvb9q5ajY51J1/ke71ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGr9OI1mvKymEN55N7XEOEDcw39uMB8GA1UdIwQY
MBaAFF37B01Ht+C8iR7Qbqj8Z+OOz1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQt
Y2Y2YTYzZTRlZmI2LzEvYXYwNGpXYThyS1lRM25rM3RjUTRRTnpEZjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQtY2Y2YTYzZTRlZmI2
LzEvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQkMAwQA
wS+hMA0GCSqGSIb3DQEBCwUAA4IBAQAEOWAgbweg8yADH/HM7x1BTMxWRB90V5Ti
pDM5/jsTfqMCZDLI2MxNFzXcC5M4sXh4Q9BFAG9AY/H87TWoFz3A3rJwwlV1B1dK
/6FGknoYeXa5R0G9wbn0XUC2TtF7+h5+/qlD5K4SbBiVGMjkyZeiS9+L8wzyxlyD
vvEZpLnWm5hgrgy0bs2ikpz7avOKl9lMWzKhrcGB4cmv2Hd0MqASa+wS1V7zmKFg
sj17Gn4Q1qiSMRh/+hjnDhluNR+UPIduaZfry34gvotQwpKPuc81XX/T9CQVnNHc
o3PE64MF9gOoHSIoy+Oit/R6HbFOWTxlSNrJO9PjrN0coYCO2/9Q
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:40:34 2025 by rpki-client