Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/o7YMI50D0SK0vLpE7naR86QWRXw.roa
File: o7YMI50D0SK0vLpE7naR86QWRXw.roa (raw, json)
Hash identifier: zqyt7biXEOAKS9v7KpEYbCKsTzS5ZrlhQf7z2iFvWOc=
Subject key identifier: A3:B6:0C:23:9D:03:D1:22:B4:BC:BA:44:EE:76:91:F3:A4:16:45:7C
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01980D835B3026BC05CE0A780C5AB4372A99
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/o7YMI50D0SK0vLpE7naR86QWRXw.roa
Signing time: Tue 15 Jul 2025 09:56:08 +0000
ROA not before: Tue 15 Jul 2025 09:56:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
89.36.32.0/24 maxlen: 24
89.36.33.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
212.232.19.0/24 maxlen: 24
2a0c:2500::/29 maxlen: 48
2a0c:2501::/32 maxlen: 48
2a0c:2502::/32 maxlen: 48
2a0c:2503::/32 maxlen: 48
2a14:6780::/32 maxlen: 48
2a14:6781::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0d:83:5b:30:26:bc:05:ce:0a:78:0c:5a:b4:37:2a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Jul 15 09:56:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3b60c239d03d122b4bcba44ee7691f3a416457c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:71:2e:89:34:0d:27:40:f6:4b:6a:8c:18:
f5:4a:17:28:d7:fc:c2:b6:56:79:b6:0d:b0:93:2d:
81:e0:89:3c:36:df:5e:46:97:43:15:0d:af:50:d2:
7e:b4:1e:22:75:98:1d:1a:d8:b5:de:0b:60:43:54:
b8:ea:92:fb:1a:9b:32:36:54:73:58:08:5c:bb:b9:
01:03:65:41:a9:13:9d:c4:a0:15:3c:0c:38:30:c0:
3b:7e:1f:28:29:c4:6a:42:c8:42:a7:33:ce:79:47:
16:f3:56:4f:b1:ed:44:c7:a8:e0:a3:4a:45:04:f7:
40:81:76:f3:2a:89:67:23:1b:ce:b7:f9:48:a3:25:
b5:ba:5b:ca:26:a3:7b:61:00:75:45:59:a4:84:b5:
42:8a:ac:ef:78:94:56:59:f3:48:65:71:ab:b2:45:
82:6b:b0:c7:04:12:7f:43:a3:57:e2:87:31:55:4d:
f5:2c:db:da:16:40:31:3c:42:6c:38:9e:78:3b:9c:
69:86:bc:b7:d7:34:23:15:71:c5:75:01:6e:33:76:
3c:5e:94:ff:68:fa:8b:b1:c3:c2:bc:7c:82:cf:8c:
c0:f3:fd:5b:eb:a3:69:13:72:eb:5a:4a:23:00:fa:
ed:b2:65:42:e9:5a:2b:f1:27:3e:5c:57:fd:1f:73:
14:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B6:0C:23:9D:03:D1:22:B4:BC:BA:44:EE:76:91:F3:A4:16:45:7C
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/o7YMI50D0SK0vLpE7naR86QWRXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
62.169.152.0/24
89.36.32.0/23
89.36.35.0/24
185.121.133.0/24
185.121.135.0/24
185.144.70.0/23
212.232.18.0/23
IPv6:
2a0c:2500::/29
2a14:6780::/31
Signature Algorithm: sha256WithRSAEncryption
3d:91:a0:37:34:6a:78:21:9c:92:a3:3b:6e:21:50:c6:32:fe:
53:6a:41:2d:c5:69:bd:71:0a:f3:1f:6b:d9:c4:02:76:34:5f:
68:38:56:bf:f3:df:e5:25:6e:97:91:2b:3b:1b:2d:aa:38:c6:
62:a5:13:b7:53:7e:cb:61:b8:7a:48:ec:fd:a2:a5:54:b4:ca:
36:2b:9f:d7:31:2b:7c:38:de:e8:dd:39:ae:83:b6:52:b0:c5:
bf:03:b4:87:e3:3f:d0:d1:b0:6b:a6:15:b9:b4:bd:cf:f7:fd:
ad:9f:45:f7:ab:26:e1:bb:4b:f8:72:30:13:e8:b3:e7:46:b3:
1d:46:ec:e1:d5:3f:d2:46:74:48:27:c7:b0:ce:20:3d:11:aa:
97:cd:16:95:f2:82:6c:8e:c2:f8:fd:d1:ad:b5:4d:3a:47:49:
8d:6a:31:0b:67:88:9c:dd:2b:22:d3:15:36:3d:e8:fd:5c:65:
45:c0:8a:f4:a3:a4:f8:72:81:10:8c:ac:63:d6:3a:c5:a5:e9:
07:5d:c8:9d:b7:67:e1:b2:f0:9e:a7:85:8c:7a:2c:04:0c:b1:
78:fd:36:db:e7:b8:8f:34:cb:57:dd:77:5c:20:c6:9b:85:dc:
65:54:45:a8:26:20:4e:ae:b1:fa:69:50:87:39:68:d2:74:95:
ca:50:39:62
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZgNg1swJrwFzgp4DFq0NyqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNzE1MDk1NjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2I2MGMyMzlkMDNkMTIyYjRiY2JhNDRlZTc2OTFmM2E0MTY0NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdZxLok0DSdA9ktqjBj1Shco1/zC
tlZ5tg2wky2B4Ik8Nt9eRpdDFQ2vUNJ+tB4idZgdGti13gtgQ1S46pL7GpsyNlRz
WAhcu7kBA2VBqROdxKAVPAw4MMA7fh8oKcRqQshCpzPOeUcW81ZPse1Ex6jgo0pF
BPdAgXbzKolnIxvOt/lIoyW1ulvKJqN7YQB1RVmkhLVCiqzveJRWWfNIZXGrskWC
a7DHBBJ/Q6NX4ocxVU31LNvaFkAxPEJsOJ54O5xphry31zQjFXHFdQFuM3Y8XpT/
aPqLscPCvHyCz4zA8/1b66NpE3LrWkojAPrtsmVC6Vor8Sc+XFf9H3MURQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKO2DCOdA9EitLy6RO52kfOkFkV8MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvbzdZTUk1MEQwU0swdkxwRTduYVI4NlFXUlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAHxkLAwQA
PqmYAwQBWSQgAwQAWSQjAwQAuXmFAwQAuXmHAwQBuZBGAwQB1OgSMBQEAgACMA4D
BQMqDCUAAwUBKhRngDANBgkqhkiG9w0BAQsFAAOCAQEAPZGgNzRqeCGckqM7biFQ
xjL+U2pBLcVpvXEK8x9r2cQCdjRfaDhWv/Pf5SVul5ErOxstqjjGYqUTt1N+y2G4
ekjs/aKlVLTKNiuf1zErfDje6N05roO2UrDFvwO0h+M/0NGwa6YVubS9z/f9rZ9F
96sm4btL+HIwE+iz50azHUbs4dU/0kZ0SCfHsM4gPRGql80WlfKCbI7C+P3RrbVN
OkdJjWoxC2eInN0rItMVNj3o/VxlRcCK9KOk+HKBEIysY9Y6xaXpB13Inbdn4bLw
nqeFjHosBAyxeP022+e4jzTLV913XCDGm4XcZVRFqCYgTq6x+mlQhzlo0nSVylA5
Yg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:40:30 2025 by rpki-client