Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ClB4MM-9fa-jF5LaRunPD8sjRHQ.roa
File: ClB4MM-9fa-jF5LaRunPD8sjRHQ.roa (raw, json)
Hash identifier: A1V1Z3130pFQNGlDBStk+t/FqfI+19aPSUKakpU0wF0=
Subject key identifier: 0A:50:78:30:CF:BD:7D:AF:A3:17:92:DA:46:E9:CF:0F:CB:23:44:74
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0197E8A52E241350201B3764A6EFE7352C7C
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ClB4MM-9fa-jF5LaRunPD8sjRHQ.roa
Signing time: Tue 08 Jul 2025 06:07:08 +0000
ROA not before: Tue 08 Jul 2025 06:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 124.198.135.0/24 maxlen: 24
124.198.145.0/24 maxlen: 24
155.2.189.0/24 maxlen: 24
170.62.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:a5:2e:24:13:50:20:1b:37:64:a6:ef:e7:35:2c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 8 06:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a507830cfbd7dafa31792da46e9cf0fcb234474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:7b:c3:f5:8f:38:30:40:d3:e6:30:d0:da:
d9:56:77:c7:c8:20:82:8b:45:71:ec:68:dd:a9:bf:
53:22:00:12:de:7c:83:68:52:d1:a2:5b:16:af:d6:
1d:79:34:27:80:08:74:b2:a4:0e:ab:71:e4:ff:d0:
33:c7:1b:0e:8f:e3:50:3e:78:d0:a5:d5:7c:c5:d4:
e4:88:0e:a4:2f:cc:dc:b9:3a:ec:f7:6a:8c:14:36:
0f:8e:45:f7:8c:cd:d9:97:05:89:9c:39:99:9e:55:
44:de:4c:3e:8c:9a:68:64:0b:47:44:ed:d0:1f:6c:
ed:92:8d:d5:fe:45:30:9d:b1:be:bd:d3:94:1c:da:
5a:45:8e:28:8f:a9:bf:ce:6e:57:ea:f2:91:5f:9b:
6c:52:1c:b6:4e:5b:a0:f0:4d:2a:c8:e3:5b:01:2a:
60:8c:c8:49:e2:f5:46:3d:1d:69:15:0f:34:a1:ae:
ff:f8:82:63:cc:71:91:25:39:f6:67:ca:50:7c:56:
97:1f:1a:eb:8d:7b:5c:31:ba:86:1c:16:7c:d2:89:
e5:55:05:f2:3f:f5:cd:a8:49:35:8c:c1:70:3e:a2:
71:76:8c:b4:ad:1a:88:11:7c:33:b1:80:98:3d:29:
d8:5d:65:31:2d:85:75:4f:47:61:d3:a4:e3:97:c7:
9d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:50:78:30:CF:BD:7D:AF:A3:17:92:DA:46:E9:CF:0F:CB:23:44:74
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ClB4MM-9fa-jF5LaRunPD8sjRHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.135.0/24
124.198.145.0/24
155.2.189.0/24
170.62.161.0/24
Signature Algorithm: sha256WithRSAEncryption
52:30:57:11:f8:9a:61:8c:ad:9c:16:3e:27:6c:64:ff:d9:58:
c1:ec:5a:95:af:08:46:08:29:2f:29:cd:3f:3b:91:1b:86:a0:
df:74:be:58:c7:e4:61:a2:d2:de:fe:4c:74:64:56:8f:17:69:
d6:e1:43:62:71:04:18:91:5d:ae:b2:f9:b2:c8:9a:10:48:7d:
2b:e2:b2:89:23:c1:82:eb:8f:aa:24:c8:dc:74:15:a1:ba:67:
b6:41:8e:e6:c5:59:10:d1:e9:8f:5c:4d:5f:d0:28:c1:43:87:
ed:c3:ed:87:45:94:a2:5b:87:f3:c8:46:01:57:eb:59:b0:48:
96:19:83:2f:77:d2:1f:d1:c6:8e:d3:fa:6c:c9:db:89:9e:5c:
c5:bd:23:d7:25:f2:ec:38:d3:3a:2a:b8:5f:18:85:49:73:29:
b2:29:72:da:3f:30:24:8d:c4:db:70:83:e8:42:93:43:69:50:
19:d2:29:b1:e7:4c:67:6e:90:60:38:02:8a:84:07:b6:09:66:
cc:3e:c0:ab:f7:f5:f7:c9:10:15:7b:b0:d2:02:2b:16:41:5e:
77:ce:84:06:72:fa:b2:c7:8b:3b:80:1b:69:a0:63:c6:bc:37:
1e:f2:32:ba:86:2b:42:f1:17:c8:4f:9a:20:52:fb:14:4b:5b:
84:a3:52:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfopS4kE1AgGzdkpu/nNSx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzA4MDYwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTUwNzgzMGNmYmQ3ZGFmYTMxNzkyZGE0NmU5Y2YwZmNiMjM0NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH57w/WPODBA0+Yw0NrZVnfHyCCC
i0Vx7Gjdqb9TIgAS3nyDaFLRolsWr9YdeTQngAh0sqQOq3Hk/9AzxxsOj+NQPnjQ
pdV8xdTkiA6kL8zcuTrs92qMFDYPjkX3jM3ZlwWJnDmZnlVE3kw+jJpoZAtHRO3Q
H2ztko3V/kUwnbG+vdOUHNpaRY4oj6m/zm5X6vKRX5tsUhy2Tlug8E0qyONbASpg
jMhJ4vVGPR1pFQ80oa7/+IJjzHGRJTn2Z8pQfFaXHxrrjXtcMbqGHBZ80onlVQXy
P/XNqEk1jMFwPqJxdoy0rRqIEXwzsYCYPSnYXWUxLYV1T0dh06Tjl8edZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFApQeDDPvX2voxeS2kbpzw/LI0R0MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvQ2xCNE1NLTlmYS1qRjVMYVJ1blBEOHNqUkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAfMaHAwQA
fMaRAwQAmwK9AwQAqj6hMA0GCSqGSIb3DQEBCwUAA4IBAQBSMFcR+JphjK2cFj4n
bGT/2VjB7FqVrwhGCCkvKc0/O5EbhqDfdL5Yx+RhotLe/kx0ZFaPF2nW4UNicQQY
kV2usvmyyJoQSH0r4rKJI8GC64+qJMjcdBWhume2QY7mxVkQ0emPXE1f0CjBQ4ft
w+2HRZSiW4fzyEYBV+tZsEiWGYMvd9If0caO0/psyduJnlzFvSPXJfLsONM6Krhf
GIVJcymyKXLaPzAkjcTbcIPoQpNDaVAZ0imx50xnbpBgOAKKhAe2CWbMPsCr9/X3
yRAVe7DSAisWQV53zoQGcvqyx4s7gBtpoGPGvDce8jK6hitC8RfIT5ogUvsUS1uE
o1LZ
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:25:39 2025 by rpki-client