Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AgzTp5ihfP6P8fcCsDqQBj7XSB0.roa
File: AgzTp5ihfP6P8fcCsDqQBj7XSB0.roa (raw, json)
Hash identifier: RWh6dHyjo8NQ255EQC3/ynpzRCPgIN7Cx/9C09dtlj0=
Subject key identifier: 02:0C:D3:A7:98:A1:7C:FE:8F:F1:F7:02:B0:3A:90:06:3E:D7:48:1D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01980A91DFFA18EF345E60949BE01D9A8F36
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AgzTp5ihfP6P8fcCsDqQBj7XSB0.roa
Signing time: Mon 14 Jul 2025 20:13:08 +0000
ROA not before: Mon 14 Jul 2025 20:13:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 19:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:91:df:fa:18:ef:34:5e:60:94:9b:e0:1d:9a:8f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 14 20:13:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=020cd3a798a17cfe8ff1f702b03a90063ed7481d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:04:44:ac:13:c3:92:bb:8f:01:b4:03:14:53:
55:08:92:f7:56:30:b5:31:f6:0f:67:44:d0:3a:c5:
9e:07:45:f1:07:68:5b:9e:54:c8:4b:c3:c9:16:cc:
27:6b:35:41:d8:df:7d:82:de:88:42:22:36:21:74:
d7:eb:a9:a6:45:5b:57:13:83:2c:67:54:64:20:a5:
96:27:ce:11:a8:f3:e6:8b:3a:c0:45:fc:e2:df:78:
b5:d8:87:e6:a9:ce:17:2f:d6:ff:98:79:47:6a:18:
7e:87:5d:62:e7:26:cf:87:f5:73:13:9d:13:74:15:
3d:cc:1d:17:c9:b1:ff:29:b2:7a:c1:a9:0c:3f:a1:
be:dc:f9:f6:98:e1:16:ab:a6:3e:b9:bb:d8:8f:84:
24:a3:f9:59:f9:d3:85:3f:00:62:cd:b0:e3:0b:40:
25:f3:34:4e:37:e0:54:09:9b:80:c0:4e:c0:33:f6:
3d:08:f1:69:39:7e:46:d0:73:a3:e9:de:7a:53:01:
db:d8:7f:32:cf:c2:8f:1b:ec:2e:dc:a8:78:e6:9e:
a6:c8:00:c8:29:df:3d:34:d1:e5:be:76:33:3c:5e:
f5:25:3b:03:3b:5d:88:8b:6f:45:61:f2:ac:31:27:
2a:7b:ab:1d:96:21:23:73:de:c9:89:08:e2:2b:0d:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0C:D3:A7:98:A1:7C:FE:8F:F1:F7:02:B0:3A:90:06:3E:D7:48:1D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AgzTp5ihfP6P8fcCsDqQBj7XSB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.0.0/24
212.192.7.0-212.192.8.255
212.192.10.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
79:f9:c3:29:dc:d5:1b:8c:2a:23:c1:c5:a0:93:d9:7c:41:ac:
b1:54:18:0e:0d:60:1a:14:1a:e4:2b:4f:d2:bb:82:ef:16:d2:
49:0d:53:56:17:7c:08:93:05:bc:9f:84:a2:95:cc:99:5c:3c:
fe:11:54:de:71:69:0d:f7:03:4f:9b:1c:e0:19:b5:96:4a:07:
35:f4:6b:bc:e3:3a:a3:06:63:df:31:fd:13:0c:e8:68:9a:04:
a1:df:3e:5b:87:63:62:ba:42:fa:1c:be:b7:ad:76:87:df:45:
7c:14:e9:57:8f:29:34:fb:ea:28:24:32:a4:e2:3e:98:fa:5d:
87:1e:95:f1:bf:d5:b1:8e:fd:1d:fe:57:56:98:f5:d4:65:6d:
67:e1:35:ae:47:b7:e4:e4:2a:ef:da:91:a9:7f:0c:ec:22:48:
03:3c:d7:9c:10:40:22:cc:1a:39:94:16:9f:90:cd:6b:c2:6c:
43:b3:bd:73:08:19:6f:51:14:0e:4c:3e:37:e8:88:b0:d7:30:
0c:73:91:50:e8:39:4a:de:af:af:e6:e4:58:7f:df:54:72:d4:
49:6f:27:6e:ec:1e:83:a3:20:48:e4:bd:3f:18:ea:67:65:66:
26:3e:5e:6e:a8:fe:75:ab:cf:4a:74:8f:f0:21:9e:d1:7d:09:
48:65:70:ff
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZgKkd/6GO80XmCUm+Admo82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNzE0MjAxMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBjZDNhNzk4YTE3Y2ZlOGZmMWY3MDJiMDNhOTAwNjNlZDc0ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwRErBPDkruPAbQDFFNVCJL3VjC1
MfYPZ0TQOsWeB0XxB2hbnlTIS8PJFswnazVB2N99gt6IQiI2IXTX66mmRVtXE4Ms
Z1RkIKWWJ84RqPPmizrARfzi33i12Ifmqc4XL9b/mHlHahh+h11i5ybPh/VzE50T
dBU9zB0XybH/KbJ6wakMP6G+3Pn2mOEWq6Y+ubvYj4Qko/lZ+dOFPwBizbDjC0Al
8zRON+BUCZuAwE7AM/Y9CPFpOX5G0HOj6d56UwHb2H8yz8KPG+wu3Kh45p6myADI
Kd89NNHlvnYzPF71JTsDO12Ii29FYfKsMScqe6sdliEjc97JiQjiKw2HswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAIM06eYoXz+j/H3ArA6kAY+10gdMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQWd6VHA1aWhmUDZQOGZjQ3NEcVFCajdYU0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1MAAMAwD
BADUwAcDBADUwAgDBADUwAoDBADUwB4wDQYJKoZIhvcNAQELBQADggEBAHn5wync
1RuMKiPBxaCT2XxBrLFUGA4NYBoUGuQrT9K7gu8W0kkNU1YXfAiTBbyfhKKVzJlc
PP4RVN5xaQ33A0+bHOAZtZZKBzX0a7zjOqMGY98x/RMM6GiaBKHfPluHY2K6Qvoc
vretdoffRXwU6VePKTT76igkMqTiPpj6XYcelfG/1bGO/R3+V1aY9dRlbWfhNa5H
t+TkKu/akal/DOwiSAM815wQQCLMGjmUFp+QzWvCbEOzvXMIGW9RFA5MPjfoiLDX
MAxzkVDoOUrer6/m5Fh/31Ry1ElvJ27sHoOjIEjkvT8Y6mdlZiY+Xm6o/nWrz0p0
j/AhntF9CUhlcP8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:18:07 2025 by rpki-client