Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/n74EAKMGXqJgP2R9Pib4d9cZ8gU.roa
File: n74EAKMGXqJgP2R9Pib4d9cZ8gU.roa (raw, json)
Hash identifier: kpiipg4VsN+sdpe4t1Ldu/cQR5AlEgreU2IUy/n3Exs=
Subject key identifier: 9F:BE:04:00:A3:06:5E:A2:60:3F:64:7D:3E:26:F8:77:D7:19:F2:05
Certificate issuer: /CN=efa842e67147252505f41551f0f735b7f72e3e97
Certificate serial: 0197DBB291D165CBA55FB4E4A1C83EFE3717
Authority key identifier: EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/n74EAKMGXqJgP2R9Pib4d9cZ8gU.roa
Signing time: Sat 05 Jul 2025 17:46:42 +0000
ROA not before: Sat 05 Jul 2025 17:46:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 185.165.188.0/24 maxlen: 24
185.165.191.0/24 maxlen: 24
195.144.21.0/24 maxlen: 24
2a07:85c1::/48 maxlen: 48
2a07:85c6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:db:b2:91:d1:65:cb:a5:5f:b4:e4:a1:c8:3e:fe:37:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa842e67147252505f41551f0f735b7f72e3e97
Validity
Not Before: Jul 5 17:46:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fbe0400a3065ea2603f647d3e26f877d719f205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:22:8d:0e:c4:c8:61:d5:ba:f1:a8:b3:35:
98:28:e9:98:e8:08:d5:77:b9:6b:1e:1f:7c:41:68:
03:39:58:f8:60:14:8c:0e:ce:86:51:22:c3:c2:ba:
45:46:9f:f1:4c:3a:72:9d:bb:3c:40:24:dc:b1:6c:
87:80:57:c7:56:c1:3a:ff:de:31:be:82:ac:84:1f:
34:26:c4:87:0e:d2:8b:c6:ea:17:a9:1e:40:c3:d8:
8b:55:d3:5b:a3:c9:a0:4f:d0:e6:13:d7:45:ad:dd:
34:c7:09:8c:1a:7a:2b:44:2a:af:57:a9:92:97:17:
c0:9b:38:3f:5f:3b:bf:1d:9b:c2:b4:89:bb:e5:ca:
64:37:3f:ef:a2:a4:ec:9e:78:ac:46:37:fd:16:41:
48:56:80:77:e1:01:69:a1:8c:cb:1b:e5:25:b0:94:
3f:37:39:83:f2:ee:71:d3:de:d3:3d:34:5f:8f:1c:
c5:f2:8f:69:7d:d0:66:8c:18:fa:65:30:dd:66:da:
da:37:4e:ba:bc:f4:85:62:6a:60:3d:31:42:22:14:
01:6a:c4:af:6a:fb:06:ab:04:78:e0:bb:b5:01:2c:
ab:27:02:15:ad:47:f2:ae:af:6e:d5:ce:47:23:1f:
e5:4e:38:3d:72:70:bb:3f:00:39:ae:eb:5c:32:bd:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BE:04:00:A3:06:5E:A2:60:3F:64:7D:3E:26:F8:77:D7:19:F2:05
X509v3 Authority Key Identifier:
keyid:EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/n74EAKMGXqJgP2R9Pib4d9cZ8gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.188.0/24
185.165.191.0/24
195.144.21.0/24
IPv6:
2a07:85c1::/48
2a07:85c6::/48
Signature Algorithm: sha256WithRSAEncryption
a0:ff:cc:68:54:63:67:a7:24:a9:54:15:91:89:52:54:a8:0a:
cf:08:fd:77:26:91:13:45:9a:d6:f8:64:77:9d:58:be:31:75:
85:c9:6c:28:6e:a8:9f:69:6c:3e:24:30:fa:36:fd:46:b7:73:
9f:49:80:69:e0:37:f1:69:dd:e6:fb:c1:4d:cc:76:16:e3:4d:
97:59:c7:70:ad:69:6f:54:cb:e6:b7:d9:d5:dd:84:21:2b:04:
02:38:d3:60:a9:e6:11:98:16:eb:fe:25:0f:23:fb:c0:f4:c6:
c7:5f:28:83:56:f9:62:e1:20:7b:80:b5:9c:9c:6b:05:ab:fb:
72:1f:5d:d5:67:6b:03:c7:c2:97:3f:d6:dd:d4:c7:b3:88:1f:
ae:15:ba:38:93:b5:99:7d:aa:f3:4f:b1:fc:f5:cd:f4:ab:7f:
d3:53:18:df:7a:a9:5f:a7:7b:4b:47:77:03:ec:d4:00:13:93:
95:fd:b8:cf:64:3e:5f:a3:4e:0a:e1:3b:8a:fd:6a:2f:15:65:
07:e5:04:02:b6:1e:06:b1:3b:f9:de:2e:5b:ce:cc:25:d3:1d:
16:2d:01:5c:3c:50:5a:ac:dc:6f:0c:80:6f:c6:05:f0:f4:14:
df:4b:ee:a1:87:1d:78:a6:0b:41:c8:4d:e7:6e:12:e1:88:a8:
c3:7e:96:95
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZfbspHRZculX7Tkocg+/jcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTg0MmU2NzE0NzI1MjUwNWY0MTU1MWYwZjczNWI3Zjcy
ZTNlOTcwHhcNMjUwNzA1MTc0NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJlMDQwMGEzMDY1ZWEyNjAzZjY0N2QzZTI2Zjg3N2Q3MTlmMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuQijQ7EyGHVuvGoszWYKOmY6AjV
d7lrHh98QWgDOVj4YBSMDs6GUSLDwrpFRp/xTDpynbs8QCTcsWyHgFfHVsE6/94x
voKshB80JsSHDtKLxuoXqR5Aw9iLVdNbo8mgT9DmE9dFrd00xwmMGnorRCqvV6mS
lxfAmzg/Xzu/HZvCtIm75cpkNz/voqTsnnisRjf9FkFIVoB34QFpoYzLG+UlsJQ/
NzmD8u5x097TPTRfjxzF8o9pfdBmjBj6ZTDdZtraN066vPSFYmpgPTFCIhQBasSv
avsGqwR44Lu1ASyrJwIVrUfyrq9u1c5HIx/lTjg9cnC7PwA5rutcMr34PQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJ++BACjBl6iYD9kfT4m+HfXGfIFMB8GA1UdIwQY
MBaAFO+oQuZxRyUlBfQVUfD3Nbf3Lj6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYt
OGUwYzMxMjIzZGI4LzEvbjc0RUFLTUdYcUpnUDJSOVBpYjRkOWNaOGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYtOGUwYzMxMjIzZGI4
LzEvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAuaW8AwQA
uaW/AwQAw5AVMBgEAgACMBIDBwAqB4XBAAADBwAqB4XGAAAwDQYJKoZIhvcNAQEL
BQADggEBAKD/zGhUY2enJKlUFZGJUlSoCs8I/XcmkRNFmtb4ZHedWL4xdYXJbChu
qJ9pbD4kMPo2/Ua3c59JgGngN/Fp3eb7wU3MdhbjTZdZx3CtaW9Uy+a32dXdhCEr
BAI402Cp5hGYFuv+JQ8j+8D0xsdfKINW+WLhIHuAtZycawWr+3IfXdVnawPHwpc/
1t3Ux7OIH64VujiTtZl9qvNPsfz1zfSrf9NTGN96qV+ne0tHdwPs1AATk5X9uM9k
Pl+jTgrhO4r9ai8VZQflBAK2HgaxO/neLlvOzCXTHRYtAVw8UFqs3G8MgG/GBfD0
FN9L7qGHHXimC0HITeduEuGIqMN+lpU=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:51:29 2025 by rpki-client