Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/DEevH22Wi04QRbJOwO4d8smPHc4.roa
File: DEevH22Wi04QRbJOwO4d8smPHc4.roa (raw, json)
Hash identifier: lImsxr/oLxOyCu15aYyI9u071sr3NbkINVw15WZ0xAM=
Subject key identifier: 0C:47:AF:1F:6D:96:8B:4E:10:45:B2:4E:C0:EE:1D:F2:C9:8F:1D:CE
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 01980E6925C8577E22A89E851EAA288510A3
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/DEevH22Wi04QRbJOwO4d8smPHc4.roa
Signing time: Tue 15 Jul 2025 14:07:08 +0000
ROA not before: Tue 15 Jul 2025 14:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35485
IP address blocks: 93.94.32.0/24 maxlen: 24
93.94.33.0/24 maxlen: 24
93.94.38.0/24 maxlen: 24
93.174.64.0/21 maxlen: 24
158.58.136.0/21 maxlen: 24
185.84.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:69:25:c8:57:7e:22:a8:9e:85:1e:aa:28:85:10:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Jul 15 14:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c47af1f6d968b4e1045b24ec0ee1df2c98f1dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:cc:2d:eb:8f:0d:91:b1:ac:a0:16:b1:9f:
27:b6:f5:57:1c:de:0f:f7:46:27:8f:18:6b:60:40:
f8:b2:1e:7b:eb:a8:5c:10:d4:b9:26:c7:19:d1:ab:
1f:69:67:43:3f:1c:b5:27:6f:b1:e2:37:b8:21:06:
b3:c2:d3:ce:53:14:47:10:c9:e8:3e:6c:b8:c5:24:
8a:11:65:f7:26:df:a1:91:3a:94:53:b0:2f:7a:90:
13:ef:a8:99:b9:96:dc:84:b9:48:2f:7d:b7:d0:0f:
91:91:65:dd:57:54:4f:45:84:b5:f7:b2:0f:7e:c8:
f5:f1:a6:5b:2c:33:9e:05:b6:b1:09:6d:ed:8c:d7:
29:84:c8:ea:4e:36:b9:ce:2e:37:91:87:ed:40:ea:
2b:0e:f9:e8:5e:30:a7:c7:0c:7e:e8:28:e9:86:06:
12:ac:c8:13:db:0f:4d:30:44:04:fe:65:04:2c:d9:
ef:bf:e6:e9:ab:d2:02:3c:1b:db:ba:45:93:15:2e:
b8:56:d2:06:45:27:c4:42:de:eb:44:41:c3:6e:d3:
77:03:95:30:95:ce:13:1d:14:bc:d6:70:cd:ed:36:
d3:a9:39:10:47:9f:3e:96:09:9b:5c:7b:ba:a2:32:
f4:f8:ff:a1:83:0a:9e:d6:28:14:9c:30:91:e8:fe:
14:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:47:AF:1F:6D:96:8B:4E:10:45:B2:4E:C0:EE:1D:F2:C9:8F:1D:CE
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/DEevH22Wi04QRbJOwO4d8smPHc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.32.0/23
93.94.38.0/24
93.174.64.0/21
158.58.136.0/21
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
52:fa:f7:ab:f7:84:44:dc:6e:ad:50:34:3f:84:28:af:ba:0e:
8c:7f:41:a6:19:b3:80:17:db:40:16:0e:15:7b:fd:28:fb:be:
a1:39:3c:e6:53:ff:ae:70:4f:aa:5c:b7:9f:c9:4d:2a:f5:8a:
99:9c:eb:e8:ac:db:85:a0:ce:c4:73:cd:d5:f0:28:3f:ea:f4:
2b:d3:29:77:da:74:c4:61:5c:90:fa:91:6f:0d:05:67:53:63:
a0:ba:db:4a:f7:c0:af:c5:4f:13:aa:13:69:4f:b2:2e:97:f6:
8f:de:21:f5:cb:03:88:0d:2a:09:91:93:fa:b3:48:07:d7:1c:
b8:1d:6f:9d:c8:1a:ee:66:72:ce:60:d3:65:e5:85:f1:1f:8d:
53:0a:5c:54:ec:19:b4:15:92:70:75:11:bc:5d:dc:94:c1:ba:
49:00:7a:9c:91:f8:68:b9:e9:3e:ea:1f:6e:be:f3:8a:8b:6a:
3f:19:ab:4a:17:d9:7c:fb:58:a8:67:35:58:c8:ca:9e:b9:45:
1c:90:ef:84:0c:2a:17:b6:82:f7:1e:ad:97:d6:3c:2b:87:d0:
9a:42:3c:fc:b1:d9:4d:16:37:1b:62:96:c7:fa:02:9d:64:fb:
fc:e6:cd:20:5a:57:10:e1:1d:71:f0:14:78:24:82:60:73:47:
fb:f6:bd:13
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgOaSXIV34iqJ6FHqoohRCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwNzE1MTQwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ3YWYxZjZkOTY4YjRlMTA0NWIyNGVjMGVlMWRmMmM5OGYxZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV/MLeuPDZGxrKAWsZ8ntvVXHN4P
90YnjxhrYED4sh5766hcENS5JscZ0asfaWdDPxy1J2+x4je4IQazwtPOUxRHEMno
Pmy4xSSKEWX3Jt+hkTqUU7AvepAT76iZuZbchLlIL3230A+RkWXdV1RPRYS197IP
fsj18aZbLDOeBbaxCW3tjNcphMjqTja5zi43kYftQOorDvnoXjCnxwx+6CjphgYS
rMgT2w9NMEQE/mUELNnvv+bpq9ICPBvbukWTFS64VtIGRSfEQt7rREHDbtN3A5Uw
lc4THRS81nDN7TbTqTkQR58+lgmbXHu6ojL0+P+hgwqe1igUnDCR6P4UwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAxHrx9tlotOEEWyTsDuHfLJjx3OMB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvREVldkgyMldpMDRRUmJKT3dPNGQ4c21QSGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBXV4gAwQA
XV4mAwQDXa5AAwQDnjqIAwQCuVSwMA0GCSqGSIb3DQEBCwUAA4IBAQBS+ver94RE
3G6tUDQ/hCivug6Mf0GmGbOAF9tAFg4Ve/0o+76hOTzmU/+ucE+qXLefyU0q9YqZ
nOvorNuFoM7Ec83V8Cg/6vQr0yl32nTEYVyQ+pFvDQVnU2OguttK98CvxU8TqhNp
T7Iul/aP3iH1ywOIDSoJkZP6s0gH1xy4HW+dyBruZnLOYNNl5YXxH41TClxU7Bm0
FZJwdRG8XdyUwbpJAHqckfhouek+6h9uvvOKi2o/GatKF9l8+1ioZzVYyMqeuUUc
kO+EDCoXtoL3Hq2X1jwrh9CaQjz8sdlNFjcbYpbH+gKdZPv85s0gWlcQ4R1x8BR4
JIJgc0f79r0T
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:19:14 2025 by rpki-client