Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/rdvag5pHs9es_gyoqlFPFe0V7WI.roa
File: rdvag5pHs9es_gyoqlFPFe0V7WI.roa (raw, json)
Hash identifier: ckptdnrG1RV/ZZ5MTTowIZnIHeIBz++eWuv3IdAEj3A=
Subject key identifier: AD:DB:DA:83:9A:47:B3:D7:AC:FE:0C:A8:AA:51:4F:15:ED:15:ED:62
Certificate issuer: /CN=29275327a5e85f3c8c14c984036f493feb59b016
Certificate serial: 019807EB76CA61D7CF713C25D716FA75AA80
Authority key identifier: 29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/rdvag5pHs9es_gyoqlFPFe0V7WI.roa
Signing time: Mon 14 Jul 2025 07:52:08 +0000
ROA not before: Mon 14 Jul 2025 07:52:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51055
IP address blocks: 46.17.160.0/21 maxlen: 24
185.62.156.0/22 maxlen: 24
193.34.186.0/23 maxlen: 24
194.33.13.0/24 maxlen: 24
2a00:5f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:eb:76:ca:61:d7:cf:71:3c:25:d7:16:fa:75:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29275327a5e85f3c8c14c984036f493feb59b016
Validity
Not Before: Jul 14 07:52:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=addbda839a47b3d7acfe0ca8aa514f15ed15ed62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:b8:6d:b7:6e:61:46:2e:2f:ed:b0:8e:f5:
4e:18:68:ed:ab:f9:d8:9e:1b:33:0b:c2:24:6c:50:
35:8c:b0:81:65:e5:f9:df:f7:a4:64:d5:c4:d6:46:
03:24:8c:43:f4:e6:3d:8c:8f:4b:6b:3f:ab:d3:15:
23:f8:60:7b:44:cb:fd:1f:a2:72:e1:08:2a:16:5d:
da:e9:34:e5:8b:96:f9:58:cd:af:fd:0b:87:70:07:
08:43:4c:60:15:fe:5e:65:d6:f4:e9:1e:0e:b6:2b:
49:12:91:6f:b6:a3:9d:ec:dc:9c:3b:00:d1:a6:00:
98:d7:47:f4:af:fa:0d:78:ac:e5:c9:cd:b7:46:48:
6f:a4:e4:96:28:50:86:c6:61:82:6d:68:ed:70:09:
c0:ce:da:27:46:12:2b:e5:28:dc:cb:70:16:f5:d5:
ba:5f:c2:52:7f:b8:1c:3e:9c:89:7f:07:8a:cd:5b:
55:6e:08:3c:50:d3:2d:ce:a0:f5:c2:12:2b:ca:2c:
9e:0f:88:5b:20:00:d4:f4:48:3f:e0:3c:23:c1:7f:
1f:66:41:e1:22:02:35:a8:cc:64:e1:32:38:89:a0:
d3:32:64:13:0f:36:30:7b:4d:01:6d:54:07:12:ab:
68:b3:5c:ac:6a:3d:9e:a5:76:e1:3c:6c:b6:7f:b7:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DB:DA:83:9A:47:B3:D7:AC:FE:0C:A8:AA:51:4F:15:ED:15:ED:62
X509v3 Authority Key Identifier:
keyid:29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/rdvag5pHs9es_gyoqlFPFe0V7WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.160.0/21
185.62.156.0/22
193.34.186.0/23
194.33.13.0/24
IPv6:
2a00:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
57:00:2f:f5:a1:5d:b2:3d:a3:09:ce:00:5d:85:9f:f5:80:79:
fb:68:27:94:52:95:92:41:9f:65:07:82:8b:72:f6:56:b2:d2:
e6:77:b3:5d:58:34:8b:13:8c:d1:ab:e2:41:7c:d7:93:78:ee:
5f:c3:c6:c3:e8:69:b9:65:00:58:ad:a6:73:17:74:41:e5:30:
26:dc:2c:d6:6c:31:5d:20:18:cb:39:6f:c6:a2:cc:34:b1:8d:
2d:fb:a6:5f:70:2a:f7:14:7a:3f:b7:1b:c6:ab:f0:17:8b:63:
60:25:3c:78:16:42:0d:54:c6:2b:73:a7:5a:49:f7:11:5a:59:
c8:ff:ea:9d:c6:9a:c0:02:af:c5:05:ea:49:1d:d4:91:86:7c:
e7:5a:9c:8d:cd:ed:c5:7a:ce:bc:9d:ee:56:30:8d:13:7a:42:
92:e2:af:a5:d3:bd:f0:28:7f:27:4f:e4:cf:3b:6f:d6:7f:7d:
e7:f7:ce:7b:85:58:0f:c6:62:93:c0:d7:bb:c7:18:ba:3b:82:
8f:c1:5b:fb:52:0b:cf:65:4e:59:5f:d3:a7:15:c9:dd:54:2b:
53:8c:ff:68:f6:07:23:82:38:45:de:de:96:31:42:14:74:f1:
79:1c:cf:89:ef:52:63:04:b2:ac:8e:c5:60:2a:78:8a:cd:51:
e2:88:4a:d0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZgH63bKYdfPcTwl1xb6daqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Mjc1MzI3YTVlODVmM2M4YzE0Yzk4NDAzNmY0OTNmZWI1
OWIwMTYwHhcNMjUwNzE0MDc1MjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGRiZGE4MzlhNDdiM2Q3YWNmZTBjYThhYTUxNGYxNWVkMTVlZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3W4bbduYUYuL+2wjvVOGGjtq/nY
nhszC8IkbFA1jLCBZeX53/ekZNXE1kYDJIxD9OY9jI9Laz+r0xUj+GB7RMv9H6Jy
4QgqFl3a6TTli5b5WM2v/QuHcAcIQ0xgFf5eZdb06R4OtitJEpFvtqOd7NycOwDR
pgCY10f0r/oNeKzlyc23RkhvpOSWKFCGxmGCbWjtcAnAztonRhIr5Sjcy3AW9dW6
X8JSf7gcPpyJfweKzVtVbgg8UNMtzqD1whIryiyeD4hbIADU9Eg/4DwjwX8fZkHh
IgI1qMxk4TI4iaDTMmQTDzYwe00BbVQHEqtos1ysaj2epXbhPGy2f7dYEQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK3b2oOaR7PXrP4MqKpRTxXtFe1iMB8GA1UdIwQY
MBaAFCknUyel6F88jBTJhANvST/rWbAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUt
MTY2ZmRkMGIxODIyLzEvcmR2YWc1cEhzOWVzX2d5b3FsRlBGZTBWN1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUtMTY2ZmRkMGIxODIy
LzEvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhGgAwQC
uT6cAwQBwSK6AwQAwiENMA0EAgACMAcDBQAqAF8AMA0GCSqGSIb3DQEBCwUAA4IB
AQBXAC/1oV2yPaMJzgBdhZ/1gHn7aCeUUpWSQZ9lB4KLcvZWstLmd7NdWDSLE4zR
q+JBfNeTeO5fw8bD6Gm5ZQBYraZzF3RB5TAm3CzWbDFdIBjLOW/Gosw0sY0t+6Zf
cCr3FHo/txvGq/AXi2NgJTx4FkINVMYrc6daSfcRWlnI/+qdxprAAq/FBepJHdSR
hnznWpyNze3Fes68ne5WMI0TekKS4q+l073wKH8nT+TPO2/Wf33n9857hVgPxmKT
wNe7xxi6O4KPwVv7UgvPZU5ZX9OnFcndVCtTjP9o9gcjgjhF3t6WMUIUdPF5HM+J
71JjBLKsjsVgKniKzVHiiErQ
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:54:31 2025 by rpki-client