Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/x-kYYvQnpFVI9A8BDZrczMpvk9g.roa
File: x-kYYvQnpFVI9A8BDZrczMpvk9g.roa (raw, json)
Hash identifier: xYse+Z/os7K/hYhRQWp4i3zYpgOqPTsivIsSXhYdfyk=
Subject key identifier: C7:E9:18:62:F4:27:A4:55:48:F4:0F:01:0D:9A:DC:CC:CA:6F:93:D8
Certificate issuer: /CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Certificate serial: 0197D1221A6CE5CDB64B895DA8A566A69E78
Authority key identifier: 0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/x-kYYvQnpFVI9A8BDZrczMpvk9g.roa
Signing time: Thu 03 Jul 2025 16:32:42 +0000
ROA not before: Thu 03 Jul 2025 16:32:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206236
IP address blocks: 45.14.232.0/22 maxlen: 22
185.50.255.0/24 maxlen: 24
195.245.66.0/24 maxlen: 24
2a0e:1580::/29 maxlen: 29
2a10:1a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d1:22:1a:6c:e5:cd:b6:4b:89:5d:a8:a5:66:a6:9e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Validity
Not Before: Jul 3 16:32:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7e91862f427a45548f40f010d9adcccca6f93d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d4:0d:0e:75:06:2c:49:0b:6c:f3:5b:f4:00:
c6:53:45:63:66:7a:d1:a0:b2:e9:0e:85:08:df:ee:
f0:cd:93:a0:61:a5:9e:82:ac:44:49:f9:8a:4d:22:
f8:23:bf:a5:ce:91:8c:3d:29:39:b5:df:be:d4:e8:
20:8f:7b:9e:3f:31:a4:aa:9d:83:52:35:56:36:55:
83:a8:76:fb:26:ca:7b:a5:73:99:65:b1:aa:b6:c1:
d6:9e:c4:bb:8f:be:0b:b2:e5:15:74:36:a4:38:67:
b1:07:43:8e:85:17:f7:7b:fc:2c:8b:53:a4:39:fb:
f9:6d:37:ca:c7:91:33:d2:bd:92:5b:78:07:63:32:
33:ec:78:42:5c:6b:ad:37:39:b1:8a:64:ff:73:27:
76:d8:cc:a7:4c:0e:c1:78:58:ee:71:8e:1b:a6:87:
98:a3:49:24:3d:b7:f4:26:e1:18:08:19:3d:23:6f:
a6:77:17:f8:04:48:1a:d6:4f:50:a0:61:e5:d2:20:
55:a1:a6:dd:a2:de:2d:96:ba:00:b5:97:94:f3:53:
ab:8c:e1:f7:7b:99:eb:7d:c5:4a:ad:97:55:95:0c:
6a:6a:03:4a:57:4d:c8:0a:b6:18:32:d3:a7:86:f9:
4d:b2:1c:c6:4c:f8:4b:28:82:bc:ff:fb:52:44:a5:
7d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E9:18:62:F4:27:A4:55:48:F4:0F:01:0D:9A:DC:CC:CA:6F:93:D8
X509v3 Authority Key Identifier:
keyid:0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/x-kYYvQnpFVI9A8BDZrczMpvk9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.232.0/22
185.50.255.0/24
195.245.66.0/24
IPv6:
2a0e:1580::/29
2a10:1a40::/29
Signature Algorithm: sha256WithRSAEncryption
48:af:7e:10:55:08:5b:08:08:48:6c:a5:1d:d2:fd:1f:19:0f:
91:fb:54:0b:b5:58:33:3c:d8:9e:0a:46:57:47:39:37:68:c7:
32:35:1f:d9:d4:25:60:63:68:21:69:9c:f3:fd:52:cf:b6:45:
e9:e0:b1:2c:6f:c8:ba:3d:d1:d5:d0:4b:f0:f2:9d:dc:06:5f:
07:e4:08:67:0a:7d:48:7a:d6:a0:72:67:45:b8:98:ae:1c:45:
e6:52:48:b5:5c:3c:18:fa:a9:8f:50:19:b9:32:d1:4b:80:23:
3a:f2:e1:41:ec:f8:9b:66:08:d6:b0:ec:d8:f9:b9:ba:53:b2:
75:3b:bd:31:b2:d2:d7:e6:7b:f3:42:41:8b:32:7a:71:77:74:
3e:b0:2b:11:fd:12:cc:14:cb:05:63:f5:48:53:3b:f6:43:c4:
ca:d2:74:58:29:80:a1:09:32:71:9b:b2:47:aa:eb:68:6f:23:
26:54:42:83:83:17:5d:f6:e4:17:96:bf:0e:1b:92:97:32:a3:
5e:6f:2b:0e:43:cd:b9:ee:03:b6:a9:5e:2b:79:c9:0d:10:53:
76:9f:ba:e0:57:3e:14:89:a9:28:a3:d8:9d:e1:33:38:52:a8:
39:6f:8a:2b:e3:7d:ce:63:22:37:20:5d:9e:4c:41:93:18:4e:
d9:88:57:8d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZfRIhps5c22S4ldqKVmpp54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWJjZWU0ZDIzMzc5YWVkODFhZWNmZmM3YTc0MmIzNWFj
ZGRkYjMwHhcNMjUwNzAzMTYzMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U5MTg2MmY0MjdhNDU1NDhmNDBmMDEwZDlhZGNjY2NhNmY5M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dQNDnUGLEkLbPNb9ADGU0VjZnrR
oLLpDoUI3+7wzZOgYaWegqxESfmKTSL4I7+lzpGMPSk5td++1Oggj3uePzGkqp2D
UjVWNlWDqHb7Jsp7pXOZZbGqtsHWnsS7j74LsuUVdDakOGexB0OOhRf3e/wsi1Ok
Ofv5bTfKx5Ez0r2SW3gHYzIz7HhCXGutNzmximT/cyd22MynTA7BeFjucY4bpoeY
o0kkPbf0JuEYCBk9I2+mdxf4BEga1k9QoGHl0iBVoabdot4tlroAtZeU81OrjOH3
e5nrfcVKrZdVlQxqagNKV03ICrYYMtOnhvlNshzGTPhLKIK8//tSRKV9IQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMfpGGL0J6RVSPQPAQ2a3MzKb5PYMB8GA1UdIwQY
MBaAFAvrzuTSM3mu2Brs/8enQrNazd2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUt
OTlhMTFmNjM4NWFiLzEveC1rWVl2UW5wRlZJOUE4QkRacmN6TXB2azlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUtOTlhMTFmNjM4NWFi
LzEvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQ7oAwQA
uTL/AwQAw/VCMBQEAgACMA4DBQMqDhWAAwUDKhAaQDANBgkqhkiG9w0BAQsFAAOC
AQEASK9+EFUIWwgISGylHdL9HxkPkftUC7VYMzzYngpGV0c5N2jHMjUf2dQlYGNo
IWmc8/1Sz7ZF6eCxLG/Iuj3R1dBL8PKd3AZfB+QIZwp9SHrWoHJnRbiYrhxF5lJI
tVw8GPqpj1AZuTLRS4AjOvLhQez4m2YI1rDs2Pm5ulOydTu9MbLS1+Z780JBizJ6
cXd0PrArEf0SzBTLBWP1SFM79kPEytJ0WCmAoQkycZuyR6rraG8jJlRCg4MXXfbk
F5a/DhuSlzKjXm8rDkPNue4DtqleK3nJDRBTdp+64Fc+FImpKKPYneEzOFKoOW+K
K+N9zmMiNyBdnkxBkxhO2YhXjQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:50:52 2025 by rpki-client