Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/138IAUG567pgjcpYHEmIMDYySEw.roa
File: 138IAUG567pgjcpYHEmIMDYySEw.roa (raw, json)
Hash identifier: R2DtFNV+ENO5hXPcHvNMvEoCXrlmajojy1f01qb1Cwc=
Subject key identifier: D7:7F:08:01:41:B9:EB:BA:60:8D:CA:58:1C:49:88:30:36:32:48:4C
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 01981DCEC0BD13D18A6956402F26A2F03871
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/138IAUG567pgjcpYHEmIMDYySEw.roa
Signing time: Fri 18 Jul 2025 13:52:25 +0000
ROA not before: Fri 18 Jul 2025 13:52:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.148.218.0/23 maxlen: 24
185.11.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:ce:c0:bd:13:d1:8a:69:56:40:2f:26:a2:f0:38:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jul 18 13:52:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d77f080141b9ebba608dca581c4988303632484c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:73:5f:bc:44:0b:9d:4f:e9:7c:37:15:67:72:
6f:7d:e1:dd:32:b1:85:bd:87:d6:a3:13:16:cc:37:
48:98:a6:c5:fb:5c:9e:00:71:2c:24:9f:81:f0:65:
31:82:9b:c1:fa:82:47:b1:89:ec:56:53:a5:af:17:
eb:76:86:30:da:1b:62:01:cf:43:db:62:e2:ba:b9:
8c:e3:46:12:1d:15:3c:99:8a:2f:23:d4:11:25:62:
aa:56:33:37:45:ab:a7:16:48:ad:47:0e:64:4b:d6:
cf:88:f3:58:e7:1a:58:6b:a0:1e:ad:82:2e:6d:c5:
21:5e:97:4e:94:74:98:27:db:2e:16:a4:cd:6b:97:
f7:0e:74:b4:c1:33:df:4c:4f:84:49:70:e7:b4:5d:
76:ae:79:06:94:9e:ea:5c:bf:a4:d6:ac:14:74:87:
8f:c0:91:09:df:6c:50:6a:2c:03:27:a8:f1:a6:a2:
0c:fb:9b:f9:55:c1:58:96:95:1f:c2:49:18:a8:2c:
72:8b:3b:13:22:b6:e1:6c:f2:84:7b:a4:65:35:3d:
cc:84:ff:30:f1:55:96:51:3e:ee:7d:7a:a9:bf:8b:
be:71:0e:06:a9:8c:90:5d:49:32:44:72:e7:2d:70:
47:4d:ad:84:90:88:78:76:14:6e:6d:fa:b0:f8:05:
d0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7F:08:01:41:B9:EB:BA:60:8D:CA:58:1C:49:88:30:36:32:48:4C
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/138IAUG567pgjcpYHEmIMDYySEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.218.0/23
185.11.142.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:28:c2:8c:4c:26:6d:9f:aa:1b:24:7e:05:af:38:e8:4d:d6:
19:b6:39:38:3c:ea:16:d6:4a:ab:0a:81:c9:d2:17:9b:90:76:
94:00:ee:9c:8e:c3:0d:46:51:90:c7:06:4d:84:29:02:df:09:
a1:b5:50:77:a8:30:01:30:30:8d:02:21:2d:2e:c1:c2:15:a8:
9c:27:73:4a:45:e2:3b:4e:77:dd:0a:da:eb:0d:2c:35:0e:41:
32:6f:3d:d5:11:77:da:f0:66:08:d6:d1:5b:c2:ec:0f:01:ee:
3d:52:25:34:2f:69:97:ba:7c:28:71:41:41:e6:0b:2c:55:cd:
aa:74:e6:59:b8:9c:a7:a4:76:50:d6:fb:04:b8:24:25:e9:f5:
e5:e9:ad:44:5b:93:05:b8:db:56:13:f0:48:c7:a7:f7:87:6b:
6a:9f:e8:d0:6d:fe:be:00:95:37:3e:e0:ed:6b:e5:45:3f:db:
d7:7e:4f:cb:6c:db:21:0a:77:2d:53:e6:6e:b3:75:3a:07:29:
68:e6:3e:09:37:45:bd:9a:10:bf:fc:85:6f:3a:3c:1c:65:39:
4e:18:3a:35:5e:06:24:90:2f:15:e0:1e:79:a6:9e:5a:51:20:
03:1e:35:cb:58:f5:41:a5:4e:a7:71:0d:c3:1b:b5:4f:83:6a:
31:66:94:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgdzsC9E9GKaVZALyai8DhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjUwNzE4MTM1MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzdmMDgwMTQxYjllYmJhNjA4ZGNhNTgxYzQ5ODgzMDM2MzI0ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3NfvEQLnU/pfDcVZ3JvfeHdMrGF
vYfWoxMWzDdImKbF+1yeAHEsJJ+B8GUxgpvB+oJHsYnsVlOlrxfrdoYw2htiAc9D
22LiurmM40YSHRU8mYovI9QRJWKqVjM3RaunFkitRw5kS9bPiPNY5xpYa6AerYIu
bcUhXpdOlHSYJ9suFqTNa5f3DnS0wTPfTE+ESXDntF12rnkGlJ7qXL+k1qwUdIeP
wJEJ32xQaiwDJ6jxpqIM+5v5VcFYlpUfwkkYqCxyizsTIrbhbPKEe6RlNT3MhP8w
8VWWUT7ufXqpv4u+cQ4GqYyQXUkyRHLnLXBHTa2EkIh4dhRubfqw+AXQ/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNd/CAFBueu6YI3KWBxJiDA2MkhMMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvMTM4SUFVRzU2N3BnamNwWUhFbUlNRFl5U0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJZTaAwQB
uQuOMA0GCSqGSIb3DQEBCwUAA4IBAQAbKMKMTCZtn6obJH4FrzjoTdYZtjk4POoW
1kqrCoHJ0hebkHaUAO6cjsMNRlGQxwZNhCkC3wmhtVB3qDABMDCNAiEtLsHCFaic
J3NKReI7TnfdCtrrDSw1DkEybz3VEXfa8GYI1tFbwuwPAe49UiU0L2mXunwocUFB
5gssVc2qdOZZuJynpHZQ1vsEuCQl6fXl6a1EW5MFuNtWE/BIx6f3h2tqn+jQbf6+
AJU3PuDta+VFP9vXfk/LbNshCnctU+Zus3U6Bylo5j4JN0W9mhC//IVvOjwcZTlO
GDo1XgYkkC8V4B55pp5aUSADHjXLWPVBpU6ncQ3DG7VPg2oxZpSA
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:44:17 2025 by rpki-client