Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/7jIqwtDbMy9vdRo0YUm5EEwEiSU.roa
File: 7jIqwtDbMy9vdRo0YUm5EEwEiSU.roa (raw, json)
Hash identifier: zcVysxxJ8InMIpqNYEgmGN9PoMJVnhc3HSBD/6SlWos=
Subject key identifier: EE:32:2A:C2:D0:DB:33:2F:6F:75:1A:34:61:49:B9:10:4C:04:89:25
Certificate issuer: /CN=6055026307a36eec5e681c3948aef53a27f99736
Certificate serial: 019815229892D1740E340294E53B8FD4124C
Authority key identifier: 60:55:02:63:07:A3:6E:EC:5E:68:1C:39:48:AE:F5:3A:27:F9:97:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFUCYwejbuxeaBw5SK71Oif5lzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/7jIqwtDbMy9vdRo0YUm5EEwEiSU.roa
Signing time: Wed 16 Jul 2025 21:27:25 +0000
ROA not before: Wed 16 Jul 2025 21:27:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198277
IP address blocks: 109.197.184.0/21 maxlen: 21
109.197.185.0/24 maxlen: 24
109.197.187.0/24 maxlen: 24
109.197.188.0/22 maxlen: 22
185.218.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/YFUCYwejbuxeaBw5SK71Oif5lzY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/YFUCYwejbuxeaBw5SK71Oif5lzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFUCYwejbuxeaBw5SK71Oif5lzY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:15:22:98:92:d1:74:0e:34:02:94:e5:3b:8f:d4:12:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6055026307a36eec5e681c3948aef53a27f99736
Validity
Not Before: Jul 16 21:27:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee322ac2d0db332f6f751a346149b9104c048925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:aa:2b:95:00:15:a8:26:69:b3:b6:1f:d1:
0e:82:91:6a:c6:c9:c1:82:29:7c:08:21:20:3b:64:
72:2c:a3:56:d7:f3:eb:a3:79:67:de:e1:7e:d6:93:
d5:6d:8d:bd:1e:11:cc:e9:00:8c:fb:b9:6f:29:5a:
2c:f8:c2:fd:01:80:6c:99:fb:1b:d3:a9:01:97:27:
b4:0f:7f:a2:0e:d5:33:86:4f:27:b0:80:da:ba:0c:
16:49:e0:d0:ad:a1:5f:26:30:61:8a:50:9b:7f:d2:
41:ce:75:bc:57:d4:59:c8:63:60:f3:bc:69:3b:15:
49:10:5c:46:a4:87:79:a9:13:e2:61:91:5a:18:99:
a9:bf:59:97:3a:bd:6e:7d:7b:4f:ef:25:26:2d:9e:
93:2d:a4:1b:27:7d:ee:26:03:2e:1f:f5:d5:f2:b1:
15:ba:14:19:b3:60:ef:a8:fd:08:d7:cc:30:51:e7:
db:44:e8:af:02:52:d5:76:1e:d8:36:94:f2:08:80:
51:04:8f:7f:fe:0b:ea:0b:ad:19:d2:e7:d7:a1:58:
07:de:d2:7d:dd:df:c8:c3:06:7f:6c:c9:91:95:c0:
aa:3f:51:67:cf:21:ab:6d:97:63:17:c3:2b:b1:9e:
cc:af:8e:67:40:7a:fb:78:b3:51:01:75:26:5a:48:
14:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:32:2A:C2:D0:DB:33:2F:6F:75:1A:34:61:49:B9:10:4C:04:89:25
X509v3 Authority Key Identifier:
keyid:60:55:02:63:07:A3:6E:EC:5E:68:1C:39:48:AE:F5:3A:27:F9:97:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFUCYwejbuxeaBw5SK71Oif5lzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/7jIqwtDbMy9vdRo0YUm5EEwEiSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9aa858-e1be-40e9-bd9a-0ee63357d847/1/YFUCYwejbuxeaBw5SK71Oif5lzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.184.0/21
185.218.106.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:cf:fe:2f:ab:4d:bd:e0:33:d5:89:45:76:ba:f2:bc:58:0a:
e5:44:83:00:48:b8:05:e3:e0:5e:bd:90:b3:d2:9d:e9:e3:17:
29:ec:50:ad:68:3b:1c:00:fe:70:59:e9:08:a7:23:98:38:3c:
31:fa:86:5d:dc:73:e8:73:6a:d7:55:19:50:aa:93:7e:51:f5:
3c:24:7a:21:ca:11:2c:13:ec:7a:e7:ba:d3:04:d7:95:d7:c0:
68:ba:39:83:5a:a6:79:9c:09:49:0e:58:dc:a6:d8:25:34:86:
82:85:49:1c:0b:3d:11:3c:dc:3a:70:00:12:f4:c0:3e:1a:18:
51:cb:bb:00:e1:bd:17:bb:c8:17:65:41:93:51:9a:9b:cd:61:
88:72:a4:87:3f:1b:36:f0:05:ea:36:c1:4d:40:0e:5f:c5:e6:
c4:9f:5c:7e:8d:6d:b0:f9:d7:00:76:2c:fb:b8:b8:48:f5:15:
ec:cd:e7:94:b7:5f:97:46:b1:91:a9:c1:d8:c6:06:14:ff:ab:
aa:1a:4e:50:03:01:b2:8e:a5:6f:6d:c3:e8:1e:e8:a3:19:25:
c5:6f:8a:a6:75:93:dd:4f:b1:6a:c3:98:ae:14:ea:84:68:18:
e9:49:69:52:18:68:d0:6b:9b:40:2e:fe:f0:1c:64:f3:71:91:
4a:c6:36:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgVIpiS0XQONAKU5TuP1BJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTUwMjYzMDdhMzZlZWM1ZTY4MWMzOTQ4YWVmNTNhMjdm
OTk3MzYwHhcNMjUwNzE2MjEyNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMyMmFjMmQwZGIzMzJmNmY3NTFhMzQ2MTQ5YjkxMDRjMDQ4OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxeqK5UAFagmabO2H9EOgpFqxsnB
gil8CCEgO2RyLKNW1/Pro3ln3uF+1pPVbY29HhHM6QCM+7lvKVos+ML9AYBsmfsb
06kBlye0D3+iDtUzhk8nsIDaugwWSeDQraFfJjBhilCbf9JBznW8V9RZyGNg87xp
OxVJEFxGpId5qRPiYZFaGJmpv1mXOr1ufXtP7yUmLZ6TLaQbJ33uJgMuH/XV8rEV
uhQZs2DvqP0I18wwUefbROivAlLVdh7YNpTyCIBRBI9//gvqC60Z0ufXoVgH3tJ9
3d/IwwZ/bMmRlcCqP1FnzyGrbZdjF8MrsZ7Mr45nQHr7eLNRAXUmWkgU1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO4yKsLQ2zMvb3UaNGFJuRBMBIklMB8GA1UdIwQY
MBaAFGBVAmMHo27sXmgcOUiu9Ton+Zc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZVQ1l3ZWpidXhlYUJ3NVNLNzFPaWY1bHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWE4NTgtZTFiZS00MGU5LWJkOWEt
MGVlNjMzNTdkODQ3LzEvN2pJcXd0RGJNeTl2ZFJvMFlVbTVFRXdFaVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWE4NTgtZTFiZS00MGU5LWJkOWEtMGVlNjMzNTdkODQ3
LzEvWUZVQ1l3ZWpidXhlYUJ3NVNLNzFPaWY1bHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbcW4AwQA
udpqMA0GCSqGSIb3DQEBCwUAA4IBAQCfz/4vq0294DPViUV2uvK8WArlRIMASLgF
4+BevZCz0p3p4xcp7FCtaDscAP5wWekIpyOYODwx+oZd3HPoc2rXVRlQqpN+UfU8
JHohyhEsE+x657rTBNeV18BoujmDWqZ5nAlJDljcptglNIaChUkcCz0RPNw6cAAS
9MA+GhhRy7sA4b0Xu8gXZUGTUZqbzWGIcqSHPxs28AXqNsFNQA5fxebEn1x+jW2w
+dcAdiz7uLhI9RXszeeUt1+XRrGRqcHYxgYU/6uqGk5QAwGyjqVvbcPoHuijGSXF
b4qmdZPdT7Fqw5iuFOqEaBjpSWlSGGjQa5tALv7wHGTzcZFKxjbE
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:16:44 2025 by rpki-client