Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa
File: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (raw, json)
Hash identifier: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=
Subject key identifier: 8A:B3:F1:EC:B3:D6:99:A0:C1:63:EF:C0:6E:61:B0:DD:61:44:85:A4
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0198103CE6209CA03A50F10337C6A1C16E58
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa
Signing time: Tue 15 Jul 2025 22:38:03 +0000
ROA not before: Tue 15 Jul 2025 22:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36218
IP address blocks: 192.250.237.0/24 maxlen: 24
192.250.238.0/24 maxlen: 24
199.103.56.0/23 maxlen: 23
199.103.59.0/24 maxlen: 24
199.103.60.0/22 maxlen: 22
208.69.56.0/22 maxlen: 22
208.88.4.0/22 maxlen: 22
209.42.24.0/24 maxlen: 24
209.42.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:10:3c:e6:20:9c:a0:3a:50:f1:03:37:c6:a1:c1:6e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jul 15 22:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ab3f1ecb3d699a0c163efc06e61b0dd614485a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:54:d9:25:78:01:66:7b:94:13:c5:28:45:
f9:4f:30:29:83:46:eb:78:d4:98:a3:bc:a5:61:1c:
fb:b2:eb:8f:94:e2:88:28:61:bb:e5:5b:7f:e1:8a:
f9:e7:4c:e3:44:f2:3a:f4:96:1a:f5:11:5f:b9:07:
d3:12:c3:47:c5:48:cf:bc:f6:61:cb:34:92:5c:25:
d4:03:69:e0:b8:7b:2e:41:43:4a:27:df:6d:b7:98:
d7:a8:f4:14:f1:61:39:c3:de:d4:51:82:4e:3f:f9:
4d:8f:84:ad:55:93:fb:0e:3f:04:c3:20:a9:68:d2:
9c:b5:0d:d7:ec:73:ec:8c:79:6d:1b:9d:e6:f9:70:
d3:a0:0e:fe:4c:93:57:2d:20:99:da:a8:4e:73:6e:
e2:05:cc:f2:e4:6a:20:7e:1b:4b:a5:d8:bc:37:5b:
8c:e5:ae:0e:6f:f5:2d:a4:fd:78:b3:60:58:bf:8a:
05:29:04:2f:78:7e:6f:35:c9:11:31:f8:62:9a:b0:
e2:f7:f3:9a:10:b2:8d:c1:db:fd:95:bc:32:76:3d:
98:81:bd:05:c9:9b:f9:d6:cc:1e:15:85:c1:1f:87:
f3:39:ec:cf:92:46:2c:88:14:58:1c:22:8d:e3:74:
e9:63:fe:4f:d7:b0:5b:ae:bb:b0:c9:2a:21:7f:42:
5e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B3:F1:EC:B3:D6:99:A0:C1:63:EF:C0:6E:61:B0:DD:61:44:85:A4
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.250.237.0-192.250.238.255
199.103.56.0/23
199.103.59.0-199.103.63.255
208.69.56.0/22
208.88.4.0/22
209.42.24.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:fa:2d:5a:83:8c:49:26:5b:25:dd:43:e4:d9:4d:c9:1b:aa:
ac:a5:92:d9:10:13:ba:2a:3e:bd:cd:0b:39:7d:8d:6f:3d:61:
39:54:67:3a:1f:b7:53:eb:b8:18:d0:b5:b2:e7:92:43:60:c8:
1b:45:e1:32:cb:9c:ed:bd:e7:a9:73:ad:d5:3d:45:93:f1:71:
09:52:de:e1:65:83:87:33:ab:35:9c:6b:6c:a2:95:a5:e2:38:
31:19:87:df:66:ad:a6:7f:4b:6f:8d:63:01:75:21:db:fd:73:
80:9e:86:a5:8b:7e:d2:1c:a2:07:c7:1a:ee:96:4e:cb:83:7d:
ab:78:1d:25:3d:14:93:52:df:76:35:e4:3a:ba:4a:c9:0f:f2:
16:5e:57:65:38:7e:6f:15:48:51:5e:a9:e7:52:59:7a:64:17:
3f:f5:16:f2:18:d1:f2:71:94:55:23:75:23:03:7e:04:f1:0c:
6d:98:27:b5:a2:4d:3f:67:2e:ee:b4:99:51:10:dd:f7:b2:1c:
d0:ac:fb:a6:b9:af:69:65:d8:2d:ab:22:c6:ce:ec:97:23:98:
0a:1a:f2:f8:26:c2:49:43:7a:78:64:55:73:2b:0b:23:3b:d8:
66:26:dc:f6:49:00:c9:8f:ad:0c:48:ba:61:1f:8e:2f:35:d8:
0f:4d:17:77
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZgQPOYgnKA6UPEDN8ahwW5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNzE1MjIzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWIzZjFlY2IzZDY5OWEwYzE2M2VmYzA2ZTYxYjBkZDYxNDQ4NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8BU2SV4AWZ7lBPFKEX5TzApg0br
eNSYo7ylYRz7suuPlOKIKGG75Vt/4Yr550zjRPI69JYa9RFfuQfTEsNHxUjPvPZh
yzSSXCXUA2nguHsuQUNKJ99tt5jXqPQU8WE5w97UUYJOP/lNj4StVZP7Dj8EwyCp
aNKctQ3X7HPsjHltG53m+XDToA7+TJNXLSCZ2qhOc27iBczy5GogfhtLpdi8N1uM
5a4Ob/UtpP14s2BYv4oFKQQveH5vNckRMfhimrDi9/OaELKNwdv9lbwydj2Ygb0F
yZv51sweFYXBH4fzOezPkkYsiBRYHCKN43TpY/5P17BbrruwySohf0JeNwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFIqz8eyz1pmgwWPvwG5hsN1hRIWkMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvaXJQeDdMUFdtYURCWS1fQWJtR3czV0ZFaGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBADA+u0D
BADA+u4DBAHHZzgwDAMEAMdnOwMEBsdnAAMEAtBFOAMEAtBYBAMEAdEqGDANBgkq
hkiG9w0BAQsFAAOCAQEAmvotWoOMSSZbJd1D5NlNyRuqrKWS2RATuio+vc0LOX2N
bz1hOVRnOh+3U+u4GNC1sueSQ2DIG0XhMsuc7b3nqXOt1T1Fk/FxCVLe4WWDhzOr
NZxrbKKVpeI4MRmH32atpn9Lb41jAXUh2/1zgJ6GpYt+0hyiB8ca7pZOy4N9q3gd
JT0Uk1LfdjXkOrpKyQ/yFl5XZTh+bxVIUV6p51JZemQXP/UW8hjR8nGUVSN1IwN+
BPEMbZgntaJNP2cu7rSZURDd97Ic0Kz7prmvaWXYLasixs7slyOYChry+CbCSUN6
eGRVcysLIzvYZibc9kkAyY+tDEi6YR+OLzXYD00Xdw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:40:34 2025 by rpki-client