Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/DoD9qycN8sHekncp0TSCr1QHbZU.roa
File: DoD9qycN8sHekncp0TSCr1QHbZU.roa (raw, json)
Hash identifier: 4mtMFEHJrLeoqhYyzRqX2IpMxhF1Z7G72k2DG1qEDIY=
Subject key identifier: 0E:80:FD:AB:27:0D:F2:C1:DE:92:77:29:D1:34:82:AF:54:07:6D:95
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 0197DF9FD1C4A1EE324A5993A3F81AA41E40
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/DoD9qycN8sHekncp0TSCr1QHbZU.roa
Signing time: Sun 06 Jul 2025 12:04:42 +0000
ROA not before: Sun 06 Jul 2025 12:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216129
IP address blocks: 107.161.154.0/24 maxlen: 24
148.253.208.0/24 maxlen: 24
148.253.209.0/24 maxlen: 24
185.28.84.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
202.181.188.0/24 maxlen: 24
2a13:d200::/32 maxlen: 32
2a13:d200:6::/48 maxlen: 48
2a13:d200:7::/48 maxlen: 48
2a13:d200:8::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
2a13:d200:10::/48 maxlen: 48
2a13:d200:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:df:9f:d1:c4:a1:ee:32:4a:59:93:a3:f8:1a:a4:1e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Jul 6 12:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e80fdab270df2c1de927729d13482af54076d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:fb:6a:d5:96:1d:e1:4a:b5:9c:72:bf:71:
2b:84:3c:3b:32:fd:0e:20:b9:ce:be:42:4d:00:3f:
b7:49:4f:bf:e4:0f:57:91:a0:84:9e:c8:11:92:a5:
b9:5c:11:df:09:4e:a1:b3:3d:59:75:f6:56:28:4a:
ea:0c:b3:59:85:80:9b:f5:a5:77:3b:11:a5:ac:40:
26:e4:05:39:d0:89:5f:fc:93:47:1a:7c:30:fe:dd:
44:8c:d0:f9:35:bc:bd:4e:a0:af:24:ef:ca:d4:e9:
44:1e:a3:83:ed:e2:fe:54:20:fe:a0:ac:86:00:bc:
44:f8:b7:95:5a:e8:2c:cf:38:c2:cc:31:bc:1c:16:
fb:da:45:5d:e1:60:b5:0f:f1:ef:9d:f2:38:c0:c4:
f9:b9:bc:d1:d3:83:d2:ff:1b:5a:d0:b2:fb:7a:9a:
64:69:38:11:f6:1d:0c:c6:cd:9e:eb:39:07:59:b4:
0a:11:79:84:d8:9b:eb:f2:d0:16:a1:09:a6:c4:b1:
3b:7b:65:74:13:99:7b:ca:82:8a:0d:df:7f:5e:e5:
cf:7c:93:13:10:5c:1d:e9:23:b0:1b:bc:a2:86:b9:
f6:b9:24:7b:e4:07:45:0f:d8:3a:bc:26:62:19:29:
ca:66:53:44:4d:f3:b8:6e:2a:63:66:58:11:c5:61:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:80:FD:AB:27:0D:F2:C1:DE:92:77:29:D1:34:82:AF:54:07:6D:95
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/DoD9qycN8sHekncp0TSCr1QHbZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.154.0/24
148.253.208.0/23
185.28.84.0/24
199.83.103.0/24
202.181.188.0/24
IPv6:
2a13:d200::/32
Signature Algorithm: sha256WithRSAEncryption
53:a1:75:dd:0d:48:63:5f:ba:3e:71:10:a6:b7:4d:f0:cc:59:
db:a1:a7:91:eb:fa:85:e1:6d:85:6f:08:6c:bd:d7:cf:0f:a1:
54:97:27:86:b5:64:07:d7:ad:f4:6b:32:01:2e:56:44:50:71:
3a:1b:69:b9:46:87:a9:d3:45:c5:55:db:95:0e:67:f1:39:e3:
bf:72:a2:4a:18:d2:62:81:e7:8d:49:a7:61:0a:3d:c2:c3:37:
9d:9e:0b:e7:c3:87:c2:ce:2c:6a:a8:4a:35:cb:b1:71:78:c3:
29:bf:da:82:61:bc:47:3b:23:32:fe:13:26:26:c9:ee:21:03:
3c:c7:fb:9a:c0:e9:eb:0b:ee:27:47:b9:ca:24:59:b4:86:72:
1e:11:3d:95:d9:51:76:7c:5d:b1:f6:3e:1b:7e:c2:18:6f:31:
eb:86:4a:98:9c:56:f5:0a:41:bc:c1:ed:d7:78:68:82:02:cb:
00:a1:e1:ad:1a:11:92:ef:89:62:9e:4b:2c:73:0c:f8:d7:c3:
11:6b:b6:38:75:de:96:fe:d2:d1:d8:12:ee:3f:06:74:00:4b:
9f:a6:b9:6c:74:40:ba:c1:4f:ee:e2:d7:71:a9:87:a0:0a:b9:
70:da:39:04:7b:a2:24:99:c1:99:42:45:92:c0:88:86:52:4b:
6a:5c:40:d3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZffn9HEoe4ySlmTo/gapB5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjUwNzA2MTIwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgwZmRhYjI3MGRmMmMxZGU5Mjc3MjlkMTM0ODJhZjU0MDc2ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5X7atWWHeFKtZxyv3ErhDw7Mv0O
ILnOvkJNAD+3SU+/5A9XkaCEnsgRkqW5XBHfCU6hsz1ZdfZWKErqDLNZhYCb9aV3
OxGlrEAm5AU50Ilf/JNHGnww/t1EjND5Nby9TqCvJO/K1OlEHqOD7eL+VCD+oKyG
ALxE+LeVWugszzjCzDG8HBb72kVd4WC1D/HvnfI4wMT5ubzR04PS/xta0LL7eppk
aTgR9h0Mxs2e6zkHWbQKEXmE2Jvr8tAWoQmmxLE7e2V0E5l7yoKKDd9/XuXPfJMT
EFwd6SOwG7yihrn2uSR75AdFD9g6vCZiGSnKZlNETfO4bipjZlgRxWH7FQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA6A/asnDfLB3pJ3KdE0gq9UB22VMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvRG9EOXF5Y044c0hla25jcDBUU0NyMVFIYlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAa6GaAwQB
lP3QAwQAuRxUAwQAx1NnAwQAyrW8MA0EAgACMAcDBQAqE9IAMA0GCSqGSIb3DQEB
CwUAA4IBAQBToXXdDUhjX7o+cRCmt03wzFnboaeR6/qF4W2FbwhsvdfPD6FUlyeG
tWQH1630azIBLlZEUHE6G2m5Roep00XFVduVDmfxOeO/cqJKGNJigeeNSadhCj3C
wzedngvnw4fCzixqqEo1y7FxeMMpv9qCYbxHOyMy/hMmJsnuIQM8x/uawOnrC+4n
R7nKJFm0hnIeET2V2VF2fF2x9j4bfsIYbzHrhkqYnFb1CkG8we3XeGiCAssAoeGt
GhGS74linksscwz418MRa7Y4dd6W/tLR2BLuPwZ0AEufprlsdEC6wU/u4tdxqYeg
Crlw2jkEe6IkmcGZQkWSwIiGUktqXEDT
-----END CERTIFICATE-----
Generated at Sun Jul 27 00:50:55 2025 by rpki-client