Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/y4LRZvQWH9l19-R4kCc6PgUW78w.roa
File: y4LRZvQWH9l19-R4kCc6PgUW78w.roa (raw, json)
Hash identifier: 2GDs3fd+T8RC8u9/aToLiIMcmZgcmmJt7vgNbq6rFsw=
Subject key identifier: CB:82:D1:66:F4:16:1F:D9:75:F7:E4:78:90:27:3A:3E:05:16:EF:CC
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 0197D6327DA8AE53212A492AAB57A90194E2
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/y4LRZvQWH9l19-R4kCc6PgUW78w.roa
Signing time: Fri 04 Jul 2025 16:08:42 +0000
ROA not before: Fri 04 Jul 2025 16:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 185.157.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:32:7d:a8:ae:53:21:2a:49:2a:ab:57:a9:01:94:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jul 4 16:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb82d166f4161fd975f7e47890273a3e0516efcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c7:a6:e6:6e:cb:bb:29:eb:99:3b:d4:62:1a:
bd:39:75:53:9a:f5:e3:b6:2c:46:b8:e2:e2:de:45:
4b:45:8b:08:a9:16:cf:cf:4e:b6:43:fe:fa:3c:87:
92:55:3a:bd:3f:ea:46:8a:56:4e:ec:3f:1c:55:49:
aa:2d:72:ab:44:e6:eb:17:1c:73:f3:db:4e:93:c3:
09:8d:2e:07:ae:84:ef:ab:2b:a7:24:5b:b1:8f:f6:
5f:d0:5c:44:03:13:f9:05:ab:1e:bd:e1:72:2a:ea:
08:89:f4:98:6d:18:06:5c:7e:c6:89:9f:7b:42:11:
7e:e2:6a:4d:c5:df:5e:ab:ce:cc:7e:2f:1a:54:05:
80:1b:6a:08:87:2c:f5:91:77:59:59:7b:ca:0f:2a:
c6:b7:d8:d2:90:3f:9e:29:97:60:a6:73:71:59:ae:
2c:1d:e2:00:9a:ab:45:66:6c:fb:7e:da:20:08:7d:
3c:53:12:19:ff:44:17:4b:ed:60:18:0f:24:a5:99:
01:83:d8:61:a1:2e:b2:81:32:09:1e:35:21:8a:8e:
c6:0d:c2:df:ae:5d:a3:85:e4:85:b0:72:64:a6:72:
ae:c6:a6:a2:b7:65:f3:70:f9:e2:03:85:6f:62:f5:
fe:70:4f:8b:b1:97:83:63:47:ae:e9:d2:67:9e:e6:
3f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:82:D1:66:F4:16:1F:D9:75:F7:E4:78:90:27:3A:3E:05:16:EF:CC
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/y4LRZvQWH9l19-R4kCc6PgUW78w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.51.0/24
Signature Algorithm: sha256WithRSAEncryption
50:6f:8e:4a:05:fb:f6:06:7b:5d:6d:21:ad:71:72:21:23:f1:
d8:2c:5b:8d:07:d3:90:0c:20:f7:e8:e0:5d:57:5c:a8:33:c8:
fa:78:cd:98:b5:97:ac:8a:ce:42:c2:fd:6e:b0:f8:8e:a3:07:
3f:0a:16:8d:60:01:13:e6:f9:62:fc:8f:ac:d4:a4:9f:50:ba:
9c:c1:da:0c:8e:c6:ef:ca:c1:54:8b:26:97:c4:80:e4:bd:7a:
6c:ae:e1:89:5c:7d:c4:2c:ac:ed:d8:ee:06:85:1c:10:81:a5:
b2:03:d2:c4:99:c8:6c:42:a0:1e:82:e2:43:3b:7c:c5:ac:eb:
0c:8f:68:57:a5:c4:98:4e:48:7c:01:10:2a:58:bd:1c:db:fa:
4a:f7:4f:84:77:d5:91:24:73:f9:56:f5:5b:ee:a9:5e:60:46:
d5:17:04:25:28:72:c8:5c:c3:72:84:58:44:07:0f:f5:6a:f9:
7a:98:cd:6d:60:b4:6b:2a:e7:8f:8e:50:dc:03:54:8b:12:00:
12:b7:87:bb:6c:5a:84:94:e2:dd:58:a3:f9:28:5b:63:91:54:
5d:8c:ab:64:be:1c:7c:ea:79:68:7a:1e:53:73:7e:ba:9f:5c:
a8:9b:96:2d:fc:31:29:2c:b7:a5:52:be:41:71:1b:37:85:1d:
dc:14:51:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfWMn2orlMhKkkqq1epAZTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjUwNzA0MTYwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjgyZDE2NmY0MTYxZmQ5NzVmN2U0Nzg5MDI3M2EzZTA1MTZlZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMem5m7LuynrmTvUYhq9OXVTmvXj
tixGuOLi3kVLRYsIqRbPz062Q/76PIeSVTq9P+pGilZO7D8cVUmqLXKrRObrFxxz
89tOk8MJjS4HroTvqyunJFuxj/Zf0FxEAxP5BaseveFyKuoIifSYbRgGXH7GiZ97
QhF+4mpNxd9eq87Mfi8aVAWAG2oIhyz1kXdZWXvKDyrGt9jSkD+eKZdgpnNxWa4s
HeIAmqtFZmz7ftogCH08UxIZ/0QXS+1gGA8kpZkBg9hhoS6ygTIJHjUhio7GDcLf
rl2jheSFsHJkpnKuxqait2XzcPniA4VvYvX+cE+LsZeDY0eu6dJnnuY/tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuC0Wb0Fh/ZdffkeJAnOj4FFu/MMB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEveTRMUlp2UVdIOWwxOS1SNGtDYzZQZ1VXNzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0zMA0G
CSqGSIb3DQEBCwUAA4IBAQBQb45KBfv2BntdbSGtcXIhI/HYLFuNB9OQDCD36OBd
V1yoM8j6eM2YtZesis5Cwv1usPiOowc/ChaNYAET5vli/I+s1KSfULqcwdoMjsbv
ysFUiyaXxIDkvXpsruGJXH3ELKzt2O4GhRwQgaWyA9LEmchsQqAeguJDO3zFrOsM
j2hXpcSYTkh8ARAqWL0c2/pK90+Ed9WRJHP5VvVb7qleYEbVFwQlKHLIXMNyhFhE
Bw/1avl6mM1tYLRrKuePjlDcA1SLEgASt4e7bFqElOLdWKP5KFtjkVRdjKtkvhx8
6nloeh5Tc366n1yom5Yt/DEpLLelUr5BcRs3hR3cFFGz
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:14:59 2025 by rpki-client