Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHkOz5KDveJIOy-ccvEYbo4uFVw.roa
File: sHkOz5KDveJIOy-ccvEYbo4uFVw.roa (raw, json)
Hash identifier: 4XlfFxbonoo+EMczaq7W4HWFI7yRoTFE2eUMd9HThf4=
Subject key identifier: B0:79:0E:CF:92:83:BD:E2:48:3B:2F:9C:72:F1:18:6E:8E:2E:15:5C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198122D34287A292D48D8FA52FC621A61C8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHkOz5KDveJIOy-ccvEYbo4uFVw.roa
Signing time: Wed 16 Jul 2025 07:40:08 +0000
ROA not before: Wed 16 Jul 2025 07:40:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 80.253.251.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
185.99.96.0/24 maxlen: 24
185.214.74.0/24 maxlen: 24
185.242.247.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 19:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:12:2d:34:28:7a:29:2d:48:d8:fa:52:fc:62:1a:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 16 07:40:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0790ecf9283bde2483b2f9c72f1186e8e2e155c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:39:e8:12:41:cf:60:4d:fe:97:21:b1:5a:
d8:87:14:7b:f3:b9:44:c6:02:c7:03:98:13:9f:8c:
14:97:c9:c0:1c:41:24:14:ef:28:95:f4:9b:ed:63:
02:a7:a7:40:86:ec:06:24:ad:2f:94:69:9a:e0:64:
5f:b0:ee:46:8c:f5:95:94:e3:ad:16:7e:7f:0f:fb:
3e:6d:0e:a9:51:f5:cf:5d:79:db:a0:93:77:e3:0c:
9d:83:ff:60:91:68:5a:74:e0:eb:19:d9:35:be:b9:
e7:68:2b:ee:a3:47:e3:35:1b:65:52:77:ea:c6:22:
d5:0c:e6:ba:a0:b1:1a:43:2c:02:f0:50:68:44:7d:
3c:ad:b6:9b:9f:2a:a2:52:2e:dd:74:5d:0f:26:a2:
ab:26:e7:11:4b:ee:a9:7a:a1:57:df:ba:72:e3:a6:
02:9a:46:37:3b:40:7b:ee:d9:6b:7f:01:d4:2e:5d:
d8:78:5f:38:23:7b:82:18:f1:9b:e5:30:30:11:36:
0e:b9:e1:3b:01:2f:1e:4b:c0:10:6c:cf:8e:8c:e7:
cf:70:71:c1:75:25:03:74:fe:fb:39:5d:79:f7:ba:
4f:bc:cc:58:f8:c4:da:51:17:8d:ac:c4:86:84:2b:
e4:49:7b:cc:2b:44:c7:07:4c:75:21:d0:a7:5c:dd:
69:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:79:0E:CF:92:83:BD:E2:48:3B:2F:9C:72:F1:18:6E:8E:2E:15:5C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHkOz5KDveJIOy-ccvEYbo4uFVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.251.0/24
113.30.152.0/24
185.99.96.0/24
185.214.74.0/24
185.242.247.0/24
195.66.25.0/24
Signature Algorithm: sha256WithRSAEncryption
44:4a:fc:93:75:59:1e:7d:a8:11:9d:c2:df:5b:56:71:3a:e9:
4f:cf:07:07:ff:c9:4d:68:92:b5:3e:da:eb:51:8c:97:97:8f:
3d:94:b8:f9:fb:0d:76:c8:ff:90:d8:fe:df:80:01:ad:f9:48:
87:91:23:5a:3e:3e:85:e3:e7:f2:5f:35:85:86:c9:60:2d:a6:
5d:fc:39:74:d9:37:9c:90:04:bb:e4:85:2e:d9:31:c1:10:43:
6c:60:93:3e:ce:8a:4b:c3:16:ea:9d:a3:6d:6b:36:d7:73:af:
ae:0e:f3:05:1b:9c:12:88:48:ab:75:28:0a:db:7c:77:75:fe:
af:25:9c:74:e5:fe:eb:7f:d0:f5:94:b6:c8:da:6d:c9:fa:7a:
fc:3d:a4:1b:90:94:cf:b3:84:e5:b3:f8:64:6f:81:67:0d:ca:
b8:f4:d1:ad:08:e7:fb:2f:7c:84:e8:ed:7c:d2:6f:c5:9e:25:
68:ad:4b:1c:c6:14:d1:29:89:ab:df:95:5b:3e:0b:13:a6:a4:
c0:35:55:eb:aa:51:f7:d8:89:81:be:64:89:bc:54:92:b8:6d:
e4:96:08:1e:40:3d:52:3d:a9:4d:8b:dd:02:f4:9a:f2:1a:f4:
b1:68:70:3c:8f:2f:24:49:1d:4f:21:01:1d:f7:97:ba:fd:4e:
d5:34:ca:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgSLTQoeiktSNj6UvxiGmHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzE2MDc0MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc5MGVjZjkyODNiZGUyNDgzYjJmOWM3MmYxMTg2ZThlMmUxNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbA56BJBz2BN/pchsVrYhxR787lE
xgLHA5gTn4wUl8nAHEEkFO8olfSb7WMCp6dAhuwGJK0vlGma4GRfsO5GjPWVlOOt
Fn5/D/s+bQ6pUfXPXXnboJN34wydg/9gkWhadODrGdk1vrnnaCvuo0fjNRtlUnfq
xiLVDOa6oLEaQywC8FBoRH08rbabnyqiUi7ddF0PJqKrJucRS+6peqFX37py46YC
mkY3O0B77tlrfwHULl3YeF84I3uCGPGb5TAwETYOueE7AS8eS8AQbM+OjOfPcHHB
dSUDdP77OV1597pPvMxY+MTaUReNrMSGhCvkSXvMK0THB0x1IdCnXN1pvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLB5Ds+Sg73iSDsvnHLxGG6OLhVcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc0hrT3o1S0R2ZUpJT3ktY2N2RVlibzR1RlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUP37AwQA
cR6YAwQAuWNgAwQAudZKAwQAufL3AwQAw0IZMA0GCSqGSIb3DQEBCwUAA4IBAQBE
SvyTdVkefagRncLfW1ZxOulPzwcH/8lNaJK1PtrrUYyXl489lLj5+w12yP+Q2P7f
gAGt+UiHkSNaPj6F4+fyXzWFhslgLaZd/Dl02TeckAS75IUu2THBEENsYJM+zopL
wxbqnaNtazbXc6+uDvMFG5wSiEirdSgK23x3df6vJZx05f7rf9D1lLbI2m3J+nr8
PaQbkJTPs4Tls/hkb4FnDcq49NGtCOf7L3yE6O180m/FniVorUscxhTRKYmr35Vb
PgsTpqTANVXrqlH32ImBvmSJvFSSuG3klggeQD1SPalNi90C9JryGvSxaHA8jy8k
SR1PIQEd95e6/U7VNMpE
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:34:09 2025 by rpki-client