Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/YWrqOkxE4kuwAHt0esRIKza-z2w.roa
File: YWrqOkxE4kuwAHt0esRIKza-z2w.roa (raw, json)
Hash identifier: Q4zyDjmDnvDWNfDLHpwpAtywKuNbvOWbOIgdLd25txk=
Subject key identifier: 61:6A:EA:3A:4C:44:E2:4B:B0:00:7B:74:7A:C4:48:2B:36:BE:CF:6C
Certificate issuer: /CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Certificate serial: 0197E514008956A89E0E400EA054CAC32B7F
Authority key identifier: 0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/YWrqOkxE4kuwAHt0esRIKza-z2w.roa
Signing time: Mon 07 Jul 2025 13:29:42 +0000
ROA not before: Mon 07 Jul 2025 13:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58075
IP address blocks: 45.150.244.0/22 maxlen: 24
109.175.228.0/22 maxlen: 24
176.56.44.0/22 maxlen: 24
185.233.216.0/24 maxlen: 24
185.248.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 04:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:14:00:89:56:a8:9e:0e:40:0e:a0:54:ca:c3:2b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Validity
Not Before: Jul 7 13:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=616aea3a4c44e24bb0007b747ac4482b36becf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:cd:8c:40:7e:94:b4:bc:77:cf:81:2f:91:
03:d8:6f:21:64:e8:f4:70:f9:67:8d:1c:25:e0:2f:
5e:73:38:4d:3e:5c:9a:e3:25:a1:4d:c6:f9:11:df:
10:ef:2c:23:58:36:84:f3:a4:15:1d:c0:f6:5e:e0:
fd:ec:9e:5a:03:8c:b0:27:3d:9f:4f:83:95:e6:70:
3c:b1:d3:1c:d5:79:3e:ce:38:c2:a5:2c:45:58:dc:
8a:0c:28:c5:81:d8:13:ae:24:ff:ab:04:cf:c4:de:
9e:90:cd:3c:34:95:74:ee:e6:f6:1e:cc:60:05:3a:
a7:f0:dc:78:63:23:b2:c3:4d:8c:cf:cc:59:ff:76:
16:26:b8:11:01:e8:b0:5a:31:28:c1:39:db:97:94:
a0:e1:87:da:ee:86:49:4e:cd:51:0b:69:8c:10:79:
75:09:31:cb:04:d8:ca:26:a1:0f:93:cb:29:db:cd:
f4:89:90:de:b5:cd:09:5a:71:ce:37:7f:1f:cb:b3:
b7:be:4c:d5:98:1b:32:2e:e1:84:41:12:f7:b4:ee:
8b:a6:4e:70:80:25:96:65:bd:c3:80:ad:df:d0:55:
5b:95:3d:4d:a7:33:e4:36:ae:53:8f:42:41:e1:58:
d7:24:c1:f1:42:1a:44:1c:5a:15:48:00:17:e4:3f:
ce:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6A:EA:3A:4C:44:E2:4B:B0:00:7B:74:7A:C4:48:2B:36:BE:CF:6C
X509v3 Authority Key Identifier:
keyid:0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/YWrqOkxE4kuwAHt0esRIKza-z2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.244.0/22
109.175.228.0/22
176.56.44.0/22
185.233.216.0/24
185.248.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:cc:63:52:6e:4d:44:f6:3a:ea:22:e3:e5:c2:d0:aa:1c:cb:
93:cb:e2:0f:99:26:c2:14:5b:fc:de:52:0f:81:3a:7b:e1:8a:
d8:b3:c0:8d:6e:27:cd:e7:fb:57:6e:bf:74:76:5b:8f:da:b3:
ab:53:a5:2b:72:89:d7:e0:19:4d:9a:fa:0c:0e:39:77:02:79:
31:d6:be:b0:7e:4f:5e:37:a0:8e:52:e7:78:51:3f:71:46:f9:
70:24:80:15:11:6a:7e:52:26:ad:17:1a:2c:ce:52:38:dd:1b:
38:df:65:c5:d4:ed:8f:bc:43:ac:bb:1f:39:7e:e1:11:98:b3:
d4:18:49:be:cb:dd:46:24:65:cd:7b:7d:8b:0e:b0:08:a2:4d:
0f:b0:c6:16:8a:3c:f9:aa:07:f8:09:6d:03:33:86:1b:f4:7a:
80:22:4b:ea:75:63:b0:06:87:32:bd:bd:4b:2b:60:4e:9a:85:
3d:e4:79:ae:0a:80:5e:fc:58:52:e6:d3:c4:e4:79:0d:b9:18:
86:51:19:6b:63:ff:b5:ab:77:ad:9c:3e:93:8f:99:b5:f1:f5:
bd:c6:50:05:fd:24:90:fa:ae:85:3f:74:e5:6d:39:20:52:bc:
8e:1d:91:33:4e:c0:9b:a5:08:68:2d:b8:01:c3:64:18:fa:6c:
ad:62:63:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZflFACJVqieDkAOoFTKwyt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzIzZWVjOTRlZGQwZTc0ODYxNjE1MGUwMGQwNmEyZDY2
OTBmZjIwHhcNMjUwNzA3MTMyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTZhZWEzYTRjNDRlMjRiYjAwMDdiNzQ3YWM0NDgyYjM2YmVjZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHnNjEB+lLS8d8+BL5ED2G8hZOj0
cPlnjRwl4C9eczhNPlya4yWhTcb5Ed8Q7ywjWDaE86QVHcD2XuD97J5aA4ywJz2f
T4OV5nA8sdMc1Xk+zjjCpSxFWNyKDCjFgdgTriT/qwTPxN6ekM08NJV07ub2Hsxg
BTqn8Nx4YyOyw02Mz8xZ/3YWJrgRAeiwWjEowTnbl5Sg4Yfa7oZJTs1RC2mMEHl1
CTHLBNjKJqEPk8sp2830iZDetc0JWnHON38fy7O3vkzVmBsyLuGEQRL3tO6Lpk5w
gCWWZb3DgK3f0FVblT1NpzPkNq5Tj0JB4VjXJMHxQhpEHFoVSAAX5D/OSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGFq6jpMROJLsAB7dHrESCs2vs9sMB8GA1UdIwQY
MBaAFAwyPuyU7dDnSGFhUOANBqLWaQ/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmIt
MTBkZDk1MmUyNDEyLzEvWVdycU9reEU0a3V3QUh0MGVzUklLemEtejJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmItMTBkZDk1MmUyNDEy
LzEvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZb0AwQC
ba/kAwQCsDgsAwQAuenYAwQCufjsMA0GCSqGSIb3DQEBCwUAA4IBAQBLzGNSbk1E
9jrqIuPlwtCqHMuTy+IPmSbCFFv83lIPgTp74YrYs8CNbifN5/tXbr90dluP2rOr
U6UrconX4BlNmvoMDjl3Ankx1r6wfk9eN6COUud4UT9xRvlwJIAVEWp+UiatFxos
zlI43Rs432XF1O2PvEOsux85fuERmLPUGEm+y91GJGXNe32LDrAIok0PsMYWijz5
qgf4CW0DM4Yb9HqAIkvqdWOwBocyvb1LK2BOmoU95HmuCoBe/FhS5tPE5HkNuRiG
URlrY/+1q3etnD6Tj5m18fW9xlAF/SSQ+q6FP3TlbTkgUryOHZEzTsCbpQhoLbgB
w2QY+mytYmO4
-----END CERTIFICATE-----
Generated at Mon Jul 28 09:50:39 2025 by rpki-client