Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/2aM17soBmqh_GBtRMWQDctgH7fc.roa
File: 2aM17soBmqh_GBtRMWQDctgH7fc.roa (raw, json)
Hash identifier: 6/ySI4kErv/JIgLnQhnbSKqi6Bg38OiTTBN0AB/24r8=
Subject key identifier: D9:A3:35:EE:CA:01:9A:A8:7F:18:1B:51:31:64:03:72:D8:07:ED:F7
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0198377EAC4577DD4CC7E56933B0268149D5
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/2aM17soBmqh_GBtRMWQDctgH7fc.roa
Signing time: Wed 23 Jul 2025 13:35:05 +0000
ROA not before: Wed 23 Jul 2025 13:35:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.130.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
84.254.132.0/24 maxlen: 24
84.254.137.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.145.0/24 maxlen: 24
84.254.146.0/24 maxlen: 24
84.254.164.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.133.0/24 maxlen: 24
95.210.189.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
176.227.138.0/24 maxlen: 24
176.227.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:7e:ac:45:77:dd:4c:c7:e5:69:33:b0:26:81:49:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jul 23 13:35:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9a335eeca019aa87f181b5131640372d807edf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:8f:a8:f0:82:81:ba:fd:8b:c0:d1:7c:33:
d1:63:86:83:57:d8:5f:75:66:0e:93:6f:41:0c:b8:
4d:fe:54:68:05:84:68:cc:33:24:b5:77:80:54:16:
17:02:04:a8:2b:13:97:11:18:8c:98:6e:f3:6a:04:
7f:d2:8b:7d:d8:20:2c:01:15:49:b4:3d:f6:eb:55:
26:56:7f:73:90:fa:aa:7f:63:7f:29:86:4e:6e:b6:
09:f8:d3:0f:3e:2b:70:f6:99:c9:66:1a:d1:bc:04:
03:14:3c:b7:1b:be:15:5b:75:e6:7b:f1:e5:17:e1:
e6:2e:bf:1f:91:8e:fe:59:e0:5b:6a:91:e6:58:02:
28:11:fb:4f:0b:d3:a9:5b:2e:af:d0:bb:15:af:58:
e2:43:9c:18:54:39:84:c0:ae:24:52:c2:1c:01:5b:
9a:c1:a1:ed:c7:da:38:d6:fb:92:7c:fc:88:c3:cd:
df:2e:9d:1b:35:ab:dd:65:8d:c4:47:28:58:1d:49:
8c:5e:3a:c6:9a:bf:52:e0:bd:7a:4c:5d:ae:fb:ac:
50:98:36:cb:c7:7d:49:2f:68:b0:cc:d1:32:6c:a1:
b0:ac:3a:b0:4f:cc:b7:d9:fb:e3:ca:b3:83:5c:ec:
44:7c:8c:13:eb:34:bd:62:da:0f:cf:9b:78:ed:7b:
9c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A3:35:EE:CA:01:9A:A8:7F:18:1B:51:31:64:03:72:D8:07:ED:F7
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/2aM17soBmqh_GBtRMWQDctgH7fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0-84.254.132.255
84.254.137.0/24
84.254.144.0-84.254.146.255
84.254.164.0/24
95.210.111.0/24
95.210.132.0/23
95.210.189.0/24
176.227.131.0/24
176.227.138.0/23
Signature Algorithm: sha256WithRSAEncryption
64:3c:57:41:6f:50:d2:6e:35:38:d5:05:53:99:85:6e:27:85:
33:f6:b2:b5:20:de:1d:aa:37:d4:8d:1e:48:73:61:7f:17:86:
c1:71:5f:7d:1a:22:b3:fe:63:e4:88:d7:52:c5:84:a7:af:66:
68:ff:c3:33:00:51:4b:98:97:04:65:d8:1f:70:83:45:b7:db:
5c:19:f8:ba:32:8f:ff:58:03:6c:9e:c8:11:93:4c:e9:a5:4e:
ee:60:83:13:2e:55:9a:3f:fd:b5:2c:c0:62:b4:2c:c4:06:06:
72:48:fc:06:55:98:7c:38:17:8b:31:70:d2:3d:c4:5c:64:26:
3f:c3:55:fd:45:b1:4c:0d:6d:d7:32:85:94:20:04:58:a5:49:
a8:5b:bb:0b:eb:c3:09:c1:d3:44:02:04:85:b9:50:10:24:f3:
43:f8:08:da:29:51:61:87:94:1d:12:e7:40:14:f6:39:b8:eb:
2f:7d:04:68:e6:25:0c:94:79:9f:c9:21:52:e9:c2:2f:6f:b8:
99:c1:c8:10:d0:fe:de:e2:4f:2d:a0:ae:f0:18:ad:b6:90:d6:
a4:31:27:c9:2e:6b:56:55:03:38:cf:2a:6d:8b:80:83:ef:34:
c6:2b:7a:b9:aa:86:39:3c:59:73:0f:21:e0:b8:13:95:37:ab:
be:f8:8d:d4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZg3fqxFd91Mx+VpM7AmgUnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjUwNzIzMTMzNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEzMzVlZWNhMDE5YWE4N2YxODFiNTEzMTY0MDM3MmQ4MDdlZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x2PqPCCgbr9i8DRfDPRY4aDV9hf
dWYOk29BDLhN/lRoBYRozDMktXeAVBYXAgSoKxOXERiMmG7zagR/0ot92CAsARVJ
tD3261UmVn9zkPqqf2N/KYZObrYJ+NMPPitw9pnJZhrRvAQDFDy3G74VW3Xme/Hl
F+HmLr8fkY7+WeBbapHmWAIoEftPC9OpWy6v0LsVr1jiQ5wYVDmEwK4kUsIcAVua
waHtx9o41vuSfPyIw83fLp0bNavdZY3ERyhYHUmMXjrGmr9S4L16TF2u+6xQmDbL
x31JL2iwzNEybKGwrDqwT8y32fvjyrODXOxEfIwT6zS9YtoPz5t47XuccQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNmjNe7KAZqofxgbUTFkA3LYB+33MB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvMmFNMTdzb0JtcWhfR0J0Uk1XUURjdGdIN2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAFU/oID
BABU/oQDBABU/okwDAMEBFT+kAMEAFT+kgMEAFT+pAMEAF/SbwMEAV/ShAMEAF/S
vQMEALDjgwMEAbDjijANBgkqhkiG9w0BAQsFAAOCAQEAZDxXQW9Q0m41ONUFU5mF
bieFM/aytSDeHao31I0eSHNhfxeGwXFffRois/5j5IjXUsWEp69maP/DMwBRS5iX
BGXYH3CDRbfbXBn4ujKP/1gDbJ7IEZNM6aVO7mCDEy5Vmj/9tSzAYrQsxAYGckj8
BlWYfDgXizFw0j3EXGQmP8NV/UWxTA1t1zKFlCAEWKVJqFu7C+vDCcHTRAIEhblQ
ECTzQ/gI2ilRYYeUHRLnQBT2ObjrL30EaOYlDJR5n8khUunCL2+4mcHIEND+3uJP
LaCu8BittpDWpDEnyS5rVlUDOM8qbYuAg+80xit6uaqGOTxZcw8h4LgTlTervviN
1A==
-----END CERTIFICATE-----
Generated at Sat Jul 26 07:39:39 2025 by rpki-client