
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/diFCwaUovsaNblb7FcU1eaLNnEk.roa
File: diFCwaUovsaNblb7FcU1eaLNnEk.roa (raw, json)
Hash identifier: KOzCckAfpWtILk1IygKOd3SNVD4+Zto+vc5dE9aw9p0=
Subject key identifier: 76:21:42:C1:A5:28:BE:C6:8D:6E:56:FB:15:C5:35:79:A2:CD:9C:49
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0197C34B048AB8B05A8BF1BEC4C41C035E09
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/diFCwaUovsaNblb7FcU1eaLNnEk.roa
Signing time: Tue 01 Jul 2025 00:02:42 +0000
ROA not before: Tue 01 Jul 2025 00:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134176
IP address blocks: 185.190.81.0/24 maxlen: 24
194.49.108.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c3:4b:04:8a:b8:b0:5a:8b:f1:be:c4:c4:1c:03:5e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jul 1 00:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=762142c1a528bec68d6e56fb15c53579a2cd9c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:07:ad:a8:ba:1c:c5:6e:cb:d7:43:e9:d6:2d:
34:48:34:d3:15:3a:fb:d6:58:6e:b8:ef:1c:bf:99:
c2:88:0e:dd:1a:16:43:e7:94:6e:53:39:3a:20:14:
87:b5:ad:d3:66:1d:80:6b:4d:59:20:db:5e:f7:e1:
d8:0a:75:68:b4:95:f5:0d:34:fa:8c:38:0f:af:ae:
52:2b:6e:69:25:a9:cc:8f:cf:37:fe:8d:c0:e6:02:
3f:f0:dd:84:3a:91:ee:a9:29:92:0c:84:15:6b:7d:
3c:02:1a:bd:ac:cb:53:e2:e5:3e:20:18:02:06:2b:
e9:88:33:fc:7b:4c:38:7f:69:40:e8:ab:dc:0f:9e:
3b:d2:96:81:ee:45:a0:71:a2:e1:35:2c:28:fb:70:
41:3e:f0:96:e3:42:df:1b:6f:c6:95:35:fe:55:12:
b8:d9:31:d9:16:5e:b6:6c:ec:72:6a:07:8c:28:90:
77:05:c9:ee:5a:5d:21:ef:27:cc:85:fb:b6:a3:ed:
0f:ca:e5:b8:83:93:17:26:b1:be:d8:6c:3d:ea:a8:
89:37:71:23:37:55:b9:57:71:c9:69:2b:52:1e:30:
35:67:58:a6:49:f7:c1:f3:77:81:73:43:b3:b9:57:
f9:de:5f:fa:4b:3e:4e:87:81:84:32:e5:11:e5:9a:
72:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:21:42:C1:A5:28:BE:C6:8D:6E:56:FB:15:C5:35:79:A2:CD:9C:49
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/diFCwaUovsaNblb7FcU1eaLNnEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.81.0/24
194.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
54:7b:b2:62:ef:81:fb:f1:b5:b0:5f:88:c5:d9:55:8c:67:0d:
b7:1d:4e:24:df:f1:09:71:d4:09:96:17:12:3e:17:93:60:2c:
96:6c:59:28:57:ac:ce:d3:07:df:d6:10:5e:36:38:b5:79:06:
fc:2e:33:d1:bd:12:b3:79:ff:f7:bc:52:b4:71:92:cf:5d:82:
6c:aa:de:3b:71:69:47:d7:ec:96:cd:9d:4b:1a:0f:69:ec:39:
7f:44:00:7d:23:12:b9:33:77:d8:6c:9c:6c:f4:97:54:c6:a2:
fd:8d:63:5e:83:97:73:23:9e:a3:c0:36:72:b5:2a:ae:05:36:
1e:5b:16:57:d3:eb:c7:a1:80:53:de:0d:1a:20:55:c7:b3:32:
96:b0:b9:3d:d3:ef:c3:88:db:74:43:b8:b1:07:a4:36:e1:25:
1b:1e:2a:ab:f7:3f:d1:cd:62:b3:98:67:c7:fa:1c:7f:de:98:
9e:bb:af:24:88:39:a3:a7:c4:6b:7b:fe:15:e9:a4:65:1d:49:
2e:22:30:1d:89:a0:47:74:29:f6:7f:90:a5:66:a3:b8:bf:eb:
23:59:cd:fa:d6:f0:93:05:ce:aa:29:59:54:63:0e:c8:69:41:
49:7f:ca:d3:76:86:e4:e3:2a:de:31:e3:8c:c6:c3:cf:a6:8a:
ff:4e:b8:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfDSwSKuLBai/G+xMQcA14JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNzAxMDAwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIxNDJjMWE1MjhiZWM2OGQ2ZTU2ZmIxNWM1MzU3OWEyY2Q5YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AetqLocxW7L10Pp1i00SDTTFTr7
1lhuuO8cv5nCiA7dGhZD55RuUzk6IBSHta3TZh2Aa01ZINte9+HYCnVotJX1DTT6
jDgPr65SK25pJanMj883/o3A5gI/8N2EOpHuqSmSDIQVa308Ahq9rMtT4uU+IBgC
BivpiDP8e0w4f2lA6KvcD5470paB7kWgcaLhNSwo+3BBPvCW40LfG2/GlTX+VRK4
2THZFl62bOxyageMKJB3BcnuWl0h7yfMhfu2o+0PyuW4g5MXJrG+2Gw96qiJN3Ej
N1W5V3HJaStSHjA1Z1imSffB83eBc0OzuVf53l/6Sz5Oh4GEMuUR5ZpytQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYhQsGlKL7GjW5W+xXFNXmizZxJMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZGlGQ3dhVW92c2FOYmxiN0ZjVTFlYUxObkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub5RAwQA
wjFsMA0GCSqGSIb3DQEBCwUAA4IBAQBUe7Ji74H78bWwX4jF2VWMZw23HU4k3/EJ
cdQJlhcSPheTYCyWbFkoV6zO0wff1hBeNji1eQb8LjPRvRKzef/3vFK0cZLPXYJs
qt47cWlH1+yWzZ1LGg9p7Dl/RAB9IxK5M3fYbJxs9JdUxqL9jWNeg5dzI56jwDZy
tSquBTYeWxZX0+vHoYBT3g0aIFXHszKWsLk90+/DiNt0Q7ixB6Q24SUbHiqr9z/R
zWKzmGfH+hx/3pieu68kiDmjp8Rre/4V6aRlHUkuIjAdiaBHdCn2f5ClZqO4v+sj
Wc361vCTBc6qKVlUYw7IaUFJf8rTdobk4yreMeOMxsPPpor/TrgS
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:12:20 2025 by rpki-client