Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/61dF3wsP6zAa95yTPkmtbstVv7w.roa
File: 61dF3wsP6zAa95yTPkmtbstVv7w.roa (raw, json)
Hash identifier: HUlCkE98EdcSDLNFzfHE9ErtRbtZILyLm1BKTPRX6+o=
Subject key identifier: EB:57:45:DF:0B:0F:EB:30:1A:F7:9C:93:3E:49:AD:6E:CB:55:BF:BC
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 0197F9B4ED09C5131A61D3730EA0D21F85E4
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/61dF3wsP6zAa95yTPkmtbstVv7w.roa
Signing time: Fri 11 Jul 2025 13:37:53 +0000
ROA not before: Fri 11 Jul 2025 13:37:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58074
IP address blocks: 194.6.201.0/24 maxlen: 24
195.88.38.0/23 maxlen: 24
195.245.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:b4:ed:09:c5:13:1a:61:d3:73:0e:a0:d2:1f:85:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Jul 11 13:37:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb5745df0b0feb301af79c933e49ad6ecb55bfbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d0:fd:14:a9:00:d0:49:89:ea:f4:68:6a:a8:
ea:b2:30:3a:db:bb:45:2a:d2:d9:4e:b3:ad:92:be:
a7:f9:91:ef:36:e3:75:54:30:24:4d:73:41:7e:b0:
e4:c3:33:c5:7e:91:d5:73:7f:94:cf:52:33:30:ea:
47:2a:53:11:9a:3d:f8:85:af:1f:a1:e4:b1:ca:2a:
f3:58:b4:ef:00:10:11:f7:d8:e1:a0:85:7a:fc:50:
e6:31:66:3e:38:40:70:39:0c:c8:e7:f0:73:4e:e1:
29:6e:68:72:f1:3a:c9:28:60:bc:cd:fd:e3:8d:73:
ba:b4:88:4b:dc:4c:0a:c8:b3:7f:88:53:a2:ef:a3:
83:a3:5f:ae:13:c0:15:79:59:ac:99:ca:82:c1:2d:
86:a5:f1:05:5f:a0:2a:85:84:bb:95:a5:77:e5:20:
95:68:d9:3e:10:b6:b6:2b:69:47:0b:58:44:b5:99:
f8:7b:22:e3:9d:af:0b:4d:ff:f6:68:17:2a:7c:23:
99:13:c5:41:71:aa:0f:a0:12:90:2d:60:ed:9e:53:
be:5c:3e:e6:3f:bf:45:f6:7b:18:2e:69:7c:4f:fc:
41:92:7e:75:8b:fc:d2:1d:d5:57:62:56:c3:67:85:
bb:5a:e6:3c:04:ec:15:82:ed:f9:3e:d9:db:e4:6d:
52:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:57:45:DF:0B:0F:EB:30:1A:F7:9C:93:3E:49:AD:6E:CB:55:BF:BC
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/61dF3wsP6zAa95yTPkmtbstVv7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.201.0/24
195.88.38.0/23
195.245.82.0/24
Signature Algorithm: sha256WithRSAEncryption
44:fd:09:6f:e4:ad:7d:9c:79:8b:9f:b3:23:b2:58:b2:9e:d2:
30:2a:e5:80:77:a9:1d:c9:4a:e7:8d:49:f9:13:01:32:4f:58:
22:b4:06:8c:16:74:65:f1:b2:00:c2:19:9a:20:ec:e1:4a:72:
cd:18:8e:5c:46:42:40:7f:53:2a:6a:54:a3:a9:21:e3:91:85:
20:fb:dc:7e:14:bd:6c:be:18:de:96:6a:89:aa:bf:e5:88:48:
81:a7:33:6d:39:61:da:72:75:0e:4d:44:1c:05:69:ee:08:a1:
92:7c:be:52:dc:15:29:39:d8:b2:7a:62:f8:36:72:a7:3e:f2:
73:2e:16:39:c9:03:03:f4:be:fa:72:53:c6:18:e6:16:9c:0f:
a2:b7:cc:52:e1:2d:6a:8e:ff:64:64:93:50:92:be:73:ba:bb:
6b:c7:eb:81:63:42:17:f0:cb:19:cd:44:b0:07:76:40:3b:30:
8e:6a:63:70:52:d0:6d:87:c9:77:ee:ce:da:d2:1e:02:e7:e1:
69:46:96:ab:5e:fc:6b:a6:aa:fd:f3:8a:00:53:79:45:93:8d:
b9:eb:3d:a9:1a:6d:1d:bc:b8:b2:06:68:1e:c1:a7:4b:54:f5:
f4:07:34:07:69:92:af:84:cb:7f:0a:c7:bd:1f:c8:d4:f6:d4:
cd:dd:a8:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZf5tO0JxRMaYdNzDqDSH4XkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjUwNzExMTMzNzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU3NDVkZjBiMGZlYjMwMWFmNzljOTMzZTQ5YWQ2ZWNiNTViZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydD9FKkA0EmJ6vRoaqjqsjA627tF
KtLZTrOtkr6n+ZHvNuN1VDAkTXNBfrDkwzPFfpHVc3+Uz1IzMOpHKlMRmj34ha8f
oeSxyirzWLTvABAR99jhoIV6/FDmMWY+OEBwOQzI5/BzTuEpbmhy8TrJKGC8zf3j
jXO6tIhL3EwKyLN/iFOi76ODo1+uE8AVeVmsmcqCwS2GpfEFX6AqhYS7laV35SCV
aNk+ELa2K2lHC1hEtZn4eyLjna8LTf/2aBcqfCOZE8VBcaoPoBKQLWDtnlO+XD7m
P79F9nsYLml8T/xBkn51i/zSHdVXYlbDZ4W7WuY8BOwVgu35Ptnb5G1S0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOtXRd8LD+swGveckz5JrW7LVb+8MB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvNjFkRjN3c1A2ekFhOTV5VFBrbXRic3RWdjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgbJAwQB
w1gmAwQAw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQBE/Qlv5K19nHmLn7MjsliyntIw
KuWAd6kdyUrnjUn5EwEyT1gitAaMFnRl8bIAwhmaIOzhSnLNGI5cRkJAf1MqalSj
qSHjkYUg+9x+FL1svhjelmqJqr/liEiBpzNtOWHacnUOTUQcBWnuCKGSfL5S3BUp
OdiyemL4NnKnPvJzLhY5yQMD9L76clPGGOYWnA+it8xS4S1qjv9kZJNQkr5zurtr
x+uBY0IX8MsZzUSwB3ZAOzCOamNwUtBth8l37s7a0h4C5+FpRparXvxrpqr984oA
U3lFk4256z2pGm0dvLiyBmgewadLVPX0BzQHaZKvhMt/Cse9H8jU9tTN3agY
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:23:49 2025 by rpki-client