Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/enRlxHW6TcEze5rGWZI2gDfXCHE.roa
File: enRlxHW6TcEze5rGWZI2gDfXCHE.roa (raw, json)
Hash identifier: xU129rq7FUnm7ePypcr9hxj93/gj8+4MATOrtNcO+Ck=
Subject key identifier: 7A:74:65:C4:75:BA:4D:C1:33:7B:9A:C6:59:92:36:80:37:D7:08:71
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 0197D4D02EC9F7D0B93AD1ABC7E7491E0813
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/enRlxHW6TcEze5rGWZI2gDfXCHE.roa
Signing time: Fri 04 Jul 2025 09:41:42 +0000
ROA not before: Fri 04 Jul 2025 09:41:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.246.190.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:d0:2e:c9:f7:d0:b9:3a:d1:ab:c7:e7:49:1e:08:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Jul 4 09:41:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a7465c475ba4dc1337b9ac65992368037d70871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:6d:39:ee:7a:bd:ca:c8:61:75:ba:13:ce:
66:a2:1a:5b:30:20:12:60:e2:c0:98:67:71:c9:c7:
a0:30:3f:cb:86:75:62:11:50:16:bb:28:eb:de:9f:
21:d0:6a:be:ad:84:00:34:c9:c4:df:08:20:db:af:
7d:17:83:88:9a:aa:3e:fc:ad:10:f5:e2:ec:cb:e1:
3c:50:27:3a:b5:88:aa:84:8a:af:1e:f6:ae:77:48:
76:75:98:f7:15:e3:35:3e:05:c5:ff:75:4f:48:06:
88:31:9a:57:f0:4d:2d:75:e6:88:15:7f:e8:02:2c:
42:2e:ee:15:01:9f:7d:47:4b:83:09:1f:75:6c:69:
8f:57:1e:29:41:fb:95:46:ce:30:34:3d:20:75:d8:
08:98:22:92:64:12:bd:4e:ab:a2:e5:43:d7:42:d2:
9a:04:05:4b:23:18:12:e2:46:1b:3f:0c:0f:10:ee:
52:7a:f3:f7:4c:47:57:07:ef:7f:e9:3b:c2:65:c4:
4e:58:f4:ec:0c:20:32:30:d6:9d:a5:04:06:6c:4f:
88:77:59:57:50:b3:e8:8d:62:71:00:4c:de:a2:79:
c2:43:b6:98:d0:a0:7c:a6:29:e9:cc:dc:db:62:2f:
9e:63:5c:c4:43:08:42:ae:bc:49:6f:f0:35:02:8f:
b2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:74:65:C4:75:BA:4D:C1:33:7B:9A:C6:59:92:36:80:37:D7:08:71
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/enRlxHW6TcEze5rGWZI2gDfXCHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0-185.246.190.255
185.247.224.0-185.247.226.255
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
25:3c:bf:05:a5:f1:12:b4:4f:f8:97:c5:81:08:66:17:2d:19:
d7:8a:90:94:81:5d:1d:f7:4d:15:5d:57:90:3d:64:b6:f0:d7:
e4:d6:88:39:12:cc:0a:b0:17:8b:79:1b:10:fc:b6:0b:40:9d:
d9:9c:f4:c3:6e:bb:71:f9:a8:4f:e0:1f:de:3f:f2:0a:3c:ad:
c9:25:bb:5f:8f:22:72:5c:04:1c:2c:af:c9:08:bb:3d:ba:e6:
ea:54:34:69:01:17:66:c0:b3:b2:95:34:50:b7:a4:6a:fa:0b:
33:6b:a5:73:ef:00:53:f2:1f:82:a2:3a:95:b1:e6:c5:ea:e0:
3e:1f:3e:dd:a7:67:22:99:b3:cd:a6:b0:b0:1d:c9:59:a5:52:
e2:7e:17:66:d8:30:9f:22:95:68:74:8a:31:07:7f:44:e7:15:
80:0e:89:05:12:84:23:2d:4e:d9:61:91:9a:03:c4:14:6f:0c:
61:88:4e:cb:8a:b4:55:c5:89:15:b3:59:ba:12:af:77:db:c3:
3e:88:32:c1:06:e9:49:63:85:a5:a9:3e:e0:ab:9e:41:2a:f3:
4b:c2:d5:19:68:e0:b1:00:f4:de:ff:bb:fe:45:8a:57:d0:fa:
70:64:64:a4:80:dc:f9:a4:06:82:1f:ad:9a:94:41:b5:6f:71:
6b:24:56:a7
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZfU0C7J99C5OtGrx+dJHggTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjUwNzA0MDk0MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTc0NjVjNDc1YmE0ZGMxMzM3YjlhYzY1OTkyMzY4MDM3ZDcwODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzttOe56vcrIYXW6E85mohpbMCAS
YOLAmGdxycegMD/LhnViEVAWuyjr3p8h0Gq+rYQANMnE3wgg2699F4OImqo+/K0Q
9eLsy+E8UCc6tYiqhIqvHvaud0h2dZj3FeM1PgXF/3VPSAaIMZpX8E0tdeaIFX/o
AixCLu4VAZ99R0uDCR91bGmPVx4pQfuVRs4wND0gddgImCKSZBK9Tqui5UPXQtKa
BAVLIxgS4kYbPwwPEO5SevP3TEdXB+9/6TvCZcROWPTsDCAyMNadpQQGbE+Id1lX
ULPojWJxAEzeonnCQ7aY0KB8pinpzNzbYi+eY1zEQwhCrrxJb/A1Ao+yVQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHp0ZcR1uk3BM3uaxlmSNoA31whxMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvZW5SbHhIVzZUY0V6ZTVyR1daSTJnRGZYQ0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwTgQCAAEwSAMEACWcRAME
ASXkgAMEALkKRAMEArlkVDAMAwQDuZLoAwQAuZLqAwQCuaWoMAwDBAK59rwDBAC5
9r4wDAMEBbn34AMEALn34jAgBAIAAjAaMA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcA
AQAwDQYJKoZIhvcNAQELBQADggEBACU8vwWl8RK0T/iXxYEIZhctGdeKkJSBXR33
TRVdV5A9ZLbw1+TWiDkSzAqwF4t5GxD8tgtAndmc9MNuu3H5qE/gH94/8go8rckl
u1+PInJcBBwsr8kIuz265upUNGkBF2bAs7KVNFC3pGr6CzNrpXPvAFPyH4KiOpWx
5sXq4D4fPt2nZyKZs82msLAdyVmlUuJ+F2bYMJ8ilWh0ijEHf0TnFYAOiQUShCMt
TtlhkZoDxBRvDGGITsuKtFXFiRWzWboSr3fbwz6IMsEG6UljhaWpPuCrnkEq80vC
1Rlo4LEA9N7/u/5FilfQ+nBkZKSA3PmkBoIfrZqUQbVvcWskVqc=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:24:26 2025 by rpki-client