
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/DPh5nDPtcpqJ9naux6sZ9u0Dr1s.roa
File: DPh5nDPtcpqJ9naux6sZ9u0Dr1s.roa (raw, json)
Hash identifier: YTfkEG3kyAd2IQ6e7j/lkPx7FnYmaQ7XszGFKecXlqc=
Subject key identifier: 0C:F8:79:9C:33:ED:72:9A:89:F6:76:AE:C7:AB:19:F6:ED:03:AF:5B
Certificate issuer: /CN=656d33c5f16e3cdd960ae05c80d9f6f36fc553f2
Certificate serial: 0197F983B925E7CF4A06821E5C1FF6DBFE1F
Authority key identifier: 65:6D:33:C5:F1:6E:3C:DD:96:0A:E0:5C:80:D9:F6:F3:6F:C5:53:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZW0zxfFuPN2WCuBcgNn282_FU_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/DPh5nDPtcpqJ9naux6sZ9u0Dr1s.roa
Signing time: Fri 11 Jul 2025 12:44:08 +0000
ROA not before: Fri 11 Jul 2025 12:44:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.219.146.0/23 maxlen: 24
2a0a:640::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/ZW0zxfFuPN2WCuBcgNn282_FU_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/ZW0zxfFuPN2WCuBcgNn282_FU_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZW0zxfFuPN2WCuBcgNn282_FU_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:83:b9:25:e7:cf:4a:06:82:1e:5c:1f:f6:db:fe:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656d33c5f16e3cdd960ae05c80d9f6f36fc553f2
Validity
Not Before: Jul 11 12:44:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cf8799c33ed729a89f676aec7ab19f6ed03af5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:91:51:8c:20:5d:7c:aa:33:da:b5:51:ad:2c:
3e:a1:05:6b:fa:85:ec:c3:11:45:de:7b:77:cc:7c:
93:0e:76:92:76:4f:75:1e:be:65:4e:27:bd:e7:c6:
ed:3a:b3:88:7a:ea:51:4a:1a:99:de:1c:bc:a9:01:
1e:24:d1:6b:6f:0f:cb:63:d4:6d:44:5f:ed:31:99:
eb:a9:c8:8b:81:07:b7:17:e6:5b:b3:aa:f0:32:3b:
d4:f3:e1:05:dc:58:f6:2c:9b:f8:06:38:e6:49:04:
1a:06:b5:5e:52:44:fd:b3:a2:cd:d4:f7:01:e9:3c:
08:9c:b9:fd:6d:d0:94:8a:b7:a1:eb:b2:cf:84:4b:
e6:de:33:b1:0c:c7:ef:08:7b:b3:0e:37:d5:84:fd:
4b:72:97:fa:90:05:16:b6:b0:5c:66:74:c1:68:89:
40:8b:89:1c:66:57:aa:e3:ac:84:cf:28:c2:a9:a0:
39:de:a5:66:00:bc:c5:fc:e4:36:f8:4e:e7:4c:29:
76:15:9f:de:59:16:d2:07:63:ab:87:37:69:75:3d:
94:3e:2c:ee:47:8d:52:b9:23:0f:ae:13:67:f9:5f:
62:df:54:f0:ed:f8:ac:4c:0c:02:09:14:80:18:01:
be:bd:e7:8d:bb:2e:2f:6e:26:03:dc:72:fc:3c:9f:
b1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F8:79:9C:33:ED:72:9A:89:F6:76:AE:C7:AB:19:F6:ED:03:AF:5B
X509v3 Authority Key Identifier:
keyid:65:6D:33:C5:F1:6E:3C:DD:96:0A:E0:5C:80:D9:F6:F3:6F:C5:53:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZW0zxfFuPN2WCuBcgNn282_FU_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/DPh5nDPtcpqJ9naux6sZ9u0Dr1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7cc6ea-774a-4876-84f9-304d2191a4f3/1/ZW0zxfFuPN2WCuBcgNn282_FU_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.146.0/23
IPv6:
2a0a:640::/29
Signature Algorithm: sha256WithRSAEncryption
a2:30:25:6d:d5:07:95:86:63:93:f3:9e:3d:b0:d7:0b:10:4c:
c7:72:48:01:c8:fb:53:6e:60:82:17:a2:73:89:9b:b9:17:14:
89:90:81:85:ad:5b:f3:0c:75:cb:41:64:e7:28:1b:68:3f:e0:
5c:7d:bf:c2:92:19:6f:75:db:99:db:68:bd:9b:21:42:cf:ef:
96:27:1c:9f:7a:12:42:f1:fe:a5:f3:78:c7:f1:ff:a5:be:7e:
d1:8f:c8:45:00:74:f8:87:05:d7:06:26:a9:c8:09:f1:97:d1:
c5:d6:8b:9d:49:a7:d4:22:9b:a3:f5:66:07:73:bf:0d:fc:61:
94:4a:01:4c:f9:c9:24:56:02:9f:42:b9:65:29:6a:38:45:05:
a0:fa:2e:db:34:dc:37:d3:9e:b9:54:84:cd:b9:1f:e1:9d:dc:
7c:67:96:aa:a5:d8:b8:9c:b0:ac:b4:a4:17:30:4f:7a:77:10:
b2:fa:42:28:02:37:e2:9c:e5:c2:b0:f6:93:c9:7a:00:31:2e:
84:24:b9:28:47:48:a3:3f:54:a0:dd:75:eb:cd:49:b5:8d:38:
6e:dc:84:5c:36:63:d5:ce:ba:2f:48:eb:df:3e:f9:9f:b9:30:
01:77:f4:a2:09:58:22:58:d8:9e:e2:7a:b5:35:36:a9:43:c4:
b9:63:ff:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZf5g7kl589KBoIeXB/22/4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmQzM2M1ZjE2ZTNjZGQ5NjBhZTA1YzgwZDlmNmYzNmZj
NTUzZjIwHhcNMjUwNzExMTI0NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Y4Nzk5YzMzZWQ3MjlhODlmNjc2YWVjN2FiMTlmNmVkMDNhZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5FRjCBdfKoz2rVRrSw+oQVr+oXs
wxFF3nt3zHyTDnaSdk91Hr5lTie958btOrOIeupRShqZ3hy8qQEeJNFrbw/LY9Rt
RF/tMZnrqciLgQe3F+Zbs6rwMjvU8+EF3Fj2LJv4BjjmSQQaBrVeUkT9s6LN1PcB
6TwInLn9bdCUireh67LPhEvm3jOxDMfvCHuzDjfVhP1Lcpf6kAUWtrBcZnTBaIlA
i4kcZleq46yEzyjCqaA53qVmALzF/OQ2+E7nTCl2FZ/eWRbSB2OrhzdpdT2UPizu
R41SuSMPrhNn+V9i31Tw7fisTAwCCRSAGAG+veeNuy4vbiYD3HL8PJ+xMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAz4eZwz7XKaifZ2rserGfbtA69bMB8GA1UdIwQY
MBaAFGVtM8XxbjzdlgrgXIDZ9vNvxVPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlcwenhmRnVQTjJXQ3VCY2dObjI4Ml9GVV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83Y2M2ZWEtNzc0YS00ODc2LTg0Zjkt
MzA0ZDIxOTFhNGYzLzEvRFBoNW5EUHRjcHFKOW5hdXg2c1o5dTBEcjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83Y2M2ZWEtNzc0YS00ODc2LTg0ZjktMzA0ZDIxOTFhNGYz
LzEvWlcwenhmRnVQTjJXQ3VCY2dObjI4Ml9GVV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuduSMA0E
AgACMAcDBQMqCgZAMA0GCSqGSIb3DQEBCwUAA4IBAQCiMCVt1QeVhmOT8549sNcL
EEzHckgByPtTbmCCF6JziZu5FxSJkIGFrVvzDHXLQWTnKBtoP+Bcfb/CkhlvdduZ
22i9myFCz++WJxyfehJC8f6l83jH8f+lvn7Rj8hFAHT4hwXXBiapyAnxl9HF1oud
SafUIpuj9WYHc78N/GGUSgFM+ckkVgKfQrllKWo4RQWg+i7bNNw30565VITNuR/h
ndx8Z5aqpdi4nLCstKQXME96dxCy+kIoAjfinOXCsPaTyXoAMS6EJLkoR0ijP1Sg
3XXrzUm1jThu3IRcNmPVzrovSOvfPvmfuTABd/SiCVgiWNie4nq1NTapQ8S5Y//f
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:06:46 2025 by rpki-client