Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/y2IPmXUvA-hOkWs492ksc-DWCKQ.roa
File: y2IPmXUvA-hOkWs492ksc-DWCKQ.roa (raw, json)
Hash identifier: qKtRuRd69clPPsqawIh09HUba2GRDePDsao1bLap4SI=
Subject key identifier: CB:62:0F:99:75:2F:03:E8:4E:91:6B:38:F7:69:2C:73:E0:D6:08:A4
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 01983770068AEF2F16C8542AC95D03B78866
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/y2IPmXUvA-hOkWs492ksc-DWCKQ.roa
Signing time: Wed 23 Jul 2025 13:19:04 +0000
ROA not before: Wed 23 Jul 2025 13:19:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22351
IP address blocks: 80.73.219.0/24 maxlen: 24
80.73.220.0/24 maxlen: 24
91.232.129.0/24 maxlen: 24
91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
91.232.235.0/24 maxlen: 24
185.87.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:70:06:8a:ef:2f:16:c8:54:2a:c9:5d:03:b7:88:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jul 23 13:19:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb620f99752f03e84e916b38f7692c73e0d608a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:dd:97:7a:68:eb:fe:2a:e1:8f:0e:ec:ce:
05:51:f8:32:42:ec:42:8e:0e:2b:e3:81:82:c2:16:
78:56:47:fd:69:48:aa:0d:f1:16:92:c2:18:17:5d:
32:09:2f:d1:6b:28:65:87:28:f6:4e:ec:49:41:2d:
7a:23:3e:71:db:34:44:30:6e:69:7f:50:cf:ad:7c:
b5:05:65:3c:54:ef:81:9d:69:7c:6f:f1:51:51:24:
cf:45:b6:57:7e:a3:2a:72:54:b3:4b:70:d5:16:a6:
04:9d:62:65:d7:25:6f:d3:95:bd:9e:65:03:fa:f1:
cf:33:f9:56:e8:11:61:f2:2c:d3:ae:43:87:01:24:
25:11:fb:9a:e0:35:26:d2:5a:c8:04:1c:bf:03:3f:
03:ac:45:e3:d7:c4:43:e2:5f:69:94:05:70:cc:0b:
c2:26:26:4f:30:b7:a6:d1:1e:fd:7e:ce:30:db:a4:
8c:34:1e:56:df:73:2d:8c:5a:ab:02:2d:49:c0:bd:
94:74:ba:61:0f:c5:97:0b:6b:65:b1:14:c3:32:ac:
8a:64:50:36:6e:20:5c:77:bb:81:77:91:4f:cc:c0:
5f:f0:5a:a8:ae:25:6c:83:ea:9b:da:7b:2e:73:30:
bd:a8:8a:c8:e2:f8:2d:67:c0:57:7c:3e:3b:34:68:
c0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:62:0F:99:75:2F:03:E8:4E:91:6B:38:F7:69:2C:73:E0:D6:08:A4
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/y2IPmXUvA-hOkWs492ksc-DWCKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.220.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
185.87.144.0/22
Signature Algorithm: sha256WithRSAEncryption
37:80:d3:70:a9:19:46:9b:43:34:51:0a:9f:98:5a:0e:3a:7c:
3c:2c:f1:4c:3e:21:16:06:0e:f5:bd:32:1e:9b:e6:cf:9e:22:
46:b6:10:76:d2:95:d2:1e:b4:7f:ee:78:b1:09:2e:76:f5:69:
b5:42:0b:31:32:5e:a8:c7:0c:66:6e:fb:6d:4d:42:b7:15:a7:
e5:e9:04:15:f5:b2:0a:7d:b7:0b:5d:f2:cb:9d:75:84:da:57:
e9:fe:66:63:c0:80:a6:ce:6f:e3:39:99:af:5b:01:46:37:82:
3b:2b:b0:48:4f:52:2f:26:35:c1:e3:52:f1:e9:74:ed:43:58:
b5:2c:f2:83:39:f4:75:f6:2d:a3:58:8e:06:56:fe:9a:09:7a:
4c:6f:dd:74:17:55:df:3d:12:5c:70:ff:56:3a:b0:8a:73:9e:
8d:de:40:67:19:71:05:4e:2d:2f:58:af:fb:86:3f:fd:6e:9d:
46:c7:4e:ec:f7:ab:0c:3a:58:6b:87:bf:77:39:6c:cf:f4:d7:
f8:6d:cb:7e:8d:b3:29:6b:db:56:1c:8a:31:50:e9:fd:dd:25:
e9:5a:28:09:f1:77:53:09:9b:d7:09:35:11:4d:e8:2f:50:83:
69:f2:d9:5c:39:3a:98:93:0b:5f:59:77:b4:cd:ca:0d:e6:f1:
de:b4:f4:31
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZg3cAaK7y8WyFQqyV0Dt4hmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjUwNzIzMTMxOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjYyMGY5OTc1MmYwM2U4NGU5MTZiMzhmNzY5MmM3M2UwZDYwOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSXdl3po6/4q4Y8O7M4FUfgyQuxC
jg4r44GCwhZ4Vkf9aUiqDfEWksIYF10yCS/Rayhlhyj2TuxJQS16Iz5x2zREMG5p
f1DPrXy1BWU8VO+BnWl8b/FRUSTPRbZXfqMqclSzS3DVFqYEnWJl1yVv05W9nmUD
+vHPM/lW6BFh8izTrkOHASQlEfua4DUm0lrIBBy/Az8DrEXj18RD4l9plAVwzAvC
JiZPMLem0R79fs4w26SMNB5W33MtjFqrAi1JwL2UdLphD8WXC2tlsRTDMqyKZFA2
biBcd7uBd5FPzMBf8FqoriVsg+qb2nsuczC9qIrI4vgtZ8BXfD47NGjA9QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMtiD5l1LwPoTpFrOPdpLHPg1gikMB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEveTJJUG1YVXZBLWhPa1dzNDkya3NjLURXQ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABQSdsD
BABQSdwDBABb6IEDBABb6MYDBABb6NADBABb6OsDBAK5V5AwDQYJKoZIhvcNAQEL
BQADggEBADeA03CpGUabQzRRCp+YWg46fDws8Uw+IRYGDvW9Mh6b5s+eIka2EHbS
ldIetH/ueLEJLnb1abVCCzEyXqjHDGZu+21NQrcVp+XpBBX1sgp9twtd8suddYTa
V+n+ZmPAgKbOb+M5ma9bAUY3gjsrsEhPUi8mNcHjUvHpdO1DWLUs8oM59HX2LaNY
jgZW/poJekxv3XQXVd89Elxw/1Y6sIpzno3eQGcZcQVOLS9Yr/uGP/1unUbHTuz3
qww6WGuHv3c5bM/01/hty36Nsylr21YcijFQ6f3dJelaKAnxd1MJm9cJNRFN6C9Q
g2ny2Vw5OpiTC19Zd7TNyg3m8d609DE=
-----END CERTIFICATE-----
Generated at Sat Jul 26 10:07:05 2025 by rpki-client