Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/N75Q0uiaGqKgGJ2k7yeqIONc8k0.roa
File: N75Q0uiaGqKgGJ2k7yeqIONc8k0.roa (raw, json)
Hash identifier: Q63lKGUZoNUeD8FAv4eG2ZAxCKPCbVbyxrGYOjEepus=
Subject key identifier: 37:BE:50:D2:E8:9A:1A:A2:A0:18:9D:A4:EF:27:AA:20:E3:5C:F2:4D
Certificate issuer: /CN=b07fafdb86d38f37bf0c26d3f2731fdef6b14e4a
Certificate serial: 0197D5A929121D1F99974F09C32AAB06305C
Authority key identifier: B0:7F:AF:DB:86:D3:8F:37:BF:0C:26:D3:F2:73:1F:DE:F6:B1:4E:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/N75Q0uiaGqKgGJ2k7yeqIONc8k0.roa
Signing time: Fri 04 Jul 2025 13:38:42 +0000
ROA not before: Fri 04 Jul 2025 13:38:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60550
IP address blocks: 185.37.238.0/24 maxlen: 24
194.124.204.0/22 maxlen: 24
194.124.204.0/24 maxlen: 24
194.124.205.0/24 maxlen: 24
195.180.152.0/22 maxlen: 24
2a13:b240::/29 maxlen: 36
2a13:b240::/48 maxlen: 48
2a13:b240:1000::/36 maxlen: 36
2a13:b240:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.mft
rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d5:a9:29:12:1d:1f:99:97:4f:09:c3:2a:ab:06:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07fafdb86d38f37bf0c26d3f2731fdef6b14e4a
Validity
Not Before: Jul 4 13:38:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37be50d2e89a1aa2a0189da4ef27aa20e35cf24d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:cb:6d:11:0e:ee:85:68:e3:18:0e:63:bf:
4d:35:28:1a:c0:47:24:75:c4:fa:fe:dd:6c:13:6e:
91:05:3d:e8:34:d1:46:60:0f:d9:14:57:26:6e:5a:
b1:2f:ed:e2:86:47:44:df:29:55:85:f6:91:9d:9b:
cd:69:1d:44:0e:5b:3b:33:e9:07:34:23:ac:db:4e:
d3:ad:b8:06:66:95:0a:d4:88:f6:e6:a4:e1:07:9b:
61:30:72:57:19:67:1b:99:12:05:ff:d8:14:e2:d1:
6d:0a:e9:ea:17:bf:10:91:dd:15:dc:cb:eb:ca:97:
48:9f:90:21:75:89:da:4a:02:95:2b:de:7e:52:81:
b5:41:41:10:9e:e3:6c:2a:41:31:b4:62:c4:b7:50:
32:2b:9e:c7:6f:fb:e9:5f:44:72:39:51:e5:70:6a:
f1:ef:f0:fe:a2:89:cd:64:6b:2c:f4:a2:7c:df:e5:
be:05:8b:bf:11:6a:61:b3:e6:48:7e:f1:c3:0b:86:
cd:3a:ac:2e:2e:97:35:a1:44:d1:c3:21:84:3c:08:
a0:fd:0e:62:c8:31:d5:bf:7d:11:d9:c1:8e:7f:79:
34:06:a0:4c:3f:73:b8:fa:b8:00:9e:82:92:8a:5f:
3d:45:40:70:65:d9:fc:ac:52:33:03:69:21:e2:71:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BE:50:D2:E8:9A:1A:A2:A0:18:9D:A4:EF:27:AA:20:E3:5C:F2:4D
X509v3 Authority Key Identifier:
keyid:B0:7F:AF:DB:86:D3:8F:37:BF:0C:26:D3:F2:73:1F:DE:F6:B1:4E:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sH-v24bTjze_DCbT8nMf3vaxTko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/N75Q0uiaGqKgGJ2k7yeqIONc8k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d6d263-29f9-4613-bb7d-4938b8d0c3de/1/sH-v24bTjze_DCbT8nMf3vaxTko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.238.0/24
194.124.204.0/22
195.180.152.0/22
IPv6:
2a13:b240::/29
Signature Algorithm: sha256WithRSAEncryption
8b:af:3b:ad:5d:51:2c:7d:df:a4:e4:58:b8:bb:f1:12:8f:37:
95:44:a0:bd:e5:ee:39:4b:4d:69:c9:71:11:10:ac:1f:a0:25:
6e:5e:62:1f:84:5f:5f:dd:b5:39:06:8b:e6:37:5a:93:29:b5:
3c:12:ac:d8:7a:98:b7:09:74:64:d8:69:10:85:93:61:aa:21:
3b:08:ec:7f:e5:eb:48:1d:4d:35:77:af:5d:72:ac:11:bc:6e:
5c:85:b7:92:42:1d:97:6d:90:56:e1:cd:2b:bd:5b:82:48:11:
2b:aa:a0:df:dd:4a:87:5b:35:5a:66:37:ce:87:48:99:3e:d0:
0e:71:40:4d:e4:d4:0c:0b:da:ff:17:3c:4b:2e:ca:56:e1:e4:
01:51:91:c0:82:93:d7:d0:50:d7:48:7b:74:f9:79:e2:f7:8d:
53:b8:55:fc:14:f1:58:9a:41:6e:c4:55:d6:24:48:51:42:a3:
24:4e:c0:26:d7:07:a9:78:11:6f:73:37:17:31:0a:75:a5:7b:
f8:c5:76:33:e3:4c:3f:3a:cd:56:e3:97:62:ea:cf:32:22:3d:
d8:02:99:bc:fb:83:ab:57:ff:25:4e:e0:78:bd:b6:94:80:0c:
fa:01:9c:70:23:4c:e8:26:9f:50:a9:b3:b4:3c:ac:a9:00:c0:
6f:1b:13:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZfVqSkSHR+Zl08JwyqrBjBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2ZhZmRiODZkMzhmMzdiZjBjMjZkM2YyNzMxZmRlZjZi
MTRlNGEwHhcNMjUwNzA0MTMzODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JlNTBkMmU4OWExYWEyYTAxODlkYTRlZjI3YWEyMGUzNWNmMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C3LbREO7oVo4xgOY79NNSgawEck
dcT6/t1sE26RBT3oNNFGYA/ZFFcmblqxL+3ihkdE3ylVhfaRnZvNaR1EDls7M+kH
NCOs207TrbgGZpUK1Ij25qThB5thMHJXGWcbmRIF/9gU4tFtCunqF78Qkd0V3Mvr
ypdIn5AhdYnaSgKVK95+UoG1QUEQnuNsKkExtGLEt1AyK57Hb/vpX0RyOVHlcGrx
7/D+oonNZGss9KJ83+W+BYu/EWphs+ZIfvHDC4bNOqwuLpc1oUTRwyGEPAig/Q5i
yDHVv30R2cGOf3k0BqBMP3O4+rgAnoKSil89RUBwZdn8rFIzA2kh4nHKgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDe+UNLomhqioBidpO8nqiDjXPJNMB8GA1UdIwQY
MBaAFLB/r9uG0483vwwm0/JzH972sU5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0gtdjI0YlRqemVfRENiVDhuTWYzdmF4VGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNmQyNjMtMjlmOS00NjEzLWJiN2Qt
NDkzOGI4ZDBjM2RlLzEvTjc1UTB1aWFHcUtnR0oyazd5ZXFJT05jOGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kNmQyNjMtMjlmOS00NjEzLWJiN2QtNDkzOGI4ZDBjM2Rl
LzEvc0gtdjI0YlRqemVfRENiVDhuTWYzdmF4VGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuSXuAwQC
wnzMAwQCw7SYMA0EAgACMAcDBQMqE7JAMA0GCSqGSIb3DQEBCwUAA4IBAQCLrzut
XVEsfd+k5Fi4u/ESjzeVRKC95e45S01pyXEREKwfoCVuXmIfhF9f3bU5BovmN1qT
KbU8EqzYepi3CXRk2GkQhZNhqiE7COx/5etIHU01d69dcqwRvG5chbeSQh2XbZBW
4c0rvVuCSBErqqDf3UqHWzVaZjfOh0iZPtAOcUBN5NQMC9r/FzxLLspW4eQBUZHA
gpPX0FDXSHt0+Xni941TuFX8FPFYmkFuxFXWJEhRQqMkTsAm1wepeBFvczcXMQp1
pXv4xXYz40w/Os1W45di6s8yIj3YApm8+4OrV/8lTuB4vbaUgAz6AZxwI0zoJp9Q
qbO0PKypAMBvGxM2
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:37:54 2025 by rpki-client