Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/rJW6voa1Wjy_FJWB-mYHdAKiSVs.roa
File: rJW6voa1Wjy_FJWB-mYHdAKiSVs.roa (raw, json)
Hash identifier: vjUPxR8jUNlJ30WRpjQpZExmSVG2787XG5OfBnV64ZQ=
Subject key identifier: AC:95:BA:BE:86:B5:5A:3C:BF:14:95:81:FA:66:07:74:02:A2:49:5B
Certificate issuer: /CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Certificate serial: 0196D53C7144ED3BA706B93B6E7DDD3A5BA5
Authority key identifier: 61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/rJW6voa1Wjy_FJWB-mYHdAKiSVs.roa
Signing time: Thu 15 May 2025 18:37:10 +0000
ROA not before: Thu 15 May 2025 18:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208427
IP address blocks: 185.231.244.0/24 maxlen: 24
185.231.245.0/24 maxlen: 24
185.231.246.0/23 maxlen: 23
194.147.114.0/24 maxlen: 24
2a0c:9300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d5:3c:71:44:ed:3b:a7:06:b9:3b:6e:7d:dd:3a:5b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Validity
Not Before: May 15 18:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac95babe86b55a3cbf149581fa66077402a2495b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:6a:d8:c0:c0:4c:4b:2b:d3:32:1b:93:56:
f0:91:f7:3b:67:a0:0b:37:d0:63:23:4b:a6:22:5d:
4d:cb:ea:c8:73:3f:ed:db:a2:c3:28:85:d5:ad:a4:
03:c0:4d:ab:41:b0:cd:e3:fa:0b:e3:21:05:d6:d3:
0c:86:3a:4d:c6:73:a1:c1:04:14:01:44:46:37:6b:
4f:91:77:0e:07:27:81:ae:ac:91:66:6f:93:0a:c7:
9d:8d:17:4a:84:a3:13:da:15:0b:96:54:ab:df:98:
44:74:30:42:41:a8:cd:4f:cf:5d:90:01:4a:92:83:
a0:0e:c9:95:c8:b0:10:88:aa:a2:02:5f:1d:52:e0:
5c:c3:87:5c:77:1b:76:e5:bf:a4:89:f5:d6:12:3d:
fa:1b:16:cd:00:6b:2e:f4:0c:f8:4f:f3:0e:ef:0e:
79:45:a2:cf:36:a2:bf:03:95:c9:cf:6b:c7:ff:5c:
c9:a5:78:fc:69:18:88:d3:bb:2c:51:7a:f0:9a:de:
a2:50:2f:c8:78:7d:72:b9:c7:d7:d8:a2:4a:29:2d:
01:f1:7d:a3:f9:85:86:07:d8:6e:0e:37:3c:c2:b0:
61:fe:45:83:fb:af:ca:54:17:53:d1:82:4b:57:bb:
85:e2:c5:09:e2:e7:80:3b:91:06:6e:21:38:d3:10:
57:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:95:BA:BE:86:B5:5A:3C:BF:14:95:81:FA:66:07:74:02:A2:49:5B
X509v3 Authority Key Identifier:
keyid:61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/rJW6voa1Wjy_FJWB-mYHdAKiSVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.244.0/22
194.147.114.0/24
IPv6:
2a0c:9300::/29
Signature Algorithm: sha256WithRSAEncryption
cf:64:48:1a:2e:bd:cb:07:35:a8:97:da:94:32:cd:ec:14:db:
5f:86:bd:e7:fd:6c:fc:fe:3a:80:40:9d:01:ef:dd:f5:3d:98:
1b:c0:66:41:9a:17:4a:2c:48:f7:81:6c:32:de:55:ae:59:92:
63:db:ed:00:b9:dd:71:c6:02:b3:70:ba:34:f5:37:48:5c:5f:
e8:4d:3d:d9:b9:6e:d6:89:56:83:b6:90:bb:5c:38:dd:ef:62:
b9:af:fa:7a:04:e2:05:1e:24:17:6a:5d:69:5f:89:28:2c:aa:
79:01:cd:8d:7f:16:20:b7:fe:c9:bb:4e:e1:a8:b6:8f:5d:ce:
fe:e5:97:b1:92:20:0c:2b:05:1f:d1:aa:c5:5d:0d:4f:10:d8:
2b:5a:8c:8c:f6:89:a5:86:be:41:71:00:d4:1c:9e:cc:07:55:
d1:c7:1e:1b:22:76:36:c3:f9:85:ea:be:1b:2a:6f:67:10:20:
e2:b4:5b:76:da:8c:d4:7d:cb:7b:56:c1:53:85:ca:26:74:e0:
1e:b0:99:1b:c9:68:7a:a8:c3:0e:5d:ed:dc:df:1a:a1:6a:b9:
95:b6:ef:0a:7d:18:5c:7f:a0:10:90:f9:d5:b5:23:dc:c5:6c:
e3:8b:8f:ea:0f:49:56:75:b3:9e:22:ef:e9:2d:60:1f:06:38:
51:64:e6:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbVPHFE7TunBrk7bn3dOlulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzVjMWY3YjcxNDBjODcyZTdmM2ZmMzQ2MmI0ZWRjNjMx
ZDc2NzQwHhcNMjUwNTE1MTgzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk1YmFiZTg2YjU1YTNjYmYxNDk1ODFmYTY2MDc3NDAyYTI0OTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRBq2MDATEsr0zIbk1bwkfc7Z6AL
N9BjI0umIl1Ny+rIcz/t26LDKIXVraQDwE2rQbDN4/oL4yEF1tMMhjpNxnOhwQQU
AURGN2tPkXcOByeBrqyRZm+TCsedjRdKhKMT2hULllSr35hEdDBCQajNT89dkAFK
koOgDsmVyLAQiKqiAl8dUuBcw4dcdxt25b+kifXWEj36GxbNAGsu9Az4T/MO7w55
RaLPNqK/A5XJz2vH/1zJpXj8aRiI07ssUXrwmt6iUC/IeH1yucfX2KJKKS0B8X2j
+YWGB9huDjc8wrBh/kWD+6/KVBdT0YJLV7uF4sUJ4ueAO5EGbiE40xBXVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKyVur6GtVo8vxSVgfpmB3QCoklbMB8GA1UdIwQY
MBaAFGE1wfe3FAyHLn8/80YrTtxjHXZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2Mt
ZTM3ODFkOGZlNzRjLzEvckpXNnZvYTFXanlfRkpXQi1tWUhkQUtpU1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2MtZTM3ODFkOGZlNzRj
LzEvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuef0AwQA
wpNyMA0EAgACMAcDBQMqDJMAMA0GCSqGSIb3DQEBCwUAA4IBAQDPZEgaLr3LBzWo
l9qUMs3sFNtfhr3n/Wz8/jqAQJ0B7931PZgbwGZBmhdKLEj3gWwy3lWuWZJj2+0A
ud1xxgKzcLo09TdIXF/oTT3ZuW7WiVaDtpC7XDjd72K5r/p6BOIFHiQXal1pX4ko
LKp5Ac2NfxYgt/7Ju07hqLaPXc7+5ZexkiAMKwUf0arFXQ1PENgrWoyM9omlhr5B
cQDUHJ7MB1XRxx4bInY2w/mF6r4bKm9nECDitFt22ozUfct7VsFThcomdOAesJkb
yWh6qMMOXe3c3xqharmVtu8KfRhcf6AQkPnVtSPcxWzji4/qD0lWdbOeIu/pLWAf
BjhRZOYT
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:50:09 2025 by rpki-client