Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoEbG_PbhhQjh06TY3LW6yws9u0.roa
File: yoEbG_PbhhQjh06TY3LW6yws9u0.roa (raw, json)
Hash identifier: nqbIGmdZZxfTXjm7FzwfNDVo7mEf8hrn35P3FaHJ6NQ=
Subject key identifier: CA:81:1B:1B:F3:DB:86:14:23:87:4E:93:63:72:D6:EB:2C:2C:F6:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01973A0BACAACE427A096DE6BE8EC956E588
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoEbG_PbhhQjh06TY3LW6yws9u0.roa
Signing time: Wed 04 Jun 2025 08:25:33 +0000
ROA not before: Wed 04 Jun 2025 08:25:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49418
IP address blocks: 185.218.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 08:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:0b:ac:aa:ce:42:7a:09:6d:e6:be:8e:c9:56:e5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 4 08:25:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca811b1bf3db861423874e936372d6eb2c2cf6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:bb:7e:1e:d4:a3:b5:cc:61:a9:aa:aa:6a:
78:1e:ea:e1:e3:67:ab:80:e8:b4:0b:58:82:0a:02:
48:15:64:14:b5:25:05:52:36:31:21:ae:50:21:f4:
16:ea:f7:32:95:0f:66:e2:df:f3:57:e6:8d:20:6e:
8b:70:33:fc:0e:f7:a9:b8:94:fa:93:8e:10:42:6b:
15:7f:d3:55:00:84:e1:b8:69:5a:7d:e3:2e:99:8e:
84:a1:52:a2:69:0c:6e:6c:0a:12:64:1e:a3:21:eb:
5a:eb:e9:61:a2:74:8c:22:22:a9:53:e0:0f:fb:f5:
15:5e:fa:34:f1:e5:4d:56:a4:d6:e8:3e:d6:d1:bf:
98:a6:58:c0:80:6e:fa:ac:dd:23:d8:b8:2f:7b:22:
af:2f:b2:4d:97:f3:07:8a:9c:c2:8a:7a:fb:e0:33:
8c:6e:eb:75:81:41:6a:fc:f6:f9:93:b3:21:d3:ef:
86:35:64:81:41:e1:77:e6:9b:89:5d:d7:89:4d:2d:
28:a1:f7:54:36:5c:32:bd:3d:a2:1d:7d:63:94:d5:
0e:b0:fc:2d:68:ed:f6:c8:f7:0a:59:4a:08:14:08:
a5:f8:a3:19:15:f7:27:a0:c3:67:c3:07:36:21:aa:
1f:66:5f:46:d6:34:d2:f6:5f:bd:9e:06:27:18:70:
4b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:81:1B:1B:F3:DB:86:14:23:87:4E:93:63:72:D6:EB:2C:2C:F6:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yoEbG_PbhhQjh06TY3LW6yws9u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:6b:ef:c0:ac:06:14:48:0b:ce:ac:1d:1f:d6:9a:c9:30:8f:
f9:dd:d4:fc:1e:58:fd:f1:5b:07:89:1b:f0:a0:6f:48:2c:5e:
98:bf:f4:7b:9e:c5:db:7d:f4:7c:ee:b2:b7:0f:47:0f:ce:5b:
b7:35:33:32:67:49:e1:0a:8d:c6:37:4d:59:2c:af:d5:71:8e:
d3:79:41:49:a9:90:0b:e2:7a:93:77:34:09:f9:15:7f:6b:9a:
62:6c:f0:9e:b8:cf:95:ba:95:4a:87:c7:09:b2:18:c2:48:c3:
31:73:32:90:48:99:54:b4:28:1f:9e:33:36:44:01:ce:80:85:
2a:58:9b:1d:c1:3d:1b:d8:6e:d9:be:2f:50:9e:04:ef:6b:3c:
16:40:84:d2:bf:38:eb:75:5a:84:3a:3d:a6:7b:5c:52:0d:f8:
12:00:0d:49:6c:28:2e:76:ec:d2:9d:92:52:d2:08:18:ac:8a:
ff:fa:48:b3:bf:55:32:c0:dc:fe:0c:7c:4d:a4:38:f0:98:00:
06:62:ac:90:07:c9:c7:b3:42:df:ff:33:ef:10:9b:27:2a:29:
3c:bc:27:58:cf:fd:00:34:fd:d3:62:8f:86:c6:7d:cf:cc:d8:
e8:41:52:d6:71:57:06:63:fd:24:0b:73:72:66:35:6e:a3:f4:
ca:a0:21:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc6C6yqzkJ6CW3mvo7JVuWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjA0MDgyNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgxMWIxYmYzZGI4NjE0MjM4NzRlOTM2MzcyZDZlYjJjMmNmNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8e7fh7Uo7XMYamqqmp4Hurh42er
gOi0C1iCCgJIFWQUtSUFUjYxIa5QIfQW6vcylQ9m4t/zV+aNIG6LcDP8DvepuJT6
k44QQmsVf9NVAIThuGlafeMumY6EoVKiaQxubAoSZB6jIeta6+lhonSMIiKpU+AP
+/UVXvo08eVNVqTW6D7W0b+YpljAgG76rN0j2LgveyKvL7JNl/MHipzCinr74DOM
but1gUFq/Pb5k7Mh0++GNWSBQeF35puJXdeJTS0oofdUNlwyvT2iHX1jlNUOsPwt
aO32yPcKWUoIFAil+KMZFfcnoMNnwwc2IaofZl9G1jTS9l+9ngYnGHBLBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqBGxvz24YUI4dOk2Ny1ussLPbtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveW9FYkdfUGJoaFFqaDA2VFkzTFc2eXdzOXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudqJMA0G
CSqGSIb3DQEBCwUAA4IBAQBta+/ArAYUSAvOrB0f1prJMI/53dT8Hlj98VsHiRvw
oG9ILF6Yv/R7nsXbffR87rK3D0cPzlu3NTMyZ0nhCo3GN01ZLK/VcY7TeUFJqZAL
4nqTdzQJ+RV/a5pibPCeuM+VupVKh8cJshjCSMMxczKQSJlUtCgfnjM2RAHOgIUq
WJsdwT0b2G7Zvi9QngTvazwWQITSvzjrdVqEOj2me1xSDfgSAA1JbCguduzSnZJS
0ggYrIr/+kizv1UywNz+DHxNpDjwmAAGYqyQB8nHs0Lf/zPvEJsnKik8vCdYz/0A
NP3TYo+Gxn3PzNjoQVLWcVcGY/0kC3NyZjVuo/TKoCGb
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:22:03 2025 by rpki-client