Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/Evhx8vR75Jiq-qrj6flNEtEJHFs.roa
File: Evhx8vR75Jiq-qrj6flNEtEJHFs.roa (raw, json)
Hash identifier: oqLCbjYtE1YxW2jkv9rK/O4Tv5MNkL0h46xLNff1UJQ=
Subject key identifier: 12:F8:71:F2:F4:7B:E4:98:AA:FA:AA:E3:E9:F9:4D:12:D1:09:1C:5B
Certificate issuer: /CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Certificate serial: 0198E0CCA38F6C76ED98B2B5624755E9E8F0
Authority key identifier: 7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/Evhx8vR75Jiq-qrj6flNEtEJHFs.roa
Signing time: Mon 25 Aug 2025 10:36:04 +0000
ROA not before: Mon 25 Aug 2025 10:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57204
IP address blocks: 185.83.108.0/23 maxlen: 23
2a05:9a80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:cc:a3:8f:6c:76:ed:98:b2:b5:62:47:55:e9:e8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Validity
Not Before: Aug 25 10:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12f871f2f47be498aafaaae3e9f94d12d1091c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c1:85:1a:88:6b:8c:56:f0:dc:14:3d:2d:87:
28:09:f6:f3:5d:3f:db:e6:85:07:43:43:ba:35:26:
05:bf:e2:f6:59:ed:ed:5a:c2:b5:98:2c:d1:51:c6:
d8:53:e4:14:67:4d:a2:ee:c7:a9:43:ca:c0:48:6c:
5c:a9:94:3d:4b:2b:6a:72:bd:6c:6c:ac:31:be:3d:
36:a2:cc:06:dd:ca:59:da:1a:ea:92:9f:78:79:c8:
00:90:7b:21:c9:7c:98:ff:3f:44:d1:22:b6:4a:3c:
99:b0:ce:21:44:18:d0:1e:6c:f6:fe:b7:a9:12:55:
fc:5b:bb:52:45:fe:51:75:45:86:a1:f9:51:59:f0:
b0:80:d4:d6:51:9f:3b:32:b0:56:88:18:05:6e:1a:
86:7d:04:c0:31:c7:5c:fb:b0:bd:a0:a2:cf:62:4a:
82:df:35:f8:2e:fc:1e:f2:2e:05:01:83:7b:ef:1b:
8b:8f:0f:6b:28:34:f1:a5:56:3f:ae:2f:e9:03:04:
40:d8:57:cf:8e:81:3f:3e:aa:76:eb:10:4d:af:25:
18:9b:76:f6:65:54:11:6b:91:e8:18:8b:39:08:38:
b8:da:cd:8d:b9:00:55:51:90:17:31:70:02:b2:45:
d1:8b:f5:61:26:3d:44:bf:5b:cf:45:44:5b:eb:03:
4c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F8:71:F2:F4:7B:E4:98:AA:FA:AA:E3:E9:F9:4D:12:D1:09:1C:5B
X509v3 Authority Key Identifier:
keyid:7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/Evhx8vR75Jiq-qrj6flNEtEJHFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.108.0/23
IPv6:
2a05:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
68:bc:a1:ac:01:28:8c:93:d3:a1:21:05:6b:1f:6b:b2:59:81:
6f:e7:7f:f1:0b:2a:b4:bf:ef:32:af:2d:f2:b4:b8:25:0c:55:
dc:0d:e2:92:1a:0e:84:4b:1d:cb:5e:21:c9:94:75:ea:c7:64:
39:ac:96:20:b2:fb:fe:9f:60:0d:39:c9:53:97:0d:fa:aa:d0:
01:4e:34:97:15:48:52:f0:cf:05:1a:f1:a5:f4:62:bb:a3:3c:
30:78:4d:55:0d:91:50:58:c2:6b:66:6d:6f:14:7b:a4:c0:84:
0e:8d:fc:87:27:d0:93:30:39:38:7c:a7:9a:c8:16:e5:ad:65:
af:52:5d:16:da:3d:b6:a8:ae:b2:4f:2b:8c:57:d8:57:c1:d2:
e9:da:05:c5:e8:bb:a9:c9:d8:5c:3a:49:04:38:cc:f0:63:2c:
53:52:53:b6:cd:ae:30:ce:c4:3b:b8:19:52:e0:ef:2e:b9:d1:
1e:1f:e2:39:21:89:7a:ec:da:0e:8b:db:8f:7f:28:6e:53:e3:
d2:53:27:ae:f8:9f:23:3c:e3:8c:ca:e0:09:5a:3b:63:e1:18:
09:72:bd:18:d4:46:ac:a7:f7:af:ce:b5:de:3d:09:34:9d:4f:
b1:55:eb:b3:57:00:f0:0c:9f:6c:d3:de:5c:ce:2f:77:e7:52:
22:84:1a:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZjgzKOPbHbtmLK1YkdV6ejwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODhkNGE0YWIxOGE1OWI2NjRkYWJhZmRiMzg4MGRjMzVi
MjJiOTEwHhcNMjUwODI1MTAzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmY4NzFmMmY0N2JlNDk4YWFmYWFhZTNlOWY5NGQxMmQxMDkxYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcGFGohrjFbw3BQ9LYcoCfbzXT/b
5oUHQ0O6NSYFv+L2We3tWsK1mCzRUcbYU+QUZ02i7sepQ8rASGxcqZQ9Sytqcr1s
bKwxvj02oswG3cpZ2hrqkp94ecgAkHshyXyY/z9E0SK2SjyZsM4hRBjQHmz2/rep
ElX8W7tSRf5RdUWGoflRWfCwgNTWUZ87MrBWiBgFbhqGfQTAMcdc+7C9oKLPYkqC
3zX4Lvwe8i4FAYN77xuLjw9rKDTxpVY/ri/pAwRA2FfPjoE/Pqp26xBNryUYm3b2
ZVQRa5HoGIs5CDi42s2NuQBVUZAXMXACskXRi/VhJj1Ev1vPRURb6wNMswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBL4cfL0e+SYqvqq4+n5TRLRCRxbMB8GA1UdIwQY
MBaAFHuI1KSrGKWbZk2rr9s4gNw1siuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMt
NzQzNzY1YmQwZjNlLzEvRXZoeDh2Ujc1SmlxLXFyajZmbE5FdEVKSEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMtNzQzNzY1YmQwZjNl
LzEvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuVNsMA0E
AgACMAcDBQMqBZqAMA0GCSqGSIb3DQEBCwUAA4IBAQBovKGsASiMk9OhIQVrH2uy
WYFv53/xCyq0v+8yry3ytLglDFXcDeKSGg6ESx3LXiHJlHXqx2Q5rJYgsvv+n2AN
OclTlw36qtABTjSXFUhS8M8FGvGl9GK7ozwweE1VDZFQWMJrZm1vFHukwIQOjfyH
J9CTMDk4fKeayBblrWWvUl0W2j22qK6yTyuMV9hXwdLp2gXF6LupydhcOkkEOMzw
YyxTUlO2za4wzsQ7uBlS4O8uudEeH+I5IYl67NoOi9uPfyhuU+PSUyeu+J8jPOOM
yuAJWjtj4RgJcr0Y1Easp/evzrXePQk0nU+xVeuzVwDwDJ9s095czi9351IihBpR
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:38:04 2025 by rpki-client