Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/SBa7BiJFT-mIs1J1piv1ATsLy8Y.roa
File: SBa7BiJFT-mIs1J1piv1ATsLy8Y.roa (raw, json)
Hash identifier: IPgzHNDHbety+MkOooZgTafgMRF/usWyWiKxf6WdA3E=
Subject key identifier: 48:16:BB:06:22:45:4F:E9:88:B3:52:75:A6:2B:F5:01:3B:0B:CB:C6
Certificate issuer: /CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Certificate serial: 01973F7761C093877E38936CD3881E8E47BD
Authority key identifier: CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/SBa7BiJFT-mIs1J1piv1ATsLy8Y.roa
Signing time: Thu 05 Jun 2025 09:41:17 +0000
ROA not before: Thu 05 Jun 2025 09:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201089
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
193.58.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 00:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:77:61:c0:93:87:7e:38:93:6c:d3:88:1e:8e:47:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Validity
Not Before: Jun 5 09:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4816bb0622454fe988b35275a62bf5013b0bcbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:66:96:21:c3:7d:d1:12:4b:bf:a2:69:6c:
33:d4:e3:6a:e4:00:4c:72:2d:62:8f:1a:3b:4f:98:
3e:86:8a:e9:3d:b9:9c:a6:c8:ad:3e:f2:ae:49:2e:
80:65:1c:51:01:7c:f8:52:ed:ca:d5:9a:b5:93:c8:
28:99:72:1a:3e:91:39:17:c0:79:22:ae:39:a5:34:
7d:e8:e6:84:29:cb:b5:a6:7d:c6:dd:05:7e:54:ab:
ba:84:20:81:9f:9c:d9:77:1d:bc:12:af:64:c5:ab:
90:67:5a:54:c7:e9:32:97:e3:bf:3d:ed:5b:71:fb:
24:09:32:6c:33:73:a1:11:c6:16:76:bc:0c:82:fc:
68:4d:ff:32:0d:37:70:77:df:29:12:60:67:2c:7d:
32:96:07:d6:91:46:92:ea:ec:f3:ec:59:16:cd:94:
71:33:01:3e:54:6c:e8:c4:14:3a:63:f0:81:8d:39:
08:ba:45:75:61:5f:ce:ca:0b:ec:fe:d7:e6:5d:ab:
0a:09:b5:61:4f:d9:7d:71:9d:11:9c:07:9a:02:db:
cd:50:5e:9a:f6:9f:4c:22:5d:23:10:bd:ea:2e:dc:
fa:60:33:2a:77:1e:86:86:1f:e1:a9:ff:24:bd:71:
77:b2:35:92:d9:33:7c:06:39:a0:f8:26:0f:46:fd:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:16:BB:06:22:45:4F:E9:88:B3:52:75:A6:2B:F5:01:3B:0B:CB:C6
X509v3 Authority Key Identifier:
keyid:CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/SBa7BiJFT-mIs1J1piv1ATsLy8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/24
185.124.150.0/23
193.58.117.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:4e:f3:19:33:b2:cc:ff:49:20:cd:76:aa:08:41:2c:ba:77:
72:47:94:22:ed:15:01:be:b3:0a:d5:cc:07:a8:23:dc:52:c1:
0e:55:c6:f5:ae:70:98:51:92:de:70:ac:05:c3:7f:76:67:81:
57:7d:30:f2:35:4f:3f:52:ae:04:f9:c0:ef:bb:b0:ce:45:c0:
c3:ce:7a:89:29:40:6a:19:85:41:14:fa:86:97:f6:bd:24:a8:
fb:6f:b3:4f:a6:60:6a:0a:15:c8:10:7b:ce:f8:95:d9:dc:eb:
b5:f4:5f:37:71:ff:53:4a:af:e3:b9:a2:f8:29:9a:4f:fe:08:
8d:ac:9f:41:7b:f6:2a:df:3b:7f:a5:54:37:e9:db:8a:97:73:
f1:9d:0a:4d:07:b5:0d:03:db:4e:a1:42:5e:37:cf:9b:23:19:
e7:11:71:ef:ae:27:03:4f:f9:50:3a:25:f8:1d:d5:ea:4a:de:
5e:c8:30:c6:b9:08:c9:b8:9f:d3:da:14:b6:f6:0d:4a:60:5c:
b1:9e:2c:a3:55:58:ce:a5:d2:f5:8b:e4:a6:61:2e:46:9a:ab:
af:ca:a9:94:eb:41:79:69:0e:67:6d:0b:2e:65:9e:6f:22:43:
d8:9e:db:dd:17:40:de:f5:8c:01:15:1e:20:ac:3f:d9:e2:ac:
4f:45:e7:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZc/d2HAk4d+OJNs04gejke9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlN2NhY2ZhNzM1Y2VlYWZkZDJhMjE0YzA5ZWU3MjQ2OTQy
NTI1MGUwHhcNMjUwNjA1MDk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODE2YmIwNjIyNDU0ZmU5ODhiMzUyNzVhNjJiZjUwMTNiMGJjYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaFmliHDfdESS7+iaWwz1ONq5ABM
ci1ijxo7T5g+horpPbmcpsitPvKuSS6AZRxRAXz4Uu3K1Zq1k8gomXIaPpE5F8B5
Iq45pTR96OaEKcu1pn3G3QV+VKu6hCCBn5zZdx28Eq9kxauQZ1pUx+kyl+O/Pe1b
cfskCTJsM3OhEcYWdrwMgvxoTf8yDTdwd98pEmBnLH0ylgfWkUaS6uzz7FkWzZRx
MwE+VGzoxBQ6Y/CBjTkIukV1YV/Oygvs/tfmXasKCbVhT9l9cZ0RnAeaAtvNUF6a
9p9MIl0jEL3qLtz6YDMqdx6Ghh/hqf8kvXF3sjWS2TN8Bjmg+CYPRv0+ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEgWuwYiRU/piLNSdaYr9QE7C8vGMB8GA1UdIwQY
MBaAFM58rPpzXO6v3SohTAnuckaUJSUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYt
Yjg0ZWRhMmU4NDZhLzEvU0JhN0JpSkZULW1JczFKMXBpdjFBVHNMeThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYtYjg0ZWRhMmU4NDZh
LzEvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuXyUAwQB
uXyWAwQAwTp1MA0GCSqGSIb3DQEBCwUAA4IBAQBcTvMZM7LM/0kgzXaqCEEsundy
R5Qi7RUBvrMK1cwHqCPcUsEOVcb1rnCYUZLecKwFw392Z4FXfTDyNU8/Uq4E+cDv
u7DORcDDznqJKUBqGYVBFPqGl/a9JKj7b7NPpmBqChXIEHvO+JXZ3Ou19F83cf9T
Sq/juaL4KZpP/giNrJ9Be/Yq3zt/pVQ36duKl3PxnQpNB7UNA9tOoUJeN8+bIxnn
EXHvricDT/lQOiX4HdXqSt5eyDDGuQjJuJ/T2hS29g1KYFyxniyjVVjOpdL1i+Sm
YS5GmquvyqmU60F5aQ5nbQsuZZ5vIkPYntvdF0De9YwBFR4grD/Z4qxPRedB
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:20:07 2025 by rpki-client