Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/sc8udg9_9BjpAiegt5AV7pG4jw8.roa
File: sc8udg9_9BjpAiegt5AV7pG4jw8.roa (raw, json)
Hash identifier: vIlTjaIPahwHAMNlXZybk5e0fp3A8PsoEw3U0/8WLXE=
Subject key identifier: B1:CF:2E:76:0F:7F:F4:18:E9:02:27:A0:B7:90:15:EE:91:B8:8F:0F
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01973FD2F163356BBE8E670462BF1D16492C
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/sc8udg9_9BjpAiegt5AV7pG4jw8.roa
Signing time: Thu 05 Jun 2025 11:21:18 +0000
ROA not before: Thu 05 Jun 2025 11:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.168.202.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:d2:f1:63:35:6b:be:8e:67:04:62:bf:1d:16:49:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jun 5 11:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1cf2e760f7ff418e90227a0b79015ee91b88f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:92:76:24:61:c2:09:a0:65:87:d3:72:99:b0:
89:25:be:7b:21:60:57:fc:50:b9:7e:a8:95:29:4b:
72:8b:71:ab:85:17:27:67:bd:e0:1e:24:18:61:f1:
f0:83:f0:57:90:3b:10:3e:4c:8e:9d:c6:f0:7c:de:
fc:c7:e4:8c:8f:f6:31:06:94:b5:a1:12:4a:de:04:
c4:23:af:74:c6:91:9d:35:78:70:75:0f:ff:8c:4a:
b1:99:08:cc:38:da:9d:f5:4e:e8:d0:bc:5a:76:a3:
de:d1:54:dc:57:7a:e4:4d:0d:ed:1f:af:13:e5:85:
2e:1f:02:22:43:77:0c:9f:f1:f1:10:ee:75:e3:20:
31:dc:4a:9b:f2:1e:39:72:eb:85:0d:4f:77:c8:d1:
15:38:6e:3d:5a:09:65:c2:7b:5e:91:d7:88:7d:07:
36:c0:06:c5:69:cf:18:49:64:c9:60:98:6e:5f:25:
95:a7:28:8d:80:cf:4a:75:7e:68:9c:b5:1f:25:38:
28:bb:70:43:98:e4:f0:11:9c:d7:60:7e:67:73:01:
7d:91:23:50:10:a2:bd:8b:ec:4b:b8:ee:f3:af:21:
6e:5e:ef:5e:22:91:92:a0:e5:5a:23:01:94:0d:7f:
e1:bd:38:87:a2:d6:18:39:d6:db:91:50:09:e9:19:
2f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CF:2E:76:0F:7F:F4:18:E9:02:27:A0:B7:90:15:EE:91:B8:8F:0F
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/sc8udg9_9BjpAiegt5AV7pG4jw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.202.0/23
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
43:cb:e1:59:28:00:1f:6e:d1:fc:00:bd:24:07:37:0d:6d:ec:
54:3e:77:c7:d0:c7:ea:d7:0f:02:6a:4d:35:6f:bb:24:3b:cd:
3a:01:d4:55:6f:1e:2f:98:4e:a1:24:39:b0:f2:03:22:32:b2:
9a:e3:55:c5:70:73:d4:b3:e4:d4:61:64:08:d7:e0:76:c8:73:
2d:dd:8d:36:ca:c3:29:33:5d:08:9d:84:af:37:8e:29:98:9f:
1e:f2:23:01:91:3c:7b:2a:bd:45:6a:a7:84:26:97:5a:d9:6f:
a7:6e:e3:76:4b:ce:a0:69:53:e2:a0:59:2b:a2:4f:4d:02:d1:
f4:f0:a8:c9:c6:cb:47:69:71:e2:fb:41:71:22:3d:d9:e6:9e:
7b:74:84:0f:6c:d9:9c:10:f2:6d:54:f7:9c:3f:b8:d2:7c:20:
a7:90:9f:55:22:59:c2:c4:56:3e:55:74:51:2d:61:97:f7:25:
64:d4:e8:b0:11:0f:d8:b8:d4:88:6d:d9:07:26:92:b2:f2:cc:
6b:ee:b0:75:8b:d1:14:b6:63:57:ee:47:a2:13:c5:38:6a:5b:
c6:b7:18:69:13:d2:89:1d:bd:b7:b4:91:3c:80:af:a3:69:16:
30:ef:28:48:a1:b7:30:a8:ad:74:b5:71:6c:a3:d8:30:8b:6c:
dc:ca:e2:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc/0vFjNWu+jmcEYr8dFkksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNjA1MTEyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWNmMmU3NjBmN2ZmNDE4ZTkwMjI3YTBiNzkwMTVlZTkxYjg4ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZJ2JGHCCaBlh9NymbCJJb57IWBX
/FC5fqiVKUtyi3GrhRcnZ73gHiQYYfHwg/BXkDsQPkyOncbwfN78x+SMj/YxBpS1
oRJK3gTEI690xpGdNXhwdQ//jEqxmQjMONqd9U7o0LxadqPe0VTcV3rkTQ3tH68T
5YUuHwIiQ3cMn/HxEO514yAx3Eqb8h45cuuFDU93yNEVOG49WgllwntekdeIfQc2
wAbFac8YSWTJYJhuXyWVpyiNgM9KdX5onLUfJTgou3BDmOTwEZzXYH5ncwF9kSNQ
EKK9i+xLuO7zryFuXu9eIpGSoOVaIwGUDX/hvTiHotYYOdbbkVAJ6RkvYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHPLnYPf/QY6QInoLeQFe6RuI8PMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvc2M4dWRnOV85QmpwQWllZ3Q1QVY3cEc0anc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwajKAwQB
z/TQMA0GCSqGSIb3DQEBCwUAA4IBAQBDy+FZKAAfbtH8AL0kBzcNbexUPnfH0Mfq
1w8Cak01b7skO806AdRVbx4vmE6hJDmw8gMiMrKa41XFcHPUs+TUYWQI1+B2yHMt
3Y02ysMpM10InYSvN44pmJ8e8iMBkTx7Kr1FaqeEJpda2W+nbuN2S86gaVPioFkr
ok9NAtH08KjJxstHaXHi+0FxIj3Z5p57dIQPbNmcEPJtVPecP7jSfCCnkJ9VIlnC
xFY+VXRRLWGX9yVk1OiwEQ/YuNSIbdkHJpKy8sxr7rB1i9EUtmNX7keiE8U4alvG
txhpE9KJHb23tJE8gK+jaRYw7yhIobcwqK10tXFso9gwi2zcyuLD
-----END CERTIFICATE-----
Generated at Sat Jun 7 11:01:08 2025 by rpki-client