Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/xGRi38FbYPtyVjpISIlZu1Rcw-8.roa
File: xGRi38FbYPtyVjpISIlZu1Rcw-8.roa (raw, json)
Hash identifier: UG1OsKDsdzNjYY0H8uIo1v9mk/E/HpY1nyrzMTqyWY4=
Subject key identifier: C4:64:62:DF:C1:5B:60:FB:72:56:3A:48:48:89:59:BB:54:5C:C3:EF
Certificate issuer: /CN=edeb4424abd86d6ef48db9e7646f539c6d10c886
Certificate serial: 01972F62D228D6B27AD36987542DE00D0988
Authority key identifier: ED:EB:44:24:AB:D8:6D:6E:F4:8D:B9:E7:64:6F:53:9C:6D:10:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7etEJKvYbW70jbnnZG9TnG0QyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/xGRi38FbYPtyVjpISIlZu1Rcw-8.roa
Signing time: Mon 02 Jun 2025 06:44:54 +0000
ROA not before: Mon 02 Jun 2025 06:44:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15663
IP address blocks: 185.203.76.0/22 maxlen: 22
212.39.0.0/19 maxlen: 24
212.39.0.0/20 maxlen: 20
212.39.16.0/20 maxlen: 20
2a00:aa00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/7etEJKvYbW70jbnnZG9TnG0QyIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/7etEJKvYbW70jbnnZG9TnG0QyIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/7etEJKvYbW70jbnnZG9TnG0QyIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:62:d2:28:d6:b2:7a:d3:69:87:54:2d:e0:0d:09:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edeb4424abd86d6ef48db9e7646f539c6d10c886
Validity
Not Before: Jun 2 06:44:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c46462dfc15b60fb72563a48488959bb545cc3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:44:cf:75:2c:f8:4e:a4:db:ef:b7:d0:cb:dc:
0d:08:6f:6e:c3:37:40:69:64:dc:e9:a6:2b:6d:f2:
a3:38:d5:d2:2f:2d:6e:a0:70:05:55:86:f8:c1:83:
02:f8:9d:eb:48:81:fe:72:db:cc:12:2a:aa:68:d7:
c5:30:83:20:0a:d3:ce:9a:c9:fb:06:60:96:90:e5:
93:f4:0b:ae:90:16:2c:6b:7b:83:4f:58:df:9a:cf:
97:6b:3c:12:d4:96:e4:34:e6:55:68:db:6d:9f:6f:
f5:fa:4c:83:66:8b:37:59:99:4f:2b:01:7d:19:86:
d7:7b:10:05:c2:00:d8:32:b7:85:db:e6:86:f1:35:
8e:97:e3:8d:22:10:37:15:2f:6c:19:f1:c6:af:28:
21:84:17:b5:b0:f5:8e:91:ef:bb:f4:87:6d:cc:d8:
2b:c1:0a:93:87:f3:43:03:6e:92:78:dd:77:1a:10:
32:a8:bb:a4:7c:40:9a:69:f5:88:e1:8a:9b:bf:7b:
98:e1:27:72:f3:16:3f:92:06:64:cb:ae:a2:6f:04:
e1:b7:d0:8e:71:65:90:08:cb:3f:78:d0:1d:e0:27:
3b:c0:7b:da:7b:56:6d:17:6f:3a:82:5c:c2:69:35:
8d:a5:52:3a:84:87:47:60:56:50:3d:e1:dd:b8:c9:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:64:62:DF:C1:5B:60:FB:72:56:3A:48:48:89:59:BB:54:5C:C3:EF
X509v3 Authority Key Identifier:
keyid:ED:EB:44:24:AB:D8:6D:6E:F4:8D:B9:E7:64:6F:53:9C:6D:10:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7etEJKvYbW70jbnnZG9TnG0QyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/xGRi38FbYPtyVjpISIlZu1Rcw-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/51b31a-7e50-4a1e-9f69-16d3a0ea49ae/1/7etEJKvYbW70jbnnZG9TnG0QyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.76.0/22
212.39.0.0/19
IPv6:
2a00:aa00::/32
Signature Algorithm: sha256WithRSAEncryption
72:39:6e:6a:1e:51:31:f2:5f:19:95:cd:6a:6b:c4:22:ea:14:
3d:4d:5a:88:5a:0d:64:73:77:52:65:ab:df:ee:f9:2e:1d:d0:
2d:31:28:ee:e3:27:37:ae:ca:58:31:d9:b7:a0:a2:a3:98:5b:
69:6d:32:40:9d:c4:bb:09:22:a0:03:f3:9b:31:87:9c:a7:68:
55:aa:2c:7f:2b:af:7e:5f:6c:ab:4f:e1:d4:31:b0:d5:68:b1:
60:a8:90:21:a2:54:e2:54:83:3e:03:fa:9e:da:d5:92:80:91:
d0:76:0b:d0:1e:45:89:bf:17:0e:27:d8:42:2c:f6:f2:eb:99:
85:e0:cd:1a:21:a0:89:93:c2:18:81:76:3c:23:ce:fd:e5:87:
f4:b4:53:6c:61:aa:ff:31:3d:1f:25:e3:d1:f5:59:cf:6a:01:
58:44:9b:54:48:7f:d2:f1:1b:88:c2:bd:1f:b1:f9:66:ff:d6:
79:32:c3:59:de:6f:0e:b9:ce:c9:30:ac:e5:f5:c1:d9:55:8f:
dc:a7:69:de:a8:3f:ba:bd:38:a9:75:1b:8a:69:c3:8a:a3:71:
b0:00:c4:ed:04:73:8b:f4:eb:6c:89:1a:c8:3d:3c:8b:ae:8c:
be:6e:f0:8b:8d:4b:58:7d:b1:b1:e0:88:28:e6:2b:08:bc:54:
bf:26:c8:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZcvYtIo1rJ602mHVC3gDQmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZWI0NDI0YWJkODZkNmVmNDhkYjllNzY0NmY1MzljNmQx
MGM4ODYwHhcNMjUwNjAyMDY0NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY0NjJkZmMxNWI2MGZiNzI1NjNhNDg0ODg5NTliYjU0NWNjM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukTPdSz4TqTb77fQy9wNCG9uwzdA
aWTc6aYrbfKjONXSLy1uoHAFVYb4wYMC+J3rSIH+ctvMEiqqaNfFMIMgCtPOmsn7
BmCWkOWT9AuukBYsa3uDT1jfms+XazwS1JbkNOZVaNttn2/1+kyDZos3WZlPKwF9
GYbXexAFwgDYMreF2+aG8TWOl+ONIhA3FS9sGfHGryghhBe1sPWOke+79IdtzNgr
wQqTh/NDA26SeN13GhAyqLukfECaafWI4Yqbv3uY4Sdy8xY/kgZky66ibwTht9CO
cWWQCMs/eNAd4Cc7wHvae1ZtF286glzCaTWNpVI6hIdHYFZQPeHduMmylQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMRkYt/BW2D7clY6SEiJWbtUXMPvMB8GA1UdIwQY
MBaAFO3rRCSr2G1u9I2552RvU5xtEMiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2V0RUpLdlliVzcwamJublpHOVRuRzBReUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81MWIzMWEtN2U1MC00YTFlLTlmNjkt
MTZkM2EwZWE0OWFlLzEveEdSaTM4RmJZUHR5VmpwSVNJbFp1MVJjdy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81MWIzMWEtN2U1MC00YTFlLTlmNjktMTZkM2EwZWE0OWFl
LzEvN2V0RUpLdlliVzcwamJublpHOVRuRzBReUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuctMAwQF
1CcAMA0EAgACMAcDBQAqAKoAMA0GCSqGSIb3DQEBCwUAA4IBAQByOW5qHlEx8l8Z
lc1qa8Qi6hQ9TVqIWg1kc3dSZavf7vkuHdAtMSju4yc3rspYMdm3oKKjmFtpbTJA
ncS7CSKgA/ObMYecp2hVqix/K69+X2yrT+HUMbDVaLFgqJAholTiVIM+A/qe2tWS
gJHQdgvQHkWJvxcOJ9hCLPby65mF4M0aIaCJk8IYgXY8I8795Yf0tFNsYar/MT0f
JePR9VnPagFYRJtUSH/S8RuIwr0fsflm/9Z5MsNZ3m8Ouc7JMKzl9cHZVY/cp2ne
qD+6vTipdRuKacOKo3GwAMTtBHOL9OtsiRrIPTyLroy+bvCLjUtYfbGx4Igo5isI
vFS/JsjR
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:56:28 2025 by rpki-client