Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/RKoG6yGzYUsbwzkvak0IDVmP8aI.roa
File: RKoG6yGzYUsbwzkvak0IDVmP8aI.roa (raw, json)
Hash identifier: NYzAPW/dpm/sRwQxxpLinnVE8uK7AfRUJKejz4Su0j8=
Subject key identifier: 44:AA:06:EB:21:B3:61:4B:1B:C3:39:2F:6A:4D:08:0D:59:8F:F1:A2
Certificate issuer: /CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Certificate serial: 0198984D6369FF88F902D4EBEF1A2FD2C7D9
Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/RKoG6yGzYUsbwzkvak0IDVmP8aI.roa
Signing time: Mon 11 Aug 2025 08:44:25 +0000
ROA not before: Mon 11 Aug 2025 08:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212825
IP address blocks: 194.44.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:4d:63:69:ff:88:f9:02:d4:eb:ef:1a:2f:d2:c7:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Validity
Not Before: Aug 11 08:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44aa06eb21b3614b1bc3392f6a4d080d598ff1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7d:46:62:df:33:19:5b:0a:4d:c6:32:fe:60:
93:01:ac:c9:3f:c6:cb:e6:31:7a:12:cc:58:3e:48:
59:05:57:12:de:23:8e:e8:df:fc:3d:db:b3:d1:e8:
cc:ad:5e:28:d7:fb:d3:4e:78:f2:4a:dd:4a:20:54:
02:1f:6a:53:fb:8a:3c:c0:5e:7b:2d:99:a1:c7:00:
56:d4:8b:a4:ab:3d:f3:65:3c:e9:fb:d2:54:bc:f7:
fd:89:b8:70:7e:db:a4:2e:fc:34:61:b6:25:50:62:
2b:cc:a3:51:f2:3a:f5:89:42:48:67:c8:ab:1e:34:
37:f3:cb:c7:d3:c1:64:6a:99:e5:24:dd:71:84:cd:
3b:54:53:f9:9e:95:a6:4d:22:a7:26:14:ae:cb:a0:
f8:50:46:2f:7b:41:b2:df:b2:7f:73:08:a7:c2:6f:
9b:7c:41:4f:0a:71:58:a8:14:fc:49:9a:68:cd:54:
63:3e:a8:68:b3:57:60:9f:2b:71:14:15:d3:2d:ef:
46:ce:4c:1e:05:9a:66:57:06:08:f6:9a:06:3e:9b:
25:29:7c:04:ab:87:90:ab:9a:b5:11:cb:b0:89:84:
18:0c:c2:2e:6a:72:ed:80:0a:a2:d2:71:86:7c:48:
fb:ac:20:ad:3a:76:7a:35:59:83:53:84:cd:5b:90:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:06:EB:21:B3:61:4B:1B:C3:39:2F:6A:4D:08:0D:59:8F:F1:A2
X509v3 Authority Key Identifier:
keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/RKoG6yGzYUsbwzkvak0IDVmP8aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.176.0/24
Signature Algorithm: sha256WithRSAEncryption
41:b1:bb:b5:e2:10:57:62:64:79:a4:65:ad:16:68:9f:cf:c2:
3c:3c:a5:36:fe:64:bf:0c:c5:03:72:2b:aa:5d:61:60:79:84:
1b:20:04:8d:d5:01:03:42:a6:e1:8a:c3:3a:4e:76:4f:12:f5:
83:df:e6:38:d1:39:6e:4d:bf:f2:28:0f:99:75:c8:a0:98:97:
fe:78:ad:ee:af:c8:89:40:25:dc:16:55:97:17:1d:6b:00:de:
67:38:46:7b:cd:90:cc:6f:1c:9d:2c:7e:99:39:81:b9:e6:5d:
f0:a4:ca:06:3d:af:01:b8:af:18:74:cb:51:67:67:93:89:de:
fa:6f:53:8c:b7:61:16:39:ba:2b:b6:e9:cd:e0:dd:7a:31:fe:
b0:6e:3c:ef:69:66:7b:f0:61:64:da:a9:17:ce:39:df:a2:65:
b6:af:de:09:98:16:e9:ce:95:26:7a:f1:41:ba:18:17:03:98:
af:c5:69:d9:00:6d:e2:05:b3:31:a0:4c:98:28:d5:73:65:90:
a1:2a:f8:56:85:bc:52:c4:8e:fe:52:de:86:ee:a5:48:7b:cb:
3e:95:7d:cc:36:3e:2e:b4:a6:49:31:fc:a3:6b:d1:5b:c5:a9:
a5:d0:69:5e:5d:54:50:3a:f6:5d:c3:9d:02:be:97:db:85:45:
f4:02:8d:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiYTWNp/4j5AtTr7xov0sfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0
Y2IxN2EwHhcNMjUwODExMDg0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFhMDZlYjIxYjM2MTRiMWJjMzM5MmY2YTRkMDgwZDU5OGZmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp31GYt8zGVsKTcYy/mCTAazJP8bL
5jF6EsxYPkhZBVcS3iOO6N/8Pduz0ejMrV4o1/vTTnjySt1KIFQCH2pT+4o8wF57
LZmhxwBW1Iukqz3zZTzp+9JUvPf9ibhwftukLvw0YbYlUGIrzKNR8jr1iUJIZ8ir
HjQ388vH08FkapnlJN1xhM07VFP5npWmTSKnJhSuy6D4UEYve0Gy37J/cwinwm+b
fEFPCnFYqBT8SZpozVRjPqhos1dgnytxFBXTLe9GzkweBZpmVwYI9poGPpslKXwE
q4eQq5q1EcuwiYQYDMIuanLtgAqi0nGGfEj7rCCtOnZ6NVmDU4TNW5CaDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESqBushs2FLG8M5L2pNCA1Zj/GiMB8GA1UdIwQY
MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt
NTQ5ZWU2ZDMwZmI2LzEvUktvRzZ5R3pZVXNid3prdmFrMElEVm1QOGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQtNTQ5ZWU2ZDMwZmI2
LzEvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiywMA0G
CSqGSIb3DQEBCwUAA4IBAQBBsbu14hBXYmR5pGWtFmifz8I8PKU2/mS/DMUDciuq
XWFgeYQbIASN1QEDQqbhisM6TnZPEvWD3+Y40TluTb/yKA+ZdcigmJf+eK3ur8iJ
QCXcFlWXFx1rAN5nOEZ7zZDMbxydLH6ZOYG55l3wpMoGPa8BuK8YdMtRZ2eTid76
b1OMt2EWObortunN4N16Mf6wbjzvaWZ78GFk2qkXzjnfomW2r94JmBbpzpUmevFB
uhgXA5ivxWnZAG3iBbMxoEyYKNVzZZChKvhWhbxSxI7+Ut6G7qVIe8s+lX3MNj4u
tKZJMfyja9Fbxaml0GleXVRQOvZdw50CvpfbhUX0Ao3K
-----END CERTIFICATE-----
Generated at Thu Aug 21 10:26:06 2025 by rpki-client