Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/0DkU2fgO6IQWtgrbjz4ILjM1Zl8.roa
File: 0DkU2fgO6IQWtgrbjz4ILjM1Zl8.roa (raw, json)
Hash identifier: GEp4fdAPa044+J00YTmo8n4i3COcJ21fXImaGvohmEY=
Subject key identifier: D0:39:14:D9:F8:0E:E8:84:16:B6:0A:DB:8F:3E:08:2E:33:35:66:5F
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 0196F305A077F5E6B73837A8A091BA61FBA2
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/0DkU2fgO6IQWtgrbjz4ILjM1Zl8.roa
Signing time: Wed 21 May 2025 13:25:54 +0000
ROA not before: Wed 21 May 2025 13:25:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200596
IP address blocks: 62.146.248.0/21 maxlen: 24
85.184.228.0/22 maxlen: 24
135.84.148.0/22 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
2a00:5ea0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:05:a0:77:f5:e6:b7:38:37:a8:a0:91:ba:61:fb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: May 21 13:25:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d03914d9f80ee88416b60adb8f3e082e3335665f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:81:6f:d9:7a:5e:9e:27:e0:ce:7a:a1:62:
7c:c7:26:a2:35:4d:f5:27:73:fa:58:85:83:b1:04:
70:b3:1f:f2:ee:6f:77:7f:e9:ef:61:29:09:8d:4c:
22:94:f1:53:d8:e4:6b:c5:fe:ac:41:69:c7:7a:7e:
17:29:9d:7c:0c:fe:4d:fd:12:04:fd:6d:9b:83:eb:
48:eb:b4:d7:5e:87:43:f2:84:79:28:18:2c:0c:67:
b2:af:25:0f:ed:e7:bf:04:50:8d:5f:33:1f:4c:fd:
49:c8:76:6e:d2:9a:a7:b5:15:5a:3f:b0:22:e8:fb:
62:6b:91:56:9b:79:6c:f4:63:0e:15:36:5e:46:08:
d7:e1:e8:83:bb:2c:05:d5:73:62:0b:8c:e9:27:7c:
72:cd:fc:52:1f:2b:f0:8c:0e:56:1a:84:e4:a8:f7:
19:7a:e5:3c:dd:74:e8:a4:2b:a2:55:55:a6:17:b5:
bb:73:8b:a5:7c:4e:2f:3e:a3:9f:83:1e:24:d3:4e:
ed:4b:99:10:c0:3d:f6:fa:b7:fd:02:86:9c:56:63:
cd:a4:e0:67:9f:7e:7b:17:f5:7c:c4:22:33:02:d2:
6d:07:3e:39:c2:42:1e:fc:f6:20:06:c3:4a:f3:3f:
3f:d8:0e:21:b7:ef:45:bc:e4:02:0f:a8:36:0e:2d:
bf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:39:14:D9:F8:0E:E8:84:16:B6:0A:DB:8F:3E:08:2E:33:35:66:5F
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/0DkU2fgO6IQWtgrbjz4ILjM1Zl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.248.0/21
85.184.228.0/22
135.84.148.0/22
147.12.16.0/20
185.101.196.0/22
IPv6:
2a00:5ea0::/29
Signature Algorithm: sha256WithRSAEncryption
18:7e:2d:48:0f:6e:bc:d0:b3:b1:86:03:1c:2d:6a:1e:6c:75:
d1:69:df:0c:1c:00:8f:a4:df:ce:9e:f1:07:dc:2c:70:28:92:
fc:e1:cb:b4:a1:f9:a1:d0:5c:48:ff:ea:fd:6a:b1:96:5f:3a:
73:39:4f:c7:45:eb:07:76:92:43:20:d9:9a:27:e1:52:a0:7c:
00:61:db:3d:eb:72:ed:1e:fa:4c:02:df:fe:0f:1e:7c:b9:8b:
66:fa:a1:17:e4:d8:48:16:95:cb:69:01:ca:48:24:9d:67:03:
58:27:92:a7:ad:53:43:b0:e4:63:22:c5:af:4f:82:75:8c:17:
92:7c:e3:91:b3:05:53:06:4a:58:6e:2f:e6:c1:77:2c:53:a3:
2b:a1:db:69:8c:ae:92:d4:88:30:69:2f:77:0a:74:36:ec:7e:
73:82:ed:46:47:35:b2:ba:49:b5:3b:2a:71:18:74:c7:c0:65:
b7:38:a7:33:eb:74:76:2c:b6:42:8d:33:6c:a5:57:fd:9b:b5:
9e:56:f8:56:cb:2e:e3:af:c0:d2:8c:2d:02:f3:0c:09:89:23:
07:20:fc:0a:4c:3c:62:8c:20:19:74:23:8c:c2:97:dc:af:9d:
51:51:f3:8b:d8:ee:a3:73:87:13:03:99:45:4e:71:09:e1:58:
94:dd:75:b4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZbzBaB39ea3ODeooJG6YfuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjUwNTIxMTMyNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDM5MTRkOWY4MGVlODg0MTZiNjBhZGI4ZjNlMDgyZTMzMzU2NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3+Bb9l6Xp4n4M56oWJ8xyaiNU31
J3P6WIWDsQRwsx/y7m93f+nvYSkJjUwilPFT2ORrxf6sQWnHen4XKZ18DP5N/RIE
/W2bg+tI67TXXodD8oR5KBgsDGeyryUP7ee/BFCNXzMfTP1JyHZu0pqntRVaP7Ai
6Ptia5FWm3ls9GMOFTZeRgjX4eiDuywF1XNiC4zpJ3xyzfxSHyvwjA5WGoTkqPcZ
euU83XTopCuiVVWmF7W7c4ulfE4vPqOfgx4k007tS5kQwD32+rf9AoacVmPNpOBn
n357F/V8xCIzAtJtBz45wkIe/PYgBsNK8z8/2A4ht+9FvOQCD6g2Di2/UwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNA5FNn4DuiEFrYK248+CC4zNWZfMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvMERrVTJmZ082SVFXdGdyYmp6NElMak0xWmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDPpL4AwQC
VbjkAwQCh1SUAwQEkwwQAwQCuWXEMA0EAgACMAcDBQMqAF6gMA0GCSqGSIb3DQEB
CwUAA4IBAQAYfi1ID2680LOxhgMcLWoebHXRad8MHACPpN/OnvEH3CxwKJL84cu0
ofmh0FxI/+r9arGWXzpzOU/HResHdpJDINmaJ+FSoHwAYds963LtHvpMAt/+Dx58
uYtm+qEX5NhIFpXLaQHKSCSdZwNYJ5KnrVNDsORjIsWvT4J1jBeSfOORswVTBkpY
bi/mwXcsU6MrodtpjK6S1IgwaS93CnQ27H5zgu1GRzWyukm1OypxGHTHwGW3OKcz
63R2LLZCjTNspVf9m7WeVvhWyy7jr8DSjC0C8wwJiSMHIPwKTDxijCAZdCOMwpfc
r51RUfOL2O6jc4cTA5lFTnEJ4ViU3XW0
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:44:27 2025 by rpki-client