Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cOy-CAvP6otn2DzWCwsJGJTydS0.roa
File: cOy-CAvP6otn2DzWCwsJGJTydS0.roa (raw, json)
Hash identifier: 0R2NVVpBG6pXvGjfU3eH+cXTry9Vt5bvO9CjIpEY18Q=
Subject key identifier: 70:EC:BE:08:0B:CF:EA:8B:67:D8:3C:D6:0B:0B:09:18:94:F2:75:2D
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 0197CCEB9D15CE2279372240DA7329CFEF80
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cOy-CAvP6otn2DzWCwsJGJTydS0.roa
Signing time: Wed 02 Jul 2025 20:54:42 +0000
ROA not before: Wed 02 Jul 2025 20:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197033
IP address blocks: 46.18.224.0/21 maxlen: 21
91.216.43.0/24 maxlen: 24
93.177.81.0/24 maxlen: 24
185.24.152.0/22 maxlen: 22
185.33.88.0/22 maxlen: 22
185.147.65.0/24 maxlen: 24
185.147.67.0/24 maxlen: 24
185.155.173.0/24 maxlen: 24
185.195.248.0/24 maxlen: 24
185.195.249.0/24 maxlen: 24
185.195.250.0/24 maxlen: 24
185.195.251.0/24 maxlen: 24
194.147.172.0/24 maxlen: 24
194.147.227.0/24 maxlen: 24
194.147.228.0/24 maxlen: 24
194.147.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:eb:9d:15:ce:22:79:37:22:40:da:73:29:cf:ef:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jul 2 20:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ecbe080bcfea8b67d83cd60b0b091894f2752d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ee:a4:88:7a:4f:f1:0b:7b:9a:5d:b8:5a:f7:
20:f5:99:0a:3d:0e:ec:76:d4:5d:4a:a8:14:76:57:
7d:ba:33:d0:d3:17:b8:42:4d:dc:bc:74:c3:eb:f5:
10:2b:ae:ab:32:3e:dc:80:7b:89:b6:ab:2f:58:21:
b0:cf:64:4c:58:99:80:d4:ae:26:c4:2d:09:b2:12:
70:0b:e7:d3:b3:be:2b:59:03:05:2e:4b:c1:d4:33:
88:aa:84:b5:21:6d:ed:fd:ea:b1:3b:3c:2e:96:7e:
fc:50:69:75:c3:29:2c:15:73:d7:f6:b4:1e:90:0a:
48:cd:73:51:a3:41:88:be:8b:7b:0e:fc:d2:c2:67:
4c:9b:6a:e7:c0:cb:17:19:8e:db:5f:dd:dc:06:4b:
44:d6:65:46:f3:6b:da:6e:b9:b1:a4:fd:1b:1e:fa:
4d:cc:be:63:09:6a:2d:91:c9:ee:fd:1d:c8:a5:0b:
63:1c:5b:c3:0b:7e:26:d4:60:0a:46:40:4d:79:26:
75:d3:3d:a2:e8:bb:01:05:64:56:eb:22:23:0c:55:
49:a1:16:a5:88:e2:1d:d4:00:82:e2:8f:2c:f8:28:
64:e6:f8:ae:95:fa:b8:60:98:2b:e2:62:09:c6:3d:
ac:59:a2:cd:41:36:f0:94:7c:cc:4f:a2:df:32:06:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EC:BE:08:0B:CF:EA:8B:67:D8:3C:D6:0B:0B:09:18:94:F2:75:2D
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/cOy-CAvP6otn2DzWCwsJGJTydS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.224.0/21
91.216.43.0/24
93.177.81.0/24
185.24.152.0/22
185.33.88.0/22
185.147.65.0/24
185.147.67.0/24
185.155.173.0/24
185.195.248.0/22
194.147.172.0/24
194.147.227.0-194.147.228.255
194.147.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d9:fc:8c:58:98:46:dd:23:7e:d9:5c:f5:18:bb:cf:23:56:
ec:dd:2f:d2:95:1d:a3:81:2a:cd:55:67:aa:62:8f:02:d0:56:
c7:d2:44:b6:15:80:af:2f:cb:df:6e:31:8c:06:35:83:d9:02:
f8:f5:d7:ba:df:cf:55:0c:00:7e:79:14:79:39:cb:8a:6d:99:
1e:8f:76:db:97:fd:51:fc:62:18:e7:ab:f8:5c:50:50:47:18:
1d:73:d9:87:96:c2:d3:96:54:35:c2:5b:9c:01:73:b6:73:aa:
72:b2:d9:d6:ff:7a:e1:31:dd:a6:fc:17:c3:98:79:d3:7c:c5:
44:d5:8d:3f:df:3e:97:c1:1d:56:a8:16:e2:62:d7:6d:32:ac:
07:6c:b2:bb:a2:d0:79:c0:59:73:72:b8:a5:94:3e:c5:ca:9a:
d8:6e:44:b9:28:78:bc:1c:99:c6:23:2e:3e:d3:8a:10:81:9f:
f0:fa:ad:70:74:5d:69:39:7e:f6:f7:df:d6:47:f9:22:3c:b6:
96:d3:5f:1e:d6:82:dd:aa:08:14:36:dd:ff:81:a4:ea:11:bf:
57:08:0e:11:4d:d5:f9:ff:33:c7:60:23:ac:d4:8f:ac:ef:29:
1f:95:99:3a:85:bc:fa:28:28:be:2f:4d:aa:60:92:41:40:5a:
33:fe:03:3b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZfM650VziJ5NyJA2nMpz++AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjUwNzAyMjA1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVjYmUwODBiY2ZlYThiNjdkODNjZDYwYjBiMDkxODk0ZjI3NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO6kiHpP8Qt7ml24Wvcg9ZkKPQ7s
dtRdSqgUdld9ujPQ0xe4Qk3cvHTD6/UQK66rMj7cgHuJtqsvWCGwz2RMWJmA1K4m
xC0JshJwC+fTs74rWQMFLkvB1DOIqoS1IW3t/eqxOzwuln78UGl1wyksFXPX9rQe
kApIzXNRo0GIvot7DvzSwmdMm2rnwMsXGY7bX93cBktE1mVG82vabrmxpP0bHvpN
zL5jCWotkcnu/R3IpQtjHFvDC34m1GAKRkBNeSZ10z2i6LsBBWRW6yIjDFVJoRal
iOId1ACC4o8s+Chk5viulfq4YJgr4mIJxj2sWaLNQTbwlHzMT6LfMgZD/wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFHDsvggLz+qLZ9g81gsLCRiU8nUtMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvY095LUNBdlA2b3RuMkR6V0N3c0pHSlR5ZFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQDLhLgAwQA
W9grAwQAXbFRAwQCuRiYAwQCuSFYAwQAuZNBAwQAuZNDAwQAuZutAwQCucP4AwQA
wpOsMAwDBADCk+MDBADCk+QDBADCk+YwDQYJKoZIhvcNAQELBQADggEBADzZ/IxY
mEbdI37ZXPUYu88jVuzdL9KVHaOBKs1VZ6pijwLQVsfSRLYVgK8vy99uMYwGNYPZ
Avj117rfz1UMAH55FHk5y4ptmR6PdtuX/VH8Yhjnq/hcUFBHGB1z2YeWwtOWVDXC
W5wBc7ZzqnKy2db/euEx3ab8F8OYedN8xUTVjT/fPpfBHVaoFuJi120yrAdssrui
0HnAWXNyuKWUPsXKmthuRLkoeLwcmcYjLj7TihCBn/D6rXB0XWk5fvb339ZH+SI8
tpbTXx7Wgt2qCBQ23f+BpOoRv1cIDhFN1fn/M8dgI6zUj6zvKR+VmTqFvPooKL4v
TapgkkFAWjP+Azs=
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:03:54 2025 by rpki-client