Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/CEobCVyOq89vMXgU83DpMwfT0Wo.roa
File: CEobCVyOq89vMXgU83DpMwfT0Wo.roa (raw, json)
Hash identifier: DcQa6f54mwH80zIkbXchOx9QQQsb0gD6KDYchnHbpMk=
Subject key identifier: 08:4A:1B:09:5C:8E:AB:CF:6F:31:78:14:F3:70:E9:33:07:D3:D1:6A
Certificate issuer: /CN=4ce74cf63723c0269d5283b1065821af384a9a26
Certificate serial: 01990B0144331B72116C562EE04728F002D1
Authority key identifier: 4C:E7:4C:F6:37:23:C0:26:9D:52:83:B1:06:58:21:AF:38:4A:9A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOdM9jcjwCadUoOxBlghrzhKmiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/CEobCVyOq89vMXgU83DpMwfT0Wo.roa
Signing time: Tue 02 Sep 2025 15:17:36 +0000
ROA not before: Tue 02 Sep 2025 15:17:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 188.227.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/TOdM9jcjwCadUoOxBlghrzhKmiY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/TOdM9jcjwCadUoOxBlghrzhKmiY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TOdM9jcjwCadUoOxBlghrzhKmiY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 21:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:01:44:33:1b:72:11:6c:56:2e:e0:47:28:f0:02:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce74cf63723c0269d5283b1065821af384a9a26
Validity
Not Before: Sep 2 15:17:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=084a1b095c8eabcf6f317814f370e93307d3d16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b7:69:9e:6e:5b:d5:dd:d2:89:1f:3f:e4:b9:
6a:07:73:e0:92:38:ed:d4:0d:be:19:4e:65:e7:bd:
7b:75:60:51:99:19:fe:6c:12:73:b1:13:dd:3c:de:
57:13:82:c4:49:a1:fb:29:c0:93:d9:d7:38:bf:ba:
23:67:e3:bf:1e:c3:71:73:12:24:98:63:b9:bb:45:
b2:4d:f9:28:4f:09:72:9f:0f:af:21:cf:e6:e0:87:
85:8f:2a:8c:2a:14:70:34:40:e9:97:7f:e0:ab:e3:
2a:3a:5a:d6:1b:30:fc:70:15:a7:35:1f:64:cb:b0:
26:0b:1f:a4:b6:bf:76:e2:cc:df:01:f2:e0:8c:38:
ed:ce:7b:33:c6:62:cf:b9:2c:de:74:dd:96:a1:57:
1a:68:bd:d4:7f:b0:27:1a:67:89:1e:9f:53:f1:49:
df:27:6e:c0:6e:40:3d:fe:22:97:80:ec:a9:4b:4d:
f7:f0:7e:1d:5a:b1:60:34:15:40:9e:c8:00:63:ee:
92:72:0e:18:5a:fa:43:43:a3:d0:dd:95:b1:6d:02:
d0:89:1f:e7:3c:ed:a8:75:cd:5a:f4:8f:88:24:5f:
fb:7d:e4:e9:01:54:09:1a:45:02:dd:70:cd:1f:df:
c5:be:ee:f3:02:31:a4:8f:44:b2:e7:29:ee:ca:d3:
98:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4A:1B:09:5C:8E:AB:CF:6F:31:78:14:F3:70:E9:33:07:D3:D1:6A
X509v3 Authority Key Identifier:
keyid:4C:E7:4C:F6:37:23:C0:26:9D:52:83:B1:06:58:21:AF:38:4A:9A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOdM9jcjwCadUoOxBlghrzhKmiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/CEobCVyOq89vMXgU83DpMwfT0Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5a0f81-31e2-4db2-8339-9241ff6ec3bf/1/TOdM9jcjwCadUoOxBlghrzhKmiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.227.198.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:c3:d2:ce:9f:4f:12:55:e3:6f:0d:66:88:71:cb:92:73:7b:
97:57:be:b5:92:df:09:78:ab:44:00:b1:fc:9b:01:d7:00:52:
34:7a:1e:6d:18:b3:a1:47:9f:6e:c6:f4:31:0a:44:b1:b5:80:
ec:5f:12:99:7e:6b:46:59:52:84:76:51:59:92:fa:05:69:bf:
fa:c7:0a:50:64:c6:f7:9a:5f:c0:7f:a2:ab:19:da:a1:18:67:
aa:21:fd:6c:fa:a5:bc:dd:d4:26:41:a5:a1:2c:4a:51:a3:21:
3e:dc:74:5b:53:28:72:06:ed:5e:44:5b:2c:2d:e2:41:8f:d1:
7b:b8:83:87:42:0a:fc:a7:6f:58:21:10:05:f2:08:1f:54:0f:
55:3a:b5:7c:d3:ce:f2:ea:ef:b4:b5:67:2e:4a:6f:d0:58:4c:
d4:9a:22:3a:0a:9a:fc:b7:fd:96:9b:9f:3e:62:4c:e2:a0:8f:
91:89:01:b9:9f:e3:5f:0a:89:c6:f3:8d:11:a5:a1:27:98:fc:
2f:eb:e1:d2:fa:e5:f0:94:38:3a:c0:86:aa:51:b7:f6:6f:8e:
7a:8d:bf:c7:42:38:c6:1b:cf:28:54:21:30:ab:1c:9c:9b:91:
2d:b5:f8:ff:d9:ca:d7:07:bf:68:84:68:57:41:20:31:26:17:
fd:aa:f5:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkLAUQzG3IRbFYu4Eco8ALRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTc0Y2Y2MzcyM2MwMjY5ZDUyODNiMTA2NTgyMWFmMzg0
YTlhMjYwHhcNMjUwOTAyMTUxNzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRhMWIwOTVjOGVhYmNmNmYzMTc4MTRmMzcwZTkzMzA3ZDNkMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ldpnm5b1d3SiR8/5LlqB3Pgkjjt
1A2+GU5l5717dWBRmRn+bBJzsRPdPN5XE4LESaH7KcCT2dc4v7ojZ+O/HsNxcxIk
mGO5u0WyTfkoTwlynw+vIc/m4IeFjyqMKhRwNEDpl3/gq+MqOlrWGzD8cBWnNR9k
y7AmCx+ktr924szfAfLgjDjtznszxmLPuSzedN2WoVcaaL3Uf7AnGmeJHp9T8Unf
J27AbkA9/iKXgOypS0338H4dWrFgNBVAnsgAY+6Scg4YWvpDQ6PQ3ZWxbQLQiR/n
PO2odc1a9I+IJF/7feTpAVQJGkUC3XDNH9/Fvu7zAjGkj0Sy5ynuytOYswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhKGwlcjqvPbzF4FPNw6TMH09FqMB8GA1UdIwQY
MBaAFEznTPY3I8AmnVKDsQZYIa84SpomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9kTTlqY2p3Q2FkVW9PeEJsZ2hyemhLbWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81YTBmODEtMzFlMi00ZGIyLTgzMzkt
OTI0MWZmNmVjM2JmLzEvQ0VvYkNWeU9xODl2TVhnVTgzRHBNd2ZUMFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81YTBmODEtMzFlMi00ZGIyLTgzMzktOTI0MWZmNmVjM2Jm
LzEvVE9kTTlqY2p3Q2FkVW9PeEJsZ2hyemhLbWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvOPGMA0G
CSqGSIb3DQEBCwUAA4IBAQC9w9LOn08SVeNvDWaIccuSc3uXV761kt8JeKtEALH8
mwHXAFI0eh5tGLOhR59uxvQxCkSxtYDsXxKZfmtGWVKEdlFZkvoFab/6xwpQZMb3
ml/Af6KrGdqhGGeqIf1s+qW83dQmQaWhLEpRoyE+3HRbUyhyBu1eRFssLeJBj9F7
uIOHQgr8p29YIRAF8ggfVA9VOrV8087y6u+0tWcuSm/QWEzUmiI6Cpr8t/2Wm58+
YkzioI+RiQG5n+NfConG840RpaEnmPwv6+HS+uXwlDg6wIaqUbf2b456jb/HQjjG
G88oVCEwqxycm5Ettfj/2crXB79ohGhXQSAxJhf9qvXi
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:01:08 2025 by rpki-client