Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DsvwJ7qXOQmh3Gw6FL29To8uo0Q.roa
File: DsvwJ7qXOQmh3Gw6FL29To8uo0Q.roa (raw, json)
Hash identifier: 3JZXvgRVC01PNyXjxRWp78ihW7iWBPiCKuCBdXPt6qU=
Subject key identifier: 0E:CB:F0:27:BA:97:39:09:A1:DC:6C:3A:14:BD:BD:4E:8F:2E:A3:44
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01973969653BF2BD5E6BB9C0977D49E463FE
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DsvwJ7qXOQmh3Gw6FL29To8uo0Q.roa
Signing time: Wed 04 Jun 2025 05:28:17 +0000
ROA not before: Wed 04 Jun 2025 05:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30738
IP address blocks: 188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:69:65:3b:f2:bd:5e:6b:b9:c0:97:7d:49:e4:63:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 4 05:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ecbf027ba973909a1dc6c3a14bdbd4e8f2ea344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:87:28:1c:5b:9f:f5:62:db:30:1c:df:69:
84:cf:77:08:9e:08:00:f9:fa:6e:99:cb:55:16:d2:
b3:df:61:a0:07:84:1b:d9:51:6f:e0:1a:90:0a:b9:
79:e7:48:00:18:54:17:40:c0:ef:5e:31:5e:a2:78:
96:3f:10:7e:3a:39:24:e0:cd:99:b0:98:a4:76:76:
21:43:d2:66:95:32:b1:49:f6:a0:a6:c5:ff:e6:6f:
52:cd:c1:ff:56:6a:ab:c5:6e:b6:af:ea:9c:bb:0d:
be:1f:be:c2:b3:da:c9:2f:92:b3:1f:27:ab:b7:af:
f2:a1:34:2e:0d:67:1b:40:21:e4:fb:b7:eb:73:79:
dc:14:5a:ed:7d:07:52:d2:ec:2b:d8:8a:b4:cd:e6:
90:ec:b9:72:4a:45:01:bf:29:30:4b:72:9a:63:4f:
70:d6:29:e5:4c:cb:bb:70:23:2e:7a:da:cf:35:5b:
36:5f:ff:47:f3:66:b8:7f:f0:cb:2e:23:eb:5e:b2:
ad:11:72:8f:4c:66:e3:9a:df:55:ad:10:e6:70:58:
8d:21:1b:d2:c9:d1:1e:23:da:97:97:82:fb:d7:09:
bf:e7:a1:2d:ff:03:23:fc:d3:60:99:db:88:40:91:
8c:0f:ac:a8:b5:b8:77:cc:2a:5a:8f:2a:65:67:3c:
cf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CB:F0:27:BA:97:39:09:A1:DC:6C:3A:14:BD:BD:4E:8F:2E:A3:44
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DsvwJ7qXOQmh3Gw6FL29To8uo0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
86:12:dd:8e:33:95:7a:57:77:bf:40:ae:41:6b:89:bd:36:2c:
7c:b1:6e:04:ca:0b:f3:e3:f0:e2:0d:bc:24:8b:21:f0:72:f7:
2f:f2:60:37:37:7b:16:e8:e1:c2:d5:a6:9b:d0:26:9b:8c:fc:
06:c5:d2:6a:6a:4d:8e:5f:f5:e5:a1:da:b2:33:8e:26:f1:e3:
3b:b9:12:5a:fa:11:22:ff:59:af:24:8a:b6:92:4b:7d:8e:d9:
c7:d7:2e:66:1b:53:fe:e5:5d:44:6b:d3:f8:3d:88:32:c8:20:
fb:bc:df:96:31:64:88:54:51:8b:58:74:77:92:a0:c5:0d:ca:
3a:8f:55:62:02:61:15:d6:c5:75:64:b3:2c:4e:0b:c7:c2:77:
db:c7:f8:be:0a:a9:9d:ca:5e:93:a2:b8:91:08:91:03:cf:b6:
2a:29:8c:62:33:cd:f8:a4:04:a6:30:73:18:75:35:41:79:96:
68:dc:22:70:0b:9b:ab:bf:b3:cc:48:fe:d4:25:fa:a2:0d:27:
31:5e:b1:e1:2f:40:8b:29:c9:af:04:72:c6:8e:6f:cc:f1:28:
0a:40:3e:cf:57:e9:54:ce:c2:da:89:39:d6:46:bd:05:a8:80:
cd:4d:c6:55:06:1c:55:57:37:c4:fe:22:76:07:24:70:55:20:
bc:84:6c:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZc5aWU78r1ea7nAl31J5GP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwNjA0MDUyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNiZjAyN2JhOTczOTA5YTFkYzZjM2ExNGJkYmQ0ZThmMmVhMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZmHKBxbn/Vi2zAc32mEz3cInggA
+fpumctVFtKz32GgB4Qb2VFv4BqQCrl550gAGFQXQMDvXjFeoniWPxB+Ojkk4M2Z
sJikdnYhQ9JmlTKxSfagpsX/5m9SzcH/VmqrxW62r+qcuw2+H77Cs9rJL5KzHyer
t6/yoTQuDWcbQCHk+7frc3ncFFrtfQdS0uwr2Iq0zeaQ7LlySkUBvykwS3KaY09w
1inlTMu7cCMuetrPNVs2X/9H82a4f/DLLiPrXrKtEXKPTGbjmt9VrRDmcFiNIRvS
ydEeI9qXl4L71wm/56Et/wMj/NNgmduIQJGMD6yotbh3zCpajyplZzzPDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA7L8Ce6lzkJodxsOhS9vU6PLqNEMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvRHN2d0o3cVhPUW1oM0d3NkZMMjlUbzh1bzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQC
w9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCGEt2OM5V6V3e/
QK5Ba4m9Nix8sW4Eygvz4/DiDbwkiyHwcvcv8mA3N3sW6OHC1aab0CabjPwGxdJq
ak2OX/XlodqyM44m8eM7uRJa+hEi/1mvJIq2kkt9jtnH1y5mG1P+5V1Ea9P4PYgy
yCD7vN+WMWSIVFGLWHR3kqDFDco6j1ViAmEV1sV1ZLMsTgvHwnfbx/i+Cqmdyl6T
oriRCJEDz7YqKYxiM834pASmMHMYdTVBeZZo3CJwC5urv7PMSP7UJfqiDScxXrHh
L0CLKcmvBHLGjm/M8SgKQD7PV+lUzsLaiTnWRr0FqIDNTcZVBhxVVzfE/iJ2ByRw
VSC8hGz4
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:55:59 2025 by rpki-client