Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/7Di18vds1Lh1nvSgqntfk1Ud90I.roa
File: 7Di18vds1Lh1nvSgqntfk1Ud90I.roa (raw, json)
Hash identifier: Lb6z4ox8gNoPqTMyyRUv6dVTsaJBuGj9jiCgzfLjPm8=
Subject key identifier: EC:38:B5:F2:F7:6C:D4:B8:75:9E:F4:A0:AA:7B:5F:93:55:1D:F7:42
Certificate issuer: /CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Certificate serial: 0198A9BD31C1177DAAA20D088FB57CE76764
Authority key identifier: D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/7Di18vds1Lh1nvSgqntfk1Ud90I.roa
Signing time: Thu 14 Aug 2025 18:00:05 +0000
ROA not before: Thu 14 Aug 2025 18:00:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49724
IP address blocks: 91.215.220.0/22 maxlen: 22
91.215.220.0/24 maxlen: 24
91.215.221.0/24 maxlen: 24
91.215.222.0/23 maxlen: 23
188.0.160.0/19 maxlen: 19
188.0.160.0/20 maxlen: 20
188.0.162.0/24 maxlen: 24
188.0.166.0/23 maxlen: 23
188.0.169.0/24 maxlen: 24
188.0.174.0/24 maxlen: 24
188.0.175.0/24 maxlen: 24
188.0.176.0/21 maxlen: 21
188.0.178.0/24 maxlen: 24
188.0.179.0/24 maxlen: 24
188.0.180.0/24 maxlen: 24
188.0.183.0/24 maxlen: 24
188.0.184.0/22 maxlen: 22
188.0.186.0/24 maxlen: 24
188.0.188.0/24 maxlen: 24
188.0.189.0/24 maxlen: 24
188.0.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a9:bd:31:c1:17:7d:aa:a2:0d:08:8f:b5:7c:e7:67:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Validity
Not Before: Aug 14 18:00:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec38b5f2f76cd4b8759ef4a0aa7b5f93551df742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:ca:e4:ed:ed:8d:1e:49:78:33:f6:5d:a1:
45:1d:80:85:54:b3:3d:f2:52:09:b4:8d:38:5d:49:
1c:c4:a0:91:27:97:c5:ad:db:9a:4b:c2:75:dd:46:
4e:eb:18:4f:fc:7d:cf:c7:80:20:1e:1c:33:6f:03:
25:d1:e0:9a:d2:cb:54:6f:24:90:ba:28:60:af:82:
97:da:32:f7:3e:14:fe:82:62:6b:5f:0f:ee:30:a0:
f6:87:e4:26:21:87:71:ac:bc:53:a5:b6:46:40:71:
12:4d:78:59:40:36:e0:1a:d7:d8:cf:a9:56:d3:16:
02:a7:09:bd:f6:32:c5:c5:ab:02:4e:7f:2b:0e:26:
d4:1d:41:85:fa:f7:e4:88:d1:94:68:55:bc:06:8a:
9a:86:9d:e4:9b:4d:14:63:f4:5e:44:af:b9:48:b7:
9e:a2:5b:ca:f4:f6:bf:92:39:31:46:46:e1:be:e8:
42:d9:ae:b5:87:b6:d7:51:d2:fb:93:2f:8f:0d:8b:
64:86:99:b6:e6:05:9d:34:7a:d8:72:1d:52:6a:08:
68:ff:46:b6:0f:70:fa:aa:83:17:f1:c2:80:ee:0c:
4a:7d:cc:eb:3e:4a:6e:68:d9:63:3c:7f:df:ef:db:
b3:3f:71:94:4c:6c:99:32:14:ce:9a:a4:df:bc:67:
a6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:38:B5:F2:F7:6C:D4:B8:75:9E:F4:A0:AA:7B:5F:93:55:1D:F7:42
X509v3 Authority Key Identifier:
keyid:D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/7Di18vds1Lh1nvSgqntfk1Ud90I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.220.0/22
188.0.160.0/19
Signature Algorithm: sha256WithRSAEncryption
45:c6:ec:8c:7b:6d:60:53:5e:9d:18:1c:d9:d2:ea:2b:4d:6a:
71:52:4c:71:fa:20:23:4b:07:cf:a4:a9:6a:f9:67:58:d8:90:
bb:97:ea:e8:d9:f1:0f:3c:b3:d0:26:12:cd:41:55:b4:c4:a1:
f8:61:b6:fb:76:7c:aa:09:26:2a:f5:35:bd:15:3d:d6:69:93:
13:06:33:3a:37:3d:49:6a:59:0b:bb:c2:fb:74:7b:73:60:0c:
b2:37:c1:1b:c0:88:7c:eb:38:67:e9:b7:06:58:02:26:3a:39:
f7:d2:98:6e:4a:6d:1d:2c:c5:14:e6:29:6e:36:99:5c:e8:d2:
ec:f6:f8:4d:ee:f1:6d:fd:bb:bc:44:3e:8a:e4:0a:fe:0f:84:
ab:3d:6d:01:0c:26:33:ad:ac:a9:e4:ca:c0:7b:5a:5c:49:5f:
de:af:ef:f1:8a:b8:61:b5:9c:6a:1b:a8:c0:45:71:2b:de:c4:
f8:0d:09:36:bc:72:f9:2e:bd:6f:f1:89:83:06:ea:dc:f9:54:
8a:a5:ec:f3:0b:5c:4d:6a:2a:41:7b:1a:76:34:36:df:26:53:
17:52:a9:f6:4e:40:7c:8b:60:02:6a:36:b2:38:f7:f2:f5:39:
c6:eb:d6:36:bc:e3:ee:b7:6d:14:ec:0c:5e:5c:66:26:fa:41:
20:7a:55:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZipvTHBF32qog0Ij7V852dkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZDM4ZjQ1OTcwNTFiNmMwZGRmMWJiODY2YWU0ZTk0NzAz
ZTE1NWUwHhcNMjUwODE0MTgwMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM4YjVmMmY3NmNkNGI4NzU5ZWY0YTBhYTdiNWY5MzU1MWRmNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpDK5O3tjR5JeDP2XaFFHYCFVLM9
8lIJtI04XUkcxKCRJ5fFrduaS8J13UZO6xhP/H3Px4AgHhwzbwMl0eCa0stUbySQ
uihgr4KX2jL3PhT+gmJrXw/uMKD2h+QmIYdxrLxTpbZGQHESTXhZQDbgGtfYz6lW
0xYCpwm99jLFxasCTn8rDibUHUGF+vfkiNGUaFW8Boqahp3km00UY/ReRK+5SLee
olvK9Pa/kjkxRkbhvuhC2a61h7bXUdL7ky+PDYtkhpm25gWdNHrYch1Sagho/0a2
D3D6qoMX8cKA7gxKfczrPkpuaNljPH/f79uzP3GUTGyZMhTOmqTfvGemAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOw4tfL3bNS4dZ70oKp7X5NVHfdCMB8GA1UdIwQY
MBaAFNLTj0WXBRtsDd8buGauTpRwPhVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYt
YmM1Zjg5N2M3MjRhLzEvN0RpMTh2ZHMxTGgxbnZTZ3FudGZrMVVkOTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZTdkNzctODljOC00NTJjLWE5YmYtYmM1Zjg5N2M3MjRh
LzEvMHRPUFJaY0ZHMndOM3h1NFpxNU9sSEEtRlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9fcAwQF
vACgMA0GCSqGSIb3DQEBCwUAA4IBAQBFxuyMe21gU16dGBzZ0uorTWpxUkxx+iAj
SwfPpKlq+WdY2JC7l+ro2fEPPLPQJhLNQVW0xKH4Ybb7dnyqCSYq9TW9FT3WaZMT
BjM6Nz1JalkLu8L7dHtzYAyyN8EbwIh86zhn6bcGWAImOjn30phuSm0dLMUU5ilu
Nplc6NLs9vhN7vFt/bu8RD6K5Ar+D4SrPW0BDCYzrayp5MrAe1pcSV/er+/xirhh
tZxqG6jARXEr3sT4DQk2vHL5Lr1v8YmDBurc+VSKpezzC1xNaipBexp2NDbfJlMX
Uqn2TkB8i2ACajayOPfy9TnG69Y2vOPut20U7AxeXGYm+kEgelW6
-----END CERTIFICATE-----
Generated at Thu Aug 21 14:45:37 2025 by rpki-client