Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/B7d3MQIbfkEvo2qSsfhEkCAgz6c.roa
File: B7d3MQIbfkEvo2qSsfhEkCAgz6c.roa (raw, json)
Hash identifier: aYYmRrZYB32cQ/o3auZL57R8HcFii3L/DbLpVUlrCzo=
Subject key identifier: 07:B7:77:31:02:1B:7E:41:2F:A3:6A:92:B1:F8:44:90:20:20:CF:A7
Certificate issuer: /CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Certificate serial: 0199043D168D0C18C41B5234F92345C2DEB5
Authority key identifier: 7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/B7d3MQIbfkEvo2qSsfhEkCAgz6c.roa
Signing time: Mon 01 Sep 2025 07:45:36 +0000
ROA not before: Mon 01 Sep 2025 07:45:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204004
IP address blocks: 92.246.80.0/24 maxlen: 24
92.246.81.0/24 maxlen: 24
185.117.44.0/22 maxlen: 22
185.117.44.0/24 maxlen: 24
185.117.45.0/24 maxlen: 24
185.117.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:3d:16:8d:0c:18:c4:1b:52:34:f9:23:45:c2:de:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Validity
Not Before: Sep 1 07:45:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07b77731021b7e412fa36a92b1f844902020cfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:98:24:1b:b3:e4:80:50:7e:f2:8c:f2:c1:
c8:b7:b8:c7:d9:f3:75:35:ff:12:2b:53:4a:d6:77:
2e:84:ba:c7:62:ad:1b:ba:9e:cd:a7:c9:23:7d:08:
d4:08:91:0d:9c:58:35:c3:13:1a:c3:50:47:10:36:
01:94:1f:fe:fd:4e:a5:7d:0a:2e:cc:bb:f7:d0:b1:
1a:e3:9d:30:2f:e1:f3:20:f1:75:c1:b8:c4:c0:69:
bf:61:c3:30:ff:5f:8d:31:82:33:89:7c:ec:6e:41:
6a:64:52:a8:c9:ec:74:03:da:f2:73:d5:85:20:34:
51:75:98:72:b6:0c:c0:55:47:70:2a:3c:94:07:43:
26:e9:7f:b2:aa:a8:94:ea:7b:59:cf:e6:a3:68:18:
de:ef:7d:a1:12:74:dc:82:e8:69:16:b7:5c:e7:d4:
53:33:48:6d:a1:e7:2c:49:b6:93:0f:0d:97:be:db:
0c:dd:c4:9d:f6:64:3b:c9:44:fe:bd:95:b3:14:03:
ae:74:09:a5:03:10:1f:c2:94:1c:4d:74:87:44:d8:
74:d7:1f:8b:df:32:94:3a:5b:0a:c5:34:f6:b3:90:
1a:3d:04:f9:94:16:3e:78:21:d9:ea:72:b1:fa:32:
9f:39:ad:4d:fa:99:2e:79:aa:99:49:9c:94:59:ad:
ff:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B7:77:31:02:1B:7E:41:2F:A3:6A:92:B1:F8:44:90:20:20:CF:A7
X509v3 Authority Key Identifier:
keyid:7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/B7d3MQIbfkEvo2qSsfhEkCAgz6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.80.0/23
185.117.44.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:5c:c1:ed:65:49:ea:78:ef:19:17:11:af:92:bb:3a:22:21:
86:8b:a7:a8:69:38:04:6e:5c:89:e2:11:2f:e0:bf:57:f6:70:
f4:dd:f2:cb:44:0b:24:24:7f:68:49:59:03:a7:a2:23:57:84:
cb:3e:25:28:92:51:7b:30:61:ed:c1:1a:ba:b6:fe:08:9a:02:
3d:71:03:ab:90:23:30:81:04:1f:2b:85:5c:76:31:ab:5b:4d:
4d:f0:49:eb:71:58:e5:fa:53:2e:cd:8c:38:ce:54:ef:49:95:
0a:07:4e:6f:6a:02:5e:0b:83:be:c8:af:a5:93:2c:40:75:15:
05:e1:ce:03:2c:2c:1f:9e:54:aa:ce:01:fb:4a:c7:9b:e9:50:
83:4c:46:4b:a7:03:ca:d9:86:0f:c9:32:0b:b9:3f:4e:76:c3:
b3:e8:38:89:66:a6:f2:68:26:68:32:88:b1:cb:c4:a9:b1:da:
01:0a:23:cc:4f:8d:8f:ce:6a:70:4f:22:56:42:72:d3:ba:5f:
23:eb:a7:27:b7:9b:c1:5a:39:f3:1f:8f:d4:ca:57:04:b9:f7:
f5:bc:b0:7d:f9:04:00:9b:dd:95:c4:e2:c2:6a:06:88:c1:2d:
5d:0e:3d:3b:5d:e6:0e:7d:22:80:90:4a:0f:0e:e9:a6:70:e2:
9b:49:c8:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkEPRaNDBjEG1I0+SNFwt61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjU3ZGQ1MmM3NWZjZTM5ZmZlMjkxNTQ2OWQ5ZTY1NmRi
Y2I4NzMwHhcNMjUwOTAxMDc0NTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2I3NzczMTAyMWI3ZTQxMmZhMzZhOTJiMWY4NDQ5MDIwMjBjZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/KYJBuz5IBQfvKM8sHIt7jH2fN1
Nf8SK1NK1ncuhLrHYq0bup7Np8kjfQjUCJENnFg1wxMaw1BHEDYBlB/+/U6lfQou
zLv30LEa450wL+HzIPF1wbjEwGm/YcMw/1+NMYIziXzsbkFqZFKoyex0A9ryc9WF
IDRRdZhytgzAVUdwKjyUB0Mm6X+yqqiU6ntZz+ajaBje732hEnTcguhpFrdc59RT
M0htoecsSbaTDw2XvtsM3cSd9mQ7yUT+vZWzFAOudAmlAxAfwpQcTXSHRNh01x+L
3zKUOlsKxTT2s5AaPQT5lBY+eCHZ6nKx+jKfOa1N+pkueaqZSZyUWa3/8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAe3dzECG35BL6NqkrH4RJAgIM+nMB8GA1UdIwQY
MBaAFHr1fdUsdfzjn/4pFUadnmVtvLhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYt
YzI1MzQwOTZjNjBkLzEvQjdkM01RSWJma0V2bzJxU3NmaEVrQ0FnejZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYtYzI1MzQwOTZjNjBk
LzEvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXPZQAwQC
uXUsMA0GCSqGSIb3DQEBCwUAA4IBAQCsXMHtZUnqeO8ZFxGvkrs6IiGGi6eoaTgE
blyJ4hEv4L9X9nD03fLLRAskJH9oSVkDp6IjV4TLPiUoklF7MGHtwRq6tv4ImgI9
cQOrkCMwgQQfK4VcdjGrW01N8EnrcVjl+lMuzYw4zlTvSZUKB05vagJeC4O+yK+l
kyxAdRUF4c4DLCwfnlSqzgH7Sseb6VCDTEZLpwPK2YYPyTILuT9OdsOz6DiJZqby
aCZoMoixy8SpsdoBCiPMT42PzmpwTyJWQnLTul8j66cnt5vBWjnzH4/UylcEuff1
vLB9+QQAm92VxOLCagaIwS1dDj07XeYOfSKAkEoPDummcOKbScg2
-----END CERTIFICATE-----
Generated at Tue Sep 9 14:14:04 2025 by rpki-client