Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0DMfTu7jIFvtcj5jQrCloGdD4Uw.roa
File: 0DMfTu7jIFvtcj5jQrCloGdD4Uw.roa (raw, json)
Hash identifier: IqpyqAfql98GQKqDaZ+GCO/wJrOJSm4rxuu8aE9nSus=
Subject key identifier: D0:33:1F:4E:EE:E3:20:5B:ED:72:3E:63:42:B0:A5:A0:67:43:E1:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0198B20F9EEAF428B4749B876D118637FCC6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0DMfTu7jIFvtcj5jQrCloGdD4Uw.roa
Signing time: Sat 16 Aug 2025 08:47:04 +0000
ROA not before: Sat 16 Aug 2025 08:47:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.222.30.0/24 maxlen: 24
185.230.65.0/24 maxlen: 24
185.230.66.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b2:0f:9e:ea:f4:28:b4:74:9b:87:6d:11:86:37:fc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 16 08:47:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0331f4eeee3205bed723e6342b0a5a06743e14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:03:12:85:c8:5e:8f:93:b8:fa:08:b5:20:75:
01:19:00:e7:06:83:d6:1c:fa:a0:00:8e:de:41:bf:
45:19:2d:da:a9:64:89:8d:a5:05:48:48:be:ca:32:
13:d1:92:55:62:26:68:2c:82:01:02:4e:0a:8d:ef:
88:6a:3f:dd:25:5b:12:4c:31:4c:68:ec:98:28:25:
ae:44:54:c4:fd:23:95:c5:04:06:32:0a:8e:dc:60:
9f:ff:51:a1:20:78:5a:f7:d3:4b:dc:ed:2b:c1:84:
30:98:b6:73:ed:c9:e3:5a:e8:c1:cc:95:14:dd:66:
df:30:98:67:98:16:16:e1:da:f9:34:09:74:1d:b0:
12:9b:e0:b7:f0:26:d4:c1:82:aa:90:93:65:f4:79:
a5:62:53:c8:22:f1:72:9a:50:cc:b8:f8:16:06:b4:
c0:1b:64:e4:7c:78:9d:64:99:b9:05:f6:af:bd:80:
fb:0b:88:06:fc:fa:b4:d6:3b:3b:4d:dd:6c:3b:f9:
80:d3:8f:b7:da:e6:96:ab:19:2a:b1:af:4e:9c:f1:
28:aa:34:7d:5f:6f:e5:9f:e3:4e:61:39:df:b0:e5:
83:9e:69:a5:43:23:a3:bc:6d:3a:ba:98:e7:75:9b:
7b:d1:1c:fa:8d:1e:70:a8:62:8e:cf:9f:9f:f1:52:
53:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:33:1F:4E:EE:E3:20:5B:ED:72:3E:63:42:B0:A5:A0:67:43:E1:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0DMfTu7jIFvtcj5jQrCloGdD4Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.30.0/24
185.230.65.0-185.230.66.255
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ed:fa:bb:34:7d:c6:17:f5:f4:bb:61:75:07:d6:c5:92:df:
89:39:b9:8d:86:7e:ec:af:40:35:12:f8:3a:3a:1f:96:17:03:
cd:37:b6:1e:5f:9b:ea:bc:b3:e0:70:bb:25:55:c6:7a:c1:3b:
31:82:90:2d:ad:76:05:c9:a6:3c:60:eb:b5:0d:a0:51:09:38:
b1:48:a7:f8:7e:e6:4c:81:7f:a7:8d:f3:6c:b0:9f:cd:0a:08:
ea:ec:2e:06:82:43:8c:1a:f2:3a:18:ad:eb:96:14:c5:ed:42:
64:ec:70:c1:d1:02:ed:23:90:56:12:f9:6b:83:47:da:1e:b7:
7f:b6:49:20:28:b2:e1:fa:23:d1:50:3f:e5:86:97:fc:49:2e:
63:98:f4:af:ca:0c:8c:f5:3d:5e:d1:99:c0:fe:4b:a4:16:57:
f5:c2:5b:13:5e:7e:56:83:53:6b:86:bc:23:2a:4c:28:fe:26:
53:61:3b:a5:d2:2e:d6:8b:1c:04:2b:79:3f:82:35:a0:3c:57:
d3:2b:79:ae:a4:55:7c:bd:6b:12:cf:f1:9e:26:53:1e:ff:99:
1a:cb:47:eb:6c:38:b6:bc:ba:b8:12:91:39:17:6e:42:69:19:
7e:ed:9e:5c:6d:a6:bf:1c:4e:1e:18:09:f5:9d:cb:be:af:6e:
33:8f:e8:7f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZiyD57q9Ci0dJuHbRGGN/zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwODE2MDg0NzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMzMWY0ZWVlZTMyMDViZWQ3MjNlNjM0MmIwYTVhMDY3NDNlMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgMShchej5O4+gi1IHUBGQDnBoPW
HPqgAI7eQb9FGS3aqWSJjaUFSEi+yjIT0ZJVYiZoLIIBAk4Kje+Iaj/dJVsSTDFM
aOyYKCWuRFTE/SOVxQQGMgqO3GCf/1GhIHha99NL3O0rwYQwmLZz7cnjWujBzJUU
3WbfMJhnmBYW4dr5NAl0HbASm+C38CbUwYKqkJNl9HmlYlPIIvFymlDMuPgWBrTA
G2TkfHidZJm5BfavvYD7C4gG/Pq01js7Td1sO/mA04+32uaWqxkqsa9OnPEoqjR9
X2/ln+NOYTnfsOWDnmmlQyOjvG06upjndZt70Rz6jR5wqGKOz5+f8VJTBQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNAzH07u4yBb7XI+Y0KwpaBnQ+FMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMERNZlR1N2pJRnZ0Y2o1alFyQ2xvR2RENFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAud4eMAwD
BAC55kEDBAC55kIDBADCBUAwDQYJKoZIhvcNAQELBQADggEBAArt+rs0fcYX9fS7
YXUH1sWS34k5uY2GfuyvQDUS+Do6H5YXA803th5fm+q8s+BwuyVVxnrBOzGCkC2t
dgXJpjxg67UNoFEJOLFIp/h+5kyBf6eN82ywn80KCOrsLgaCQ4wa8joYreuWFMXt
QmTscMHRAu0jkFYS+WuDR9oet3+2SSAosuH6I9FQP+WGl/xJLmOY9K/KDIz1PV7R
mcD+S6QWV/XCWxNeflaDU2uGvCMqTCj+JlNhO6XSLtaLHAQreT+CNaA8V9Mrea6k
VXy9axLP8Z4mUx7/mRrLR+tsOLa8urgSkTkXbkJpGX7tnlxtpr8cTh4YCfWdy76v
bjOP6H8=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:50:00 2025 by rpki-client