Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SHb2dg4pN2_qlGS7FlPHCR1luBo.roa
File: SHb2dg4pN2_qlGS7FlPHCR1luBo.roa (raw, json)
Hash identifier: mWG+WgNmXq/igTAtZFyHObc609X5sLYu9jppjMz4Ma8=
Subject key identifier: 48:76:F6:76:0E:29:37:6F:EA:94:64:BB:16:53:C7:09:1D:65:B8:1A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0198F52B11D58B3126DC562804D557F87835
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SHb2dg4pN2_qlGS7FlPHCR1luBo.roa
Signing time: Fri 29 Aug 2025 09:31:37 +0000
ROA not before: Fri 29 Aug 2025 09:31:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:2b:11:d5:8b:31:26:dc:56:28:04:d5:57:f8:78:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 29 09:31:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4876f6760e29376fea9464bb1653c7091d65b81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8c:6a:22:89:b8:99:d8:11:15:ca:a6:9d:c5:
11:db:68:8e:2d:91:8c:ed:0f:be:4a:ca:cc:1a:80:
a5:a5:b0:ac:b9:5e:95:83:a7:b8:d1:4e:0b:79:95:
ac:c8:5f:42:6f:18:f4:ab:34:51:32:1d:ee:e3:57:
6d:29:52:bb:fa:f2:fd:8f:7c:f1:70:30:ac:f3:f2:
e9:20:86:61:d7:1f:04:3d:e1:ba:6d:f7:ef:4c:1b:
19:e5:ec:d7:a2:1b:c9:b4:0b:3a:a5:57:cb:2e:1f:
b6:f8:d1:e0:8d:c1:1b:5d:2f:07:dd:5f:7d:e0:37:
7f:26:26:f8:1a:8a:c1:72:48:03:87:ab:25:b0:ed:
21:a9:ad:aa:f6:b6:11:42:1e:39:3e:be:3c:49:c0:
18:77:79:f2:53:c9:1b:0a:bf:a3:80:1c:e6:9b:56:
2b:82:43:db:b0:74:c0:0f:4f:81:db:1c:53:36:05:
dd:16:c4:e5:6c:5c:96:11:98:9a:d5:78:d2:4e:23:
29:17:55:37:10:c4:7e:74:f8:9f:1a:bc:dd:b3:dd:
f5:9d:ef:96:08:e3:06:95:2a:e0:c8:80:13:02:db:
e6:4a:54:66:21:4d:ad:ba:9e:fd:e6:49:4c:22:f1:
fc:a7:8d:19:a7:de:8e:be:40:a8:96:9f:a9:91:05:
70:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:76:F6:76:0E:29:37:6F:EA:94:64:BB:16:53:C7:09:1D:65:B8:1A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SHb2dg4pN2_qlGS7FlPHCR1luBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
85:1a:be:8a:a0:25:ad:ec:3e:2c:93:71:94:10:99:50:3b:3d:
4e:f1:82:f4:3a:09:59:b2:4f:87:41:34:79:8f:59:d1:79:a4:
3e:fb:68:34:4b:3f:00:82:5c:18:4f:22:25:3a:dc:9d:8d:ab:
9d:e2:3b:56:26:39:23:0e:64:82:32:df:5b:0e:6a:c8:00:87:
1a:3a:05:62:5f:5c:29:ef:c5:09:2e:95:49:ad:b9:53:02:d1:
32:72:20:0d:44:43:75:34:d6:5a:43:08:44:1e:70:00:11:b3:
89:0b:a3:d3:b4:0a:b5:2c:a3:b9:b7:c1:dd:c9:7a:37:7c:8b:
24:7a:f4:fd:e0:73:38:5c:b2:ec:23:ca:37:0b:fe:2b:38:d4:
27:94:5e:de:b0:23:6c:7d:0b:df:26:ee:88:1a:35:f6:ec:0e:
74:57:9e:a5:ab:57:b8:1e:12:19:94:b6:ac:60:32:f6:b8:83:
a6:e3:b6:1a:2e:50:22:ad:88:7e:11:df:c2:a6:80:78:bc:b0:
2a:41:86:73:bb:bc:39:44:2a:9b:9e:8b:db:6a:8e:6f:22:22:
4d:75:06:89:b5:db:89:1d:a3:7a:2f:c6:06:e2:46:54:25:61:
8f:c7:9b:da:f6:78:59:01:a4:ae:1e:44:91:ba:5d:54:cf:32:
2f:0a:d8:e3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZj1KxHVizEm3FYoBNVX+Hg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwODI5MDkzMTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc2ZjY3NjBlMjkzNzZmZWE5NDY0YmIxNjUzYzcwOTFkNjViODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YxqIom4mdgRFcqmncUR22iOLZGM
7Q++SsrMGoClpbCsuV6Vg6e40U4LeZWsyF9Cbxj0qzRRMh3u41dtKVK7+vL9j3zx
cDCs8/LpIIZh1x8EPeG6bffvTBsZ5ezXohvJtAs6pVfLLh+2+NHgjcEbXS8H3V99
4Dd/Jib4GorBckgDh6slsO0hqa2q9rYRQh45Pr48ScAYd3nyU8kbCr+jgBzmm1Yr
gkPbsHTAD0+B2xxTNgXdFsTlbFyWEZia1XjSTiMpF1U3EMR+dPifGrzds931ne+W
COMGlSrgyIATAtvmSlRmIU2tup795klMIvH8p40Zp96OvkColp+pkQVwWQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEh29nYOKTdv6pRkuxZTxwkdZbgaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvU0hiMmRnNHBOMl9xbEdTN0ZsUEhDUjFsdUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAucefAwQA
uc74AwQAuc77AwQBudEkAwQCudKYAwQAudpmAwQAud9MAwQAueECAwQAueORAwQC
ueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCFGr6KoCWt
7D4sk3GUEJlQOz1O8YL0OglZsk+HQTR5j1nReaQ++2g0Sz8AglwYTyIlOtydjaud
4jtWJjkjDmSCMt9bDmrIAIcaOgViX1wp78UJLpVJrblTAtEyciANREN1NNZaQwhE
HnAAEbOJC6PTtAq1LKO5t8HdyXo3fIskevT94HM4XLLsI8o3C/4rONQnlF7esCNs
fQvfJu6IGjX27A50V56lq1e4HhIZlLasYDL2uIOm47YaLlAirYh+Ed/CpoB4vLAq
QYZzu7w5RCqbnovbao5vIiJNdQaJtduJHaN6L8YG4kZUJWGPx5va9nhZAaSuHkSR
ul1UzzIvCtjj
-----END CERTIFICATE-----
Generated at Thu Sep 18 04:39:05 2025 by rpki-client