Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rQukJ8L4YUK65UGmD-hNXWm0FWk.roa
File: rQukJ8L4YUK65UGmD-hNXWm0FWk.roa (raw, json)
Hash identifier: uwqcsU4KCE+0gVSTD5DHi91Tr0QgEGpxsMq/qt6/+FE=
Subject key identifier: AD:0B:A4:27:C2:F8:61:42:BA:E5:41:A6:0F:E8:4D:5D:69:B4:15:69
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01973A7FB7EB761A71BFE87776449EC548B4
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rQukJ8L4YUK65UGmD-hNXWm0FWk.roa
Signing time: Wed 04 Jun 2025 10:32:18 +0000
ROA not before: Wed 04 Jun 2025 10:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209710
IP address blocks: 185.238.241.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:7f:b7:eb:76:1a:71:bf:e8:77:76:44:9e:c5:48:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 4 10:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad0ba427c2f86142bae541a60fe84d5d69b41569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e0:f5:50:f7:dd:6f:f8:f4:ad:60:73:4b:c5:
8a:9c:0f:89:86:27:f8:0e:78:68:66:61:49:a0:8b:
e6:75:59:45:96:ff:2f:f9:cd:f4:83:b7:99:94:46:
65:38:ad:28:f4:bc:2b:d4:36:90:a1:97:9e:55:7e:
dd:ad:4a:37:c1:99:14:c2:2e:fd:90:94:90:ae:8b:
d2:0e:13:29:0e:fc:58:a6:c5:21:7d:fd:cc:85:a0:
c3:87:a9:5e:5a:b3:40:90:b3:06:65:96:ed:af:e5:
66:15:24:07:4b:92:a3:a0:2c:38:99:d4:4b:1c:65:
25:1c:c4:12:b5:c0:92:0b:63:6a:88:ba:cf:40:d4:
b0:9d:c1:26:09:3b:cf:5e:a4:9f:32:bc:49:eb:58:
e3:0a:0e:b0:9b:32:51:4f:da:25:c4:31:37:e2:8f:
92:0e:db:e7:13:b4:11:1e:57:b3:2d:65:29:1c:fd:
12:d6:14:34:03:76:cc:0b:f7:63:a4:35:7a:28:ef:
ec:65:01:0f:45:00:1e:43:01:a1:f4:23:fe:3a:ce:
4f:5f:c0:14:d7:44:6b:dd:84:c7:9f:94:2e:a5:42:
58:1d:2d:10:5b:d6:31:66:e0:a4:1e:88:fd:0a:9e:
64:4c:28:c2:3e:0a:85:c5:86:cc:55:e5:90:4e:b2:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0B:A4:27:C2:F8:61:42:BA:E5:41:A6:0F:E8:4D:5D:69:B4:15:69
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rQukJ8L4YUK65UGmD-hNXWm0FWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.241.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:21:f5:2d:ef:8b:54:a5:2d:36:a5:0f:0b:3d:ea:d1:78:d8:
d0:bb:26:d4:2c:d2:84:94:25:44:0a:e9:bd:a2:e2:fb:4b:79:
0b:de:17:47:d6:b6:ad:d5:67:a6:3d:08:76:d8:d0:b6:06:c1:
ba:a8:dc:6a:cb:08:e1:90:8d:4d:02:92:47:6d:39:6a:29:ae:
82:77:e3:1b:c9:b3:d4:69:fe:82:86:fb:6c:93:9f:9e:fd:54:
20:88:28:bf:5e:36:0b:a3:39:b8:c2:65:10:db:0b:b0:6d:9c:
b9:e0:2a:5c:1c:e4:4c:18:2f:63:3a:f1:58:f5:a0:09:2d:d7:
0c:bb:3b:47:54:13:5d:88:e1:3a:b4:22:1c:37:06:1b:f9:ff:
a6:3f:35:7b:8c:44:4e:77:4b:64:35:a0:ee:70:4f:76:3f:c5:
5a:f5:9d:8b:32:9a:d7:21:82:07:09:b3:ca:30:16:90:68:85:
a2:98:48:81:9c:27:af:a2:c8:1e:f2:89:85:35:7e:cc:37:08:
65:7f:21:f8:f4:58:94:7c:f8:39:c1:b8:fc:16:8e:62:b1:00:
11:75:48:80:86:74:c1:d8:9f:95:70:7c:f0:d5:a4:17:68:2e:
a9:74:4c:9b:47:48:cf:03:c5:77:0c:37:61:15:46:fb:36:a3:
51:f4:0d:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc6f7frdhpxv+h3dkSexUi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNjA0MTAzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBiYTQyN2MyZjg2MTQyYmFlNTQxYTYwZmU4NGQ1ZDY5YjQxNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OD1UPfdb/j0rWBzS8WKnA+Jhif4
DnhoZmFJoIvmdVlFlv8v+c30g7eZlEZlOK0o9Lwr1DaQoZeeVX7drUo3wZkUwi79
kJSQrovSDhMpDvxYpsUhff3MhaDDh6leWrNAkLMGZZbtr+VmFSQHS5KjoCw4mdRL
HGUlHMQStcCSC2NqiLrPQNSwncEmCTvPXqSfMrxJ61jjCg6wmzJRT9olxDE34o+S
DtvnE7QRHlezLWUpHP0S1hQ0A3bMC/djpDV6KO/sZQEPRQAeQwGh9CP+Os5PX8AU
10Rr3YTHn5QupUJYHS0QW9YxZuCkHoj9Cp5kTCjCPgqFxYbMVeWQTrK3vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0LpCfC+GFCuuVBpg/oTV1ptBVpMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvclF1a0o4TDRZVUs2NVVHbUQtaE5YV20wRldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue7xMA0G
CSqGSIb3DQEBCwUAA4IBAQB+IfUt74tUpS02pQ8LPerReNjQuybULNKElCVECum9
ouL7S3kL3hdH1rat1WemPQh22NC2BsG6qNxqywjhkI1NApJHbTlqKa6Cd+MbybPU
af6Chvtsk5+e/VQgiCi/XjYLozm4wmUQ2wuwbZy54CpcHORMGC9jOvFY9aAJLdcM
uztHVBNdiOE6tCIcNwYb+f+mPzV7jEROd0tkNaDucE92P8Va9Z2LMprXIYIHCbPK
MBaQaIWimEiBnCevosge8omFNX7MNwhlfyH49FiUfPg5wbj8Fo5isQARdUiAhnTB
2J+VcHzw1aQXaC6pdEybR0jPA8V3DDdhFUb7NqNR9A20
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:47:04 2025 by rpki-client