Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/Ao4f98uIFcgkhdxyPOpQgAuwN9w.roa
File: Ao4f98uIFcgkhdxyPOpQgAuwN9w.roa (raw, json)
Hash identifier: ttNIa0Xruypw+Nr5sYx69ADzUxbcLDOTo777VDuXgok=
Subject key identifier: 02:8E:1F:F7:CB:88:15:C8:24:85:DC:72:3C:EA:50:80:0B:B0:37:DC
Certificate issuer: /CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Certificate serial: 019814007B79DA6BD64B1AD4AB04C7E95A1B
Authority key identifier: 38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/Ao4f98uIFcgkhdxyPOpQgAuwN9w.roa
Signing time: Wed 16 Jul 2025 16:10:32 +0000
ROA not before: Wed 16 Jul 2025 16:10:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43298
IP address blocks: 185.71.64.0/24 maxlen: 24
185.71.65.0/24 maxlen: 24
185.71.66.0/24 maxlen: 24
185.71.67.0/24 maxlen: 24
193.84.78.0/24 maxlen: 24
193.84.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:14:00:7b:79:da:6b:d6:4b:1a:d4:ab:04:c7:e9:5a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38e7f47bb9b91657e5726bfcb2def8aad973e268
Validity
Not Before: Jul 16 16:10:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=028e1ff7cb8815c82485dc723cea50800bb037dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:8b:39:90:e6:ca:a4:b6:8d:fd:d0:08:5c:
33:1a:4a:0c:b6:43:ee:c0:81:32:2c:c8:b9:95:79:
9f:bd:fc:a7:c0:d2:9a:d4:4a:02:ec:68:00:49:e3:
a5:40:28:cc:ec:3b:45:fa:aa:0f:a2:15:f5:9e:94:
f2:12:96:ab:8e:1d:fb:96:83:c7:cf:ff:0b:be:14:
1e:43:49:27:44:62:95:43:99:a5:94:c0:98:c6:c1:
d5:35:0f:39:6f:6d:9e:12:a4:5c:40:16:ff:ca:a1:
a5:2a:3f:c1:0e:18:a2:56:a0:5b:81:48:f8:25:b8:
da:97:27:4f:40:aa:2c:4a:53:23:0b:f9:28:96:24:
f6:92:82:92:45:e5:6f:0f:c3:10:ac:1a:7a:8f:09:
9d:6e:d3:ad:e2:e0:8c:db:26:d5:a2:7f:e3:ce:ec:
e7:71:cf:20:0b:cd:d4:5c:16:ee:bb:ec:21:5d:0c:
79:02:1b:85:18:90:de:c1:c2:c7:a9:a1:b7:55:d9:
34:b7:3b:a6:ed:67:52:f2:b7:c3:60:72:1c:a2:dc:
b9:76:57:8f:ac:df:ad:92:2a:22:45:86:17:9c:14:
a6:3f:27:a7:0b:04:74:10:07:ef:74:dc:1f:d5:16:
24:62:07:48:cb:9d:fb:14:8a:71:4d:d1:d1:92:03:
a3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8E:1F:F7:CB:88:15:C8:24:85:DC:72:3C:EA:50:80:0B:B0:37:DC
X509v3 Authority Key Identifier:
keyid:38:E7:F4:7B:B9:B9:16:57:E5:72:6B:FC:B2:DE:F8:AA:D9:73:E2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OOf0e7m5Flflcmv8st74qtlz4mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/Ao4f98uIFcgkhdxyPOpQgAuwN9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bb0e7b-2a81-4970-b3bd-686f0a0616cc/1/OOf0e7m5Flflcmv8st74qtlz4mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.64.0/22
193.84.78.0/24
193.84.90.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3e:14:e1:12:97:9b:aa:d2:26:db:58:01:23:c6:9c:a9:96:
a8:f9:bc:32:b2:49:2c:00:2e:38:4e:a4:72:95:40:d9:de:f5:
a2:4b:3f:db:04:92:50:50:a5:d2:bf:2f:a1:4d:59:ec:92:30:
f6:6d:7e:0b:84:86:c7:32:08:6f:50:6b:81:2d:f9:0e:9c:6e:
f7:42:a5:d7:11:f1:cb:2f:e0:88:d4:8f:c7:ba:64:09:fa:8e:
aa:e9:8a:18:84:43:80:c0:45:51:d9:41:01:1c:a5:ae:08:3f:
ed:60:46:6d:a1:0b:8b:0a:3f:b1:f7:4a:4a:90:68:05:3f:74:
a7:1b:6c:a8:53:2c:d4:50:e5:89:3f:af:cf:cf:d2:f7:aa:13:
e9:38:11:6f:8c:8e:10:bb:90:88:6d:75:a1:29:cc:b1:3e:5b:
63:93:2a:c0:b2:62:60:1a:07:fa:5c:d5:39:18:70:ea:87:f3:
5e:e6:a0:68:de:36:bd:28:ed:12:a3:11:45:11:94:1e:49:bc:
69:68:bc:6e:7b:73:c2:38:3f:0b:2b:5c:41:c7:f8:38:f8:f0:
d3:42:c4:09:70:88:0a:fd:14:f5:22:1b:5f:64:0a:1a:cd:a2:
13:44:9a:bc:fb:d6:2b:f1:2c:e5:8e:50:da:d9:da:96:ae:e5:
6a:c7:7d:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgUAHt52mvWSxrUqwTH6VobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZTdmNDdiYjliOTE2NTdlNTcyNmJmY2IyZGVmOGFhZDk3
M2UyNjgwHhcNMjUwNzE2MTYxMDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjhlMWZmN2NiODgxNWM4MjQ4NWRjNzIzY2VhNTA4MDBiYjAzN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk+LOZDmyqS2jf3QCFwzGkoMtkPu
wIEyLMi5lXmfvfynwNKa1EoC7GgASeOlQCjM7DtF+qoPohX1npTyEparjh37loPH
z/8LvhQeQ0knRGKVQ5mllMCYxsHVNQ85b22eEqRcQBb/yqGlKj/BDhiiVqBbgUj4
JbjalydPQKosSlMjC/koliT2koKSReVvD8MQrBp6jwmdbtOt4uCM2ybVon/jzuzn
cc8gC83UXBbuu+whXQx5AhuFGJDewcLHqaG3Vdk0tzum7WdS8rfDYHIcoty5dleP
rN+tkioiRYYXnBSmPyenCwR0EAfvdNwf1RYkYgdIy537FIpxTdHRkgOjvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAKOH/fLiBXIJIXccjzqUIALsDfcMB8GA1UdIwQY
MBaAFDjn9Hu5uRZX5XJr/LLe+KrZc+JoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQt
Njg2ZjBhMDYxNmNjLzEvQW80Zjk4dUlGY2draGR4eVBPcFFnQXV3Tjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iYjBlN2ItMmE4MS00OTcwLWIzYmQtNjg2ZjBhMDYxNmNj
LzEvT09mMGU3bTVGbGZsY212OHN0NzRxdGx6NG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUdAAwQA
wVROAwQAwVRaMA0GCSqGSIb3DQEBCwUAA4IBAQAiPhThEpebqtIm21gBI8acqZao
+bwyskksAC44TqRylUDZ3vWiSz/bBJJQUKXSvy+hTVnskjD2bX4LhIbHMghvUGuB
LfkOnG73QqXXEfHLL+CI1I/HumQJ+o6q6YoYhEOAwEVR2UEBHKWuCD/tYEZtoQuL
Cj+x90pKkGgFP3SnG2yoUyzUUOWJP6/Pz9L3qhPpOBFvjI4Qu5CIbXWhKcyxPltj
kyrAsmJgGgf6XNU5GHDqh/Ne5qBo3ja9KO0SoxFFEZQeSbxpaLxue3PCOD8LK1xB
x/g4+PDTQsQJcIgK/RT1IhtfZAoazaITRJq8+9Yr8SzljlDa2dqWruVqx33K
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:54:33 2025 by rpki-client