Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/EdebYw8VEwcX_PNYCaxBuSfInbM.roa
File: EdebYw8VEwcX_PNYCaxBuSfInbM.roa (raw, json)
Hash identifier: qNsdYHep9N3Bgeh3PKAOUNjoIKAI8s7Ww9xQ5NLHkC4=
Subject key identifier: 11:D7:9B:63:0F:15:13:07:17:FC:F3:58:09:AC:41:B9:27:C8:9D:B3
Certificate issuer: /CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b
Certificate serial: 019928B2A348B31A66F97D9F69105E0DD159
Authority key identifier: 61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/EdebYw8VEwcX_PNYCaxBuSfInbM.roa
Signing time: Mon 08 Sep 2025 09:40:19 +0000
ROA not before: Mon 08 Sep 2025 09:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57280
IP address blocks: 185.60.172.0/22 maxlen: 22
185.60.174.0/24 maxlen: 24
185.60.175.0/24 maxlen: 24
2a03:5580::/30 maxlen: 30
2a03:5584::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.mft
rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:28:b2:a3:48:b3:1a:66:f9:7d:9f:69:10:5e:0d:d1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b
Validity
Not Before: Sep 8 09:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d79b630f15130717fcf35809ac41b927c89db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b4:34:9c:0f:6c:01:76:20:e1:2e:9e:dc:27:
07:82:f7:93:d5:bc:e5:e1:67:eb:ae:eb:5a:98:7f:
b4:6d:7f:a2:5c:f8:f6:2d:fa:80:6d:c1:e4:af:8f:
14:06:31:95:24:0b:62:59:ed:56:b5:af:2f:b8:a0:
49:d4:d7:df:72:ed:55:1d:c8:e3:bc:61:b7:59:53:
f8:24:08:08:ec:ea:63:54:b1:44:11:ce:b5:d4:66:
e7:76:bd:25:f9:cf:16:42:05:fb:82:31:8e:14:8e:
9b:4b:89:1c:c3:65:d0:18:f2:7c:f6:d6:74:10:38:
20:80:52:f2:8b:c6:1a:fe:8e:0d:70:e4:df:29:91:
e9:33:0c:3c:27:4a:1d:63:52:e8:8d:ab:63:31:e6:
2b:1e:a7:e1:5d:6d:ee:ba:e8:75:46:5d:f9:f8:8a:
51:8e:32:d3:02:8d:df:d2:b7:09:aa:67:7b:35:6b:
c4:26:39:6a:bd:c7:09:d4:9d:d1:4c:5c:af:76:53:
f7:1e:0c:5f:da:4f:a4:c8:a6:5d:42:d0:7a:da:ad:
58:05:ab:38:e2:b3:5e:bf:58:75:c7:53:ca:6f:68:
b6:3c:40:cd:29:d8:f5:c6:65:6e:5e:ac:25:7a:c3:
90:41:a8:6e:85:91:90:82:80:5b:ea:96:f6:44:21:
85:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:9B:63:0F:15:13:07:17:FC:F3:58:09:AC:41:B9:27:C8:9D:B3
X509v3 Authority Key Identifier:
keyid:61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/EdebYw8VEwcX_PNYCaxBuSfInbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.172.0/22
IPv6:
2a03:5580::/29
Signature Algorithm: sha256WithRSAEncryption
5b:61:34:e2:45:6a:62:a3:87:26:9f:bb:23:62:e3:80:aa:3a:
cf:91:ee:8a:2d:69:6b:bd:e4:9e:bb:c4:0f:fa:8f:a5:bb:ab:
ff:99:91:a6:7a:a6:1b:e4:c9:dd:3a:72:39:d6:76:24:6b:1f:
f0:67:af:21:35:33:02:7c:c1:bf:b4:21:92:93:61:59:f1:5a:
e7:da:e5:d4:b4:d0:6b:15:10:6c:6f:9a:81:b8:33:13:fa:4d:
c5:71:3d:d8:96:1c:d7:cd:4b:ca:0f:4a:8c:10:ad:ff:a4:a7:
1d:41:45:a4:31:0c:2c:1f:30:ca:e1:38:95:01:1e:86:a7:62:
d6:68:e1:e1:ce:3b:7c:c3:3b:6e:e9:ee:46:4c:06:01:6d:82:
1f:ba:bf:31:bc:34:b9:46:db:54:30:fc:0a:30:28:67:67:9c:
ef:a0:cf:54:05:65:bb:ad:1f:2c:82:ef:b1:e4:3d:b9:7f:94:
eb:10:af:9b:02:4b:e5:e9:de:0b:79:fa:13:2a:3a:3f:85:7c:
c7:64:e1:94:2c:fa:c9:ba:54:17:45:ad:8d:a9:cc:8a:82:f4:
0e:54:f5:48:47:1a:76:44:b5:3d:b4:67:cb:05:9d:ca:b7:b5:
e4:72:03:b0:a3:0a:94:5a:9a:95:6d:a2:dc:44:46:ef:84:f3:
2d:1e:c9:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZkosqNIsxpm+X2faRBeDdFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGI3MGZmOWMyMmZmZTBiNzdmNDNmNDFjMDgwNzRkZTZm
MzZlMWIwHhcNMjUwOTA4MDk0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ3OWI2MzBmMTUxMzA3MTdmY2YzNTgwOWFjNDFiOTI3Yzg5ZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLQ0nA9sAXYg4S6e3CcHgveT1bzl
4WfrrutamH+0bX+iXPj2LfqAbcHkr48UBjGVJAtiWe1Wta8vuKBJ1Nffcu1VHcjj
vGG3WVP4JAgI7OpjVLFEEc611Gbndr0l+c8WQgX7gjGOFI6bS4kcw2XQGPJ89tZ0
EDgggFLyi8Ya/o4NcOTfKZHpMww8J0odY1LojatjMeYrHqfhXW3uuuh1Rl35+IpR
jjLTAo3f0rcJqmd7NWvEJjlqvccJ1J3RTFyvdlP3Hgxf2k+kyKZdQtB62q1YBas4
4rNev1h1x1PKb2i2PEDNKdj1xmVuXqwlesOQQahuhZGQgoBb6pb2RCGFNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBHXm2MPFRMHF/zzWAmsQbknyJ2zMB8GA1UdIwQY
MBaAFGFLcP+cIv/gt39D9BwIB03m824bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3Njgt
NTVmZWMxMjUyYWIwLzEvRWRlYll3OFZFd2NYX1BOWUNheEJ1U2ZJbmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3NjgtNTVmZWMxMjUyYWIw
LzEvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTysMA0E
AgACMAcDBQMqA1WAMA0GCSqGSIb3DQEBCwUAA4IBAQBbYTTiRWpio4cmn7sjYuOA
qjrPke6KLWlrveSeu8QP+o+lu6v/mZGmeqYb5MndOnI51nYkax/wZ68hNTMCfMG/
tCGSk2FZ8Vrn2uXUtNBrFRBsb5qBuDMT+k3FcT3YlhzXzUvKD0qMEK3/pKcdQUWk
MQwsHzDK4TiVAR6Gp2LWaOHhzjt8wztu6e5GTAYBbYIfur8xvDS5RttUMPwKMChn
Z5zvoM9UBWW7rR8sgu+x5D25f5TrEK+bAkvl6d4LefoTKjo/hXzHZOGULPrJulQX
Ra2NqcyKgvQOVPVIRxp2RLU9tGfLBZ3Kt7XkcgOwowqUWpqVbaLcREbvhPMtHslG
-----END CERTIFICATE-----
Generated at Tue Sep 9 07:11:01 2025 by rpki-client