Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PC0WYdZ1ycG1Cd4ptQwx-c0T2q0.roa
File: PC0WYdZ1ycG1Cd4ptQwx-c0T2q0.roa (raw, json)
Hash identifier: At2fGeC/cafSt/IzSRflfqxkQbNcMN2V1hxeUFtAGgk=
Subject key identifier: 3C:2D:16:61:D6:75:C9:C1:B5:09:DE:29:B5:0C:31:F9:CD:13:DA:AD
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 0199138A71BCA59E9DDDF5BB87BCCFC43D24
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PC0WYdZ1ycG1Cd4ptQwx-c0T2q0.roa
Signing time: Thu 04 Sep 2025 07:04:24 +0000
ROA not before: Thu 04 Sep 2025 07:04:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57324
IP address blocks: 93.187.32.0/24 maxlen: 24
93.187.33.0/24 maxlen: 24
93.187.34.0/24 maxlen: 24
93.187.35.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
93.187.37.0/24 maxlen: 24
93.187.38.0/24 maxlen: 24
93.187.39.0/24 maxlen: 24
185.52.118.0/24 maxlen: 24
185.52.119.0/24 maxlen: 24
2a00:dd00:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:13:8a:71:bc:a5:9e:9d:dd:f5:bb:87:bc:cf:c4:3d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Sep 4 07:04:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c2d1661d675c9c1b509de29b50c31f9cd13daad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:04:a4:c5:58:35:9a:05:8b:06:fc:aa:da:78:
29:ec:4b:4e:b5:08:17:35:dc:9b:c9:0a:c1:9c:69:
8d:87:c5:46:85:7e:bf:b1:10:b6:5f:f5:0d:9f:91:
16:31:3f:5a:c6:05:77:55:b4:7c:82:26:24:6f:b1:
85:e9:9b:b0:4d:02:71:2f:fe:91:24:c2:ae:f0:86:
c5:9b:25:64:49:ba:82:6e:ff:0a:02:88:4f:d4:94:
e0:cc:91:84:9a:4e:bf:d0:1a:fd:3c:37:e4:de:af:
0f:81:51:fb:c9:1b:54:0c:d9:e5:6e:0b:11:a4:75:
f4:5f:ca:4f:f2:d4:8f:a3:3a:d8:0b:c1:4c:b6:72:
2f:9e:4a:04:c5:31:2d:0e:72:bc:f8:8a:f2:0e:89:
f7:c4:83:34:be:e7:ff:7e:b9:ae:97:6f:45:54:c6:
bf:93:7d:40:d2:1c:2e:15:5c:6f:c7:e6:64:83:3f:
53:6e:09:74:7d:f1:cd:af:d9:3a:e4:e5:78:fe:90:
0c:f5:a0:2e:04:65:95:9e:93:19:ff:66:cf:b2:81:
8e:b9:13:f6:7e:81:c0:77:e6:a8:d8:b7:37:63:34:
b3:1a:e3:f7:01:2e:0c:e6:19:1d:c3:99:a0:e5:39:
34:2c:2c:8b:2e:65:e4:c0:47:bf:23:a6:11:a0:81:
18:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2D:16:61:D6:75:C9:C1:B5:09:DE:29:B5:0C:31:F9:CD:13:DA:AD
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PC0WYdZ1ycG1Cd4ptQwx-c0T2q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.118.0/23
IPv6:
2a00:dd00:4::/48
Signature Algorithm: sha256WithRSAEncryption
7c:3b:71:70:a4:a2:d1:57:95:cf:22:1a:55:da:c2:05:c0:46:
0b:50:cc:9b:a2:e5:a9:59:d6:27:b2:e9:89:92:cf:fa:f6:18:
81:30:df:3d:60:0f:29:a6:71:b0:4d:e8:5a:65:7e:3b:90:14:
5b:f7:72:8b:9b:68:63:a2:50:bc:5b:b3:2a:dd:76:fe:89:c3:
9d:da:7d:a5:a6:96:a2:9e:d2:0e:ed:ec:5b:4e:f7:f5:df:4b:
18:ec:69:d8:c5:d0:76:27:64:2c:fd:e7:5e:97:33:b6:34:c5:
5d:14:10:36:fc:50:79:93:11:8b:74:bd:44:44:2d:bf:bb:64:
78:39:6b:16:59:00:00:7c:ba:45:3b:b7:97:7d:33:d2:f0:3c:
d5:1d:98:de:8b:33:22:2d:29:b0:d8:83:d1:e2:fa:d1:59:7d:
c6:23:4f:5e:86:44:95:d6:2e:e4:26:83:d5:bf:b6:d5:e2:cf:
22:dc:f3:67:92:ee:a6:c0:34:c4:bf:08:3e:28:6d:9a:d4:9e:
45:0b:89:ee:fc:01:a0:43:77:55:d4:fe:9a:87:5b:c8:eb:dc:
dd:52:da:f7:ee:86:e0:d9:c8:71:e6:90:30:71:23:a9:e1:33:
33:0e:79:1b:bb:a2:54:a5:c5:bd:b6:92:8d:4a:a3:df:38:08:
dd:4f:74:31
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZkTinG8pZ6d3fW7h7zPxD0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjUwOTA0MDcwNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzJkMTY2MWQ2NzVjOWMxYjUwOWRlMjliNTBjMzFmOWNkMTNkYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogSkxVg1mgWLBvyq2ngp7EtOtQgX
NdybyQrBnGmNh8VGhX6/sRC2X/UNn5EWMT9axgV3VbR8giYkb7GF6ZuwTQJxL/6R
JMKu8IbFmyVkSbqCbv8KAohP1JTgzJGEmk6/0Br9PDfk3q8PgVH7yRtUDNnlbgsR
pHX0X8pP8tSPozrYC8FMtnIvnkoExTEtDnK8+IryDon3xIM0vuf/frmul29FVMa/
k31A0hwuFVxvx+Zkgz9Tbgl0ffHNr9k65OV4/pAM9aAuBGWVnpMZ/2bPsoGOuRP2
foHAd+ao2Lc3YzSzGuP3AS4M5hkdw5mg5Tk0LCyLLmXkwEe/I6YRoIEY1wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDwtFmHWdcnBtQneKbUMMfnNE9qtMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvUEMwV1lkWjF5Y0cxQ2Q0cHRRd3gtYzBUMnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXbsgAwQB
uTR2MA8EAgACMAkDBwAqAN0AAAQwDQYJKoZIhvcNAQELBQADggEBAHw7cXCkotFX
lc8iGlXawgXARgtQzJui5alZ1iey6YmSz/r2GIEw3z1gDymmcbBN6FplfjuQFFv3
coubaGOiULxbsyrddv6Jw53afaWmlqKe0g7t7FtO9/XfSxjsadjF0HYnZCz9516X
M7Y0xV0UEDb8UHmTEYt0vURELb+7ZHg5axZZAAB8ukU7t5d9M9LwPNUdmN6LMyIt
KbDYg9Hi+tFZfcYjT16GRJXWLuQmg9W/ttXizyLc82eS7qbANMS/CD4obZrUnkUL
ie78AaBDd1XU/pqHW8jr3N1S2vfuhuDZyHHmkDBxI6nhMzMOeRu7olSlxb22ko1K
o984CN1PdDE=
-----END CERTIFICATE-----
Generated at Thu Sep 11 03:03:29 2025 by rpki-client