Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ODbto6bcK8aNz52zo3gSzY9ABBA.roa
File: ODbto6bcK8aNz52zo3gSzY9ABBA.roa (raw, json)
Hash identifier: RO2Q1L8IuswwbS9beUyqLvb6YUHXrI5sMJQ94ealYrM=
Subject key identifier: 38:36:ED:A3:A6:DC:2B:C6:8D:CF:9D:B3:A3:78:12:CD:8F:40:04:10
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01973ABEE2DBE321101EF96856FE0FAE23CD
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ODbto6bcK8aNz52zo3gSzY9ABBA.roa
Signing time: Wed 04 Jun 2025 11:41:17 +0000
ROA not before: Wed 04 Jun 2025 11:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 85.115.211.0/24 maxlen: 24
213.145.68.0/24 maxlen: 24
213.145.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:be:e2:db:e3:21:10:1e:f9:68:56:fe:0f:ae:23:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 4 11:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3836eda3a6dc2bc68dcf9db3a37812cd8f400410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5c:35:4a:71:d7:7d:0c:bf:45:69:8c:f2:76:
b6:eb:ea:a8:34:a1:bc:9a:14:6c:ba:d4:05:ed:7d:
79:5b:88:b9:86:87:fa:bf:66:b4:4f:a5:4d:8d:0d:
6e:60:f4:f1:b4:80:9c:39:d2:e9:90:6b:d3:23:d5:
d6:77:5e:77:fb:60:39:7f:a0:17:a1:48:8d:43:dd:
c4:e6:f3:74:25:1f:93:dd:50:9c:ab:e4:51:69:ca:
8e:18:7e:6e:e0:92:44:3a:bd:62:19:c8:5d:d5:cd:
95:b0:0f:f6:44:b4:11:48:1c:4f:06:50:81:fa:97:
6c:81:24:e2:52:6e:0d:94:77:ad:2d:6b:d7:ba:10:
e9:d5:17:6f:01:00:d7:cb:0a:4c:e4:4b:b1:a6:c7:
15:49:22:5c:74:4f:7d:10:45:a6:2d:f5:6a:d5:fe:
13:4a:c1:d9:31:a8:e8:bf:c6:bd:d2:1d:01:f4:34:
d4:33:de:cb:73:f2:68:61:44:fe:e8:ca:68:59:4b:
3e:f9:5d:9d:e5:ac:f4:92:96:f3:8a:1a:74:0a:14:
0d:53:3f:1a:69:e0:6c:97:69:21:28:b7:14:70:59:
7d:2c:c5:93:2e:2e:ab:c8:6d:34:3b:a1:c6:3d:00:
5d:6a:43:5d:b0:22:e7:45:e6:55:08:a9:0a:c2:98:
70:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:36:ED:A3:A6:DC:2B:C6:8D:CF:9D:B3:A3:78:12:CD:8F:40:04:10
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ODbto6bcK8aNz52zo3gSzY9ABBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.211.0/24
213.145.68.0/24
213.145.82.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:8d:71:f6:5c:c0:63:d4:51:b8:cd:3e:41:a1:6d:d5:15:ec:
1b:a8:3f:56:8a:42:e1:04:68:ca:b5:bd:b6:cc:1b:8f:50:9a:
83:73:22:db:c7:15:ba:5a:e7:c0:7c:32:56:d3:43:c9:07:7b:
fd:ec:0e:cf:a1:41:b9:50:1e:94:e9:f1:b6:a1:0d:af:86:e6:
eb:8d:b0:8b:11:2f:14:00:b2:49:8a:05:e2:c6:65:36:a3:39:
1a:42:df:54:11:ac:b4:20:59:56:44:cd:08:20:25:5b:30:b1:
04:8f:83:b5:6d:5b:03:12:e7:30:8f:69:74:c6:72:68:8f:8e:
62:c9:7e:26:22:fa:6b:32:ff:40:b9:fe:7f:b7:d1:6e:7a:a1:
a8:62:6a:f2:66:37:8a:14:35:91:d0:ea:ed:e1:ec:22:9a:6a:
50:f0:27:26:37:b7:02:5e:48:91:03:75:8c:ea:34:6a:b3:0d:
13:2e:4e:c0:f1:8a:29:c5:5a:c6:4c:7c:ea:6d:ab:65:47:8c:
f6:01:cf:c1:bd:eb:bd:ab:92:68:7c:60:2b:5a:dc:93:2f:95:
3b:29:cf:ac:12:3c:25:c5:6f:67:03:28:a7:aa:04:d0:df:3c:
12:f5:21:d0:4e:80:bc:85:e5:ee:af:0d:55:30:18:36:5b:36:
56:70:e7:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZc6vuLb4yEQHvloVv4PriPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNjA0MTE0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM2ZWRhM2E2ZGMyYmM2OGRjZjlkYjNhMzc4MTJjZDhmNDAwNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1w1SnHXfQy/RWmM8na26+qoNKG8
mhRsutQF7X15W4i5hof6v2a0T6VNjQ1uYPTxtICcOdLpkGvTI9XWd153+2A5f6AX
oUiNQ93E5vN0JR+T3VCcq+RRacqOGH5u4JJEOr1iGchd1c2VsA/2RLQRSBxPBlCB
+pdsgSTiUm4NlHetLWvXuhDp1RdvAQDXywpM5EuxpscVSSJcdE99EEWmLfVq1f4T
SsHZMajov8a90h0B9DTUM97Lc/JoYUT+6MpoWUs++V2d5az0kpbzihp0ChQNUz8a
aeBsl2khKLcUcFl9LMWTLi6ryG00O6HGPQBdakNdsCLnReZVCKkKwphwawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDg27aOm3CvGjc+ds6N4Es2PQAQQMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvT0RidG82YmNLOGFOejUyem8zZ1N6WTlBQkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXPTAwQA
1ZFEAwQA1ZFSMA0GCSqGSIb3DQEBCwUAA4IBAQAfjXH2XMBj1FG4zT5BoW3VFewb
qD9WikLhBGjKtb22zBuPUJqDcyLbxxW6WufAfDJW00PJB3v97A7PoUG5UB6U6fG2
oQ2vhubrjbCLES8UALJJigXixmU2ozkaQt9UEay0IFlWRM0IICVbMLEEj4O1bVsD
Eucwj2l0xnJoj45iyX4mIvprMv9Auf5/t9FueqGoYmryZjeKFDWR0Ort4ewimmpQ
8CcmN7cCXkiRA3WM6jRqsw0TLk7A8YopxVrGTHzqbatlR4z2Ac/Bveu9q5JofGAr
WtyTL5U7Kc+sEjwlxW9nAyinqgTQ3zwS9SHQToC8heXurw1VMBg2WzZWcOck
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:08:08 2025 by rpki-client