Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/wJ7CKKiQXbsPpU2tQu2oYE5Ks50.roa
File: wJ7CKKiQXbsPpU2tQu2oYE5Ks50.roa (raw, json)
Hash identifier: yANPJHhCtesYANgIrnLFv1j+dF/ic7glBbw6RdagPtI=
Subject key identifier: C0:9E:C2:28:A8:90:5D:BB:0F:A5:4D:AD:42:ED:A8:60:4E:4A:B3:9D
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01973ABEE2689CFEFE28956BBDB5698D6A36
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/wJ7CKKiQXbsPpU2tQu2oYE5Ks50.roa
Signing time: Wed 04 Jun 2025 11:41:17 +0000
ROA not before: Wed 04 Jun 2025 11:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.71.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:be:e2:68:9c:fe:fe:28:95:6b:bd:b5:69:8d:6a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 4 11:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c09ec228a8905dbb0fa54dad42eda8604e4ab39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:ea:ec:7c:0c:c5:ce:66:16:5a:48:f1:3d:
e0:a3:7d:4a:bb:6c:74:85:fd:de:71:28:e6:8c:70:
87:88:7d:66:f2:e8:db:f2:78:2b:ed:7d:65:ee:ae:
a8:d9:19:c2:f7:37:72:c3:d3:c0:87:51:b9:00:c9:
e4:f3:26:51:57:9c:76:b4:e4:1f:29:2a:95:c9:4f:
bb:b7:a9:4c:a2:64:f6:8f:91:cb:28:f0:27:f9:53:
60:df:6a:c1:76:1b:83:a7:93:52:32:b1:ee:b2:8f:
3a:b4:d8:23:95:53:32:6d:4e:1d:58:36:a7:09:d5:
02:e0:2f:c5:4b:fa:b9:84:61:47:af:95:01:ce:0b:
f9:3d:a4:e1:e4:a0:1e:54:96:cf:16:77:0f:a5:65:
b4:41:24:47:e4:e6:76:22:82:1e:bb:38:2e:57:82:
33:b7:30:bb:94:8f:60:fd:c1:cb:9b:c2:8e:a4:fe:
4e:59:fb:07:db:e5:cc:8b:4b:f3:4c:44:80:d8:9f:
45:b5:84:75:c7:7f:03:d9:87:05:54:75:0b:1f:dd:
6a:bd:be:0b:d5:d6:0b:4e:7b:c9:fd:d9:7b:86:0c:
f9:aa:99:d9:f2:b3:ca:f8:c9:ff:2c:15:7f:c6:66:
1c:04:c0:94:67:62:3b:68:17:64:79:e1:60:87:74:
fe:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9E:C2:28:A8:90:5D:BB:0F:A5:4D:AD:42:ED:A8:60:4E:4A:B3:9D
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/wJ7CKKiQXbsPpU2tQu2oYE5Ks50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
4a:70:d2:1a:ac:94:99:b8:97:93:da:67:5a:c9:bd:92:91:55:
b1:ce:ec:77:99:94:26:a7:05:79:7b:d5:28:1d:82:a0:90:0e:
93:f2:7c:f7:1b:9f:47:d8:94:0f:39:d3:51:26:55:71:5f:c8:
82:75:aa:b1:2d:58:de:9e:ab:8e:df:53:7d:e0:94:88:01:e1:
11:36:16:30:0b:b5:e0:14:78:ba:eb:03:ff:a8:99:ce:3e:5f:
c3:3d:78:eb:95:23:3b:ed:11:e9:c6:95:3f:7a:33:6d:25:20:
72:b5:38:31:dc:59:1d:68:b1:aa:ac:e1:f3:3a:da:79:e2:f7:
b9:fe:c5:14:da:62:55:fd:f0:5d:71:2e:c5:4c:d0:ac:a0:0a:
57:17:cc:ba:24:49:5b:36:0e:a7:3b:d6:9c:12:10:dc:e4:bb:
06:5d:32:60:bf:8a:0d:d4:77:00:97:8c:26:ca:90:1a:cf:3d:
cb:aa:97:2d:14:3f:52:63:6a:f5:28:21:57:60:de:8a:a7:67:
2e:45:33:d5:85:79:b0:77:b8:28:6a:c0:ce:b4:db:ff:fe:41:
da:34:9d:61:74:ae:11:e5:2d:8b:21:76:ae:cf:91:96:7c:13:
5b:06:e1:6f:4b:9c:95:bd:ba:80:6d:f6:0d:45:22:97:12:d6:
d2:cf:b4:c5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZc6vuJonP7+KJVrvbVpjWo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNjA0MTE0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDllYzIyOGE4OTA1ZGJiMGZhNTRkYWQ0MmVkYTg2MDRlNGFiMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ijq7HwMxc5mFlpI8T3go31Ku2x0
hf3ecSjmjHCHiH1m8ujb8ngr7X1l7q6o2RnC9zdyw9PAh1G5AMnk8yZRV5x2tOQf
KSqVyU+7t6lMomT2j5HLKPAn+VNg32rBdhuDp5NSMrHuso86tNgjlVMybU4dWDan
CdUC4C/FS/q5hGFHr5UBzgv5PaTh5KAeVJbPFncPpWW0QSRH5OZ2IoIeuzguV4Iz
tzC7lI9g/cHLm8KOpP5OWfsH2+XMi0vzTESA2J9FtYR1x38D2YcFVHULH91qvb4L
1dYLTnvJ/dl7hgz5qpnZ8rPK+Mn/LBV/xmYcBMCUZ2I7aBdkeeFgh3T+lwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMCewiiokF27D6VNrULtqGBOSrOdMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvd0o3Q0tLaVFYYnNQcFUydFF1Mm9ZRTVLczUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEASnDS
GqyUmbiXk9pnWsm9kpFVsc7sd5mUJqcFeXvVKB2CoJAOk/J89xufR9iUDznTUSZV
cV/IgnWqsS1Y3p6rjt9TfeCUiAHhETYWMAu14BR4uusD/6iZzj5fwz1465UjO+0R
6caVP3ozbSUgcrU4MdxZHWixqqzh8zraeeL3uf7FFNpiVf3wXXEuxUzQrKAKVxfM
uiRJWzYOpzvWnBIQ3OS7Bl0yYL+KDdR3AJeMJsqQGs89y6qXLRQ/UmNq9SghV2De
iqdnLkUz1YV5sHe4KGrAzrTb//5B2jSdYXSuEeUtiyF2rs+RlnwTWwbhb0uclb26
gG32DUUilxLW0s+0xQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:31:21 2025 by rpki-client