Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1yJP_GciMncMLt1Am4hXnjuQDlI.roa
File: 1yJP_GciMncMLt1Am4hXnjuQDlI.roa (raw, json)
Hash identifier: 4K8UKvftXmmmXd4a/F42m10e/SvhvHb11lPl+a3e0oA=
Subject key identifier: D7:22:4F:FC:67:22:32:77:0C:2E:DD:40:9B:88:57:9E:3B:90:0E:52
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01986174C88BDB9C15D463DC696A7DE6B518
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1yJP_GciMncMLt1Am4hXnjuQDlI.roa
Signing time: Thu 31 Jul 2025 17:08:20 +0000
ROA not before: Thu 31 Jul 2025 17:08:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44382
IP address blocks: 79.110.50.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 03:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:74:c8:8b:db:9c:15:d4:63:dc:69:6a:7d:e6:b5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 31 17:08:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7224ffc672232770c2edd409b88579e3b900e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:40:c7:75:dc:e2:16:11:88:20:fb:cc:ef:
c1:42:7d:fa:6f:1e:5f:04:17:c7:9f:f5:51:7a:df:
3e:38:02:08:8b:9d:ad:c4:f8:e1:c1:2f:e6:0f:78:
3f:3f:1a:5b:46:1d:35:6f:05:3e:18:b2:d9:86:39:
08:f8:51:98:f0:ed:73:1b:0b:21:f0:65:66:39:71:
14:b4:86:b8:03:a2:b4:f2:d1:bc:7f:48:c1:e2:40:
79:1f:6f:68:f3:0d:56:ed:ca:1d:43:3f:ba:75:78:
40:b2:7f:dc:4c:f6:88:f2:9b:6c:1f:a8:17:49:b5:
ee:69:23:37:df:72:1e:68:64:f8:e8:4a:f5:02:ee:
54:bd:df:90:0e:f6:19:f3:3b:9a:d6:92:26:48:cc:
70:9f:ce:17:fb:b2:94:23:d0:67:e3:fa:be:2b:e4:
de:54:b6:93:94:0b:ab:5f:6a:83:d4:cc:2c:97:4f:
f8:38:ed:73:79:e1:78:24:fa:13:c3:4f:07:b7:3f:
e2:8d:b9:9d:17:6b:4e:a9:a2:7f:47:6a:67:71:ff:
1c:bc:3b:27:73:79:4e:e6:03:ea:2b:5a:e8:56:2d:
b5:3c:ed:8c:40:1b:aa:56:7d:2e:45:98:2d:29:c1:
b4:d2:fa:00:95:1b:99:4f:04:a9:de:70:f2:f7:1b:
30:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:22:4F:FC:67:22:32:77:0C:2E:DD:40:9B:88:57:9E:3B:90:0E:52
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1yJP_GciMncMLt1Am4hXnjuQDlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.50.0/24
82.115.211.0/24
185.222.160.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
92:43:73:83:be:48:1c:b6:89:e5:e0:41:3e:c5:74:9a:f8:15:
9b:f9:2e:79:b3:c8:31:14:98:02:3a:b2:9d:b4:5a:3f:15:cc:
49:c9:2f:e7:04:17:b5:97:03:0d:63:eb:7f:ed:0c:9f:c9:95:
00:5b:3a:fc:9b:91:35:13:52:14:a6:f2:ee:a8:7f:47:aa:bf:
cb:6f:8a:a9:9d:bf:30:9e:e2:27:a5:0f:af:89:58:fe:da:c3:
8d:1b:34:95:a5:83:23:4a:4f:74:75:7a:e0:57:f3:0c:2c:72:
d9:18:cf:8a:dc:5b:de:4e:b4:7a:4c:42:4d:3f:50:d6:a2:96:
52:20:6b:0d:b7:86:2e:bc:49:ea:64:3a:e9:3b:f4:d1:c8:41:
40:6a:45:ef:4b:08:c1:0f:8c:1c:81:0b:f2:82:c2:fb:e7:c8:
5c:69:dd:72:df:3e:0c:5c:f5:7e:6c:d6:24:22:22:4d:56:c0:
8f:60:90:d8:92:5f:5d:23:a7:47:df:f1:46:04:8a:4e:57:05:
07:bf:1c:d1:75:93:12:6d:24:ac:b7:1f:a7:76:ee:63:46:42:
99:44:d7:20:43:04:3a:12:d0:ee:de:56:57:d2:d3:53:76:9f:
69:81:c2:a5:3d:3d:22:d3:4a:c6:5e:86:bc:12:19:00:3d:36:
17:2f:3f:21
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhhdMiL25wV1GPcaWp95rUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzMxMTcwODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzIyNGZmYzY3MjIzMjc3MGMyZWRkNDA5Yjg4NTc5ZTNiOTAwZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslNAx3Xc4hYRiCD7zO/BQn36bx5f
BBfHn/VRet8+OAIIi52txPjhwS/mD3g/PxpbRh01bwU+GLLZhjkI+FGY8O1zGwsh
8GVmOXEUtIa4A6K08tG8f0jB4kB5H29o8w1W7codQz+6dXhAsn/cTPaI8ptsH6gX
SbXuaSM333IeaGT46Er1Au5Uvd+QDvYZ8zua1pImSMxwn84X+7KUI9Bn4/q+K+Te
VLaTlAurX2qD1Mwsl0/4OO1zeeF4JPoTw08Htz/ijbmdF2tOqaJ/R2pncf8cvDsn
c3lO5gPqK1roVi21PO2MQBuqVn0uRZgtKcG00voAlRuZTwSp3nDy9xswYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNciT/xnIjJ3DC7dQJuIV547kA5SMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMXlKUF9HY2lNbmNNTHQxQW00aFhuanVRRGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT24yAwQA
UnPTAwQAud6gAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQCSQ3ODvkgctonl4EE+
xXSa+BWb+S55s8gxFJgCOrKdtFo/FcxJyS/nBBe1lwMNY+t/7QyfyZUAWzr8m5E1
E1IUpvLuqH9Hqr/Lb4qpnb8wnuInpQ+viVj+2sONGzSVpYMjSk90dXrgV/MMLHLZ
GM+K3FveTrR6TEJNP1DWopZSIGsNt4YuvEnqZDrpO/TRyEFAakXvSwjBD4wcgQvy
gsL758hcad1y3z4MXPV+bNYkIiJNVsCPYJDYkl9dI6dH3/FGBIpOVwUHvxzRdZMS
bSSstx+ndu5jRkKZRNcgQwQ6EtDu3lZX0tNTdp9pgcKlPT0i00rGXoa8EhkAPTYX
Lz8h
-----END CERTIFICATE-----
Generated at Sun Aug 10 10:35:08 2025 by rpki-client