Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/pmRYb1uVb4ACjy76RWEWI3ry0Yw.roa
File: pmRYb1uVb4ACjy76RWEWI3ry0Yw.roa (raw, json)
Hash identifier: dUoaaQCiFIf8aY35CNwZdXTFszULbhBjgaUl5xXn72M=
Subject key identifier: A6:64:58:6F:5B:95:6F:80:02:8F:2E:FA:45:61:16:23:7A:F2:D1:8C
Certificate issuer: /CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Certificate serial: 019759AA88C83809271F59785AF77A02C5DE
Authority key identifier: A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/pmRYb1uVb4ACjy76RWEWI3ry0Yw.roa
Signing time: Tue 10 Jun 2025 11:47:17 +0000
ROA not before: Tue 10 Jun 2025 11:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205376
IP address blocks: 185.220.148.0/22 maxlen: 24
185.220.148.0/24 maxlen: 24
185.220.149.0/24 maxlen: 24
185.220.150.0/24 maxlen: 24
185.220.151.0/24 maxlen: 24
194.45.71.0/24 maxlen: 24
2a0b:f840::/29 maxlen: 32
2a0b:f840::/32 maxlen: 32
2a0b:f841::/32 maxlen: 32
2a0b:f847::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:aa:88:c8:38:09:27:1f:59:78:5a:f7:7a:02:c5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Validity
Not Before: Jun 10 11:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a664586f5b956f80028f2efa456116237af2d18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:22:63:cc:77:26:67:c5:88:f7:88:0d:d3:
7f:07:20:31:96:60:50:a2:73:d8:e9:ef:16:8b:48:
2b:f9:8d:02:a3:5b:ae:1e:6c:ec:9d:bb:ba:e2:9e:
d2:8e:fc:f8:9b:84:8b:2a:25:81:32:d1:4a:dd:4d:
c9:6d:b2:6e:a3:5a:fd:c2:d8:cf:bf:9e:bc:04:69:
51:e3:c7:34:01:1b:a0:7b:09:85:e1:13:3a:63:bf:
ef:5b:98:6a:1d:7f:13:bd:e8:6e:b8:d8:65:b5:32:
ff:51:08:3c:3b:20:4c:67:50:70:43:2f:22:79:9f:
29:91:23:df:db:30:31:02:d6:dc:46:da:3a:8c:49:
b3:d9:62:26:a1:81:38:d0:60:bd:04:d9:17:47:83:
ff:09:65:29:c2:20:45:db:89:6d:79:94:f4:f5:b4:
8c:ff:33:7d:e6:10:45:d3:38:1c:8e:36:09:da:f6:
bc:31:4d:e9:35:1b:f4:bd:fc:b2:57:f7:62:51:c6:
ab:b2:55:f5:ba:de:34:46:48:b7:65:32:fd:6d:a1:
6f:92:5a:bc:3f:0e:6e:c8:d6:e2:fe:a2:18:7d:a0:
0c:c3:96:79:7f:dc:9c:20:75:af:fd:c1:d4:7a:83:
c3:3a:22:f1:d5:9e:06:5d:84:1b:27:54:26:b8:ed:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:64:58:6F:5B:95:6F:80:02:8F:2E:FA:45:61:16:23:7A:F2:D1:8C
X509v3 Authority Key Identifier:
keyid:A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/pmRYb1uVb4ACjy76RWEWI3ry0Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.148.0/22
194.45.71.0/24
IPv6:
2a0b:f840::/29
Signature Algorithm: sha256WithRSAEncryption
48:ee:5d:ea:3a:ab:63:69:40:1f:0b:c5:75:ea:f6:34:e8:40:
10:ce:65:0f:7f:6d:e8:d6:df:5c:54:d2:78:09:30:31:a5:cd:
e1:99:60:b0:3f:a7:4b:69:c4:2a:9c:4c:4c:a4:72:c0:a0:6a:
12:06:de:93:45:2b:ba:78:61:6a:12:90:0d:26:92:44:f5:a7:
9c:96:d3:d5:28:bf:f3:8d:93:2c:71:2d:5a:0e:e3:e1:75:88:
bd:40:9b:2b:9c:eb:a0:d5:6a:67:15:11:7d:33:fc:82:f3:89:
89:b8:3f:37:3f:92:7f:b6:ba:9e:63:d7:12:f4:30:51:15:9c:
d0:12:56:b5:ec:e7:fa:14:e1:eb:26:0c:c6:eb:34:95:8f:ca:
1b:cc:75:6d:8e:84:96:fc:b6:e9:ed:b4:e2:e2:48:9b:c4:1b:
32:f2:3f:23:69:cf:30:8f:9b:52:d3:a5:3f:ae:a7:ee:e4:96:
55:2a:93:e9:77:1f:56:2f:98:18:53:cc:46:ae:6c:2b:44:27:
3e:83:6f:9e:46:b8:00:c2:f2:e5:cd:ec:a9:eb:d6:f5:d5:76:
89:49:e1:b6:da:62:08:96:5c:9d:0e:b5:5f:2a:03:67:83:62:
2e:8d:0f:d6:30:94:84:85:4d:25:69:e1:4f:d5:5b:90:62:64:
6b:ca:ef:57
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZdZqojIOAknH1l4Wvd6AsXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNWUzZjk3NGI1Zjk3NDY1NmNjZjRkNDU1OTZjYWFkMWI5
MDk2ZDQwHhcNMjUwNjEwMTE0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjY0NTg2ZjViOTU2ZjgwMDI4ZjJlZmE0NTYxMTYyMzdhZjJkMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZYiY8x3JmfFiPeIDdN/ByAxlmBQ
onPY6e8Wi0gr+Y0Co1uuHmzsnbu64p7Sjvz4m4SLKiWBMtFK3U3JbbJuo1r9wtjP
v568BGlR48c0ARugewmF4RM6Y7/vW5hqHX8TvehuuNhltTL/UQg8OyBMZ1BwQy8i
eZ8pkSPf2zAxAtbcRto6jEmz2WImoYE40GC9BNkXR4P/CWUpwiBF24lteZT09bSM
/zN95hBF0zgcjjYJ2va8MU3pNRv0vfyyV/diUcarslX1ut40Rki3ZTL9baFvklq8
Pw5uyNbi/qIYfaAMw5Z5f9ycIHWv/cHUeoPDOiLx1Z4GXYQbJ1QmuO1rTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKZkWG9blW+AAo8u+kVhFiN68tGMMB8GA1UdIwQY
MBaAFKFeP5dLX5dGVsz01FWWyq0bkJbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWIt
ZDI0YjY4OTY2ZTBlLzEvcG1SWWIxdVZiNEFDank3NlJXRVdJM3J5MFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWItZDI0YjY4OTY2ZTBl
LzEvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudyUAwQA
wi1HMA0EAgACMAcDBQMqC/hAMA0GCSqGSIb3DQEBCwUAA4IBAQBI7l3qOqtjaUAf
C8V16vY06EAQzmUPf23o1t9cVNJ4CTAxpc3hmWCwP6dLacQqnExMpHLAoGoSBt6T
RSu6eGFqEpANJpJE9aecltPVKL/zjZMscS1aDuPhdYi9QJsrnOug1WpnFRF9M/yC
84mJuD83P5J/trqeY9cS9DBRFZzQEla17Of6FOHrJgzG6zSVj8obzHVtjoSW/Lbp
7bTi4kibxBsy8j8jac8wj5tS06U/rqfu5JZVKpPpdx9WL5gYU8xGrmwrRCc+g2+e
RrgAwvLlzeyp69b11XaJSeG22mIIllydDrVfKgNng2IujQ/WMJSEhU0laeFP1VuQ
YmRryu9X
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:06:58 2025 by rpki-client