Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aYzSzZFLqdVEPKpQk5EWoehSNEw.roa
File: aYzSzZFLqdVEPKpQk5EWoehSNEw.roa (raw, json)
Hash identifier: AM/5zmNZPmTunUEdZ9JbOQ5FfrgajVTJL4TG99J5meg=
Subject key identifier: 69:8C:D2:CD:91:4B:A9:D5:44:3C:AA:50:93:91:16:A1:E8:52:34:4C
Certificate issuer: /CN=6aae7bc8d33163cc4b6dda171a387ff98022a0f6
Certificate serial: 01982D2202DC31580CA8A4912F8E1F78A20C
Authority key identifier: 6A:AE:7B:C8:D3:31:63:CC:4B:6D:DA:17:1A:38:7F:F9:80:22:A0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aYzSzZFLqdVEPKpQk5EWoehSNEw.roa
Signing time: Mon 21 Jul 2025 13:17:40 +0000
ROA not before: Mon 21 Jul 2025 13:17:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202803
IP address blocks: 193.138.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:22:02:dc:31:58:0c:a8:a4:91:2f:8e:1f:78:a2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aae7bc8d33163cc4b6dda171a387ff98022a0f6
Validity
Not Before: Jul 21 13:17:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=698cd2cd914ba9d5443caa50939116a1e852344c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:cd:62:2b:db:7c:fc:62:f8:66:e9:68:d9:
3f:a6:0d:8d:79:ee:b8:94:1c:90:ab:6f:1e:d7:02:
c4:b2:17:56:ac:10:21:76:7a:a9:29:bc:43:87:41:
18:c0:73:35:1d:f2:59:89:cd:47:5a:ad:54:01:40:
86:27:4b:80:b2:46:77:94:c7:cc:8e:45:6c:67:05:
49:15:2b:c3:c9:4a:dc:08:fe:fe:b1:90:a9:32:93:
48:6e:55:67:a3:54:d1:91:c3:2a:bc:91:05:cc:93:
be:49:e5:ce:39:4f:18:ee:71:f4:dc:46:75:9d:9c:
54:94:a0:ee:76:0b:34:5f:5e:68:0c:9d:f3:55:2d:
15:b5:09:05:96:d6:03:2e:a1:d7:29:e0:af:44:30:
da:da:b5:50:42:e5:90:bf:b9:c7:58:cc:8f:75:6f:
1e:3b:fc:b8:43:15:67:3d:96:eb:6c:da:b3:8e:7d:
04:ac:ad:86:da:bb:23:68:8f:27:cb:fe:d5:fa:52:
54:70:8a:47:a6:b1:0b:50:40:81:d8:b6:64:f2:85:
a6:35:9e:28:c4:61:7a:3b:13:9f:76:23:b1:40:ec:
e8:ae:18:a7:65:2d:ed:9a:f9:a1:f8:2b:62:70:f0:
b7:bd:78:c6:d3:c6:b0:cf:85:5a:e6:7a:57:86:d4:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8C:D2:CD:91:4B:A9:D5:44:3C:AA:50:93:91:16:A1:E8:52:34:4C
X509v3 Authority Key Identifier:
keyid:6A:AE:7B:C8:D3:31:63:CC:4B:6D:DA:17:1A:38:7F:F9:80:22:A0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aYzSzZFLqdVEPKpQk5EWoehSNEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.4.0/23
Signature Algorithm: sha256WithRSAEncryption
09:d0:13:18:44:08:96:97:ef:56:2f:5e:ae:11:b9:23:05:26:
a4:7d:be:e5:b0:b2:a5:47:04:37:ee:0b:62:12:ec:93:49:f5:
80:12:ce:d3:ad:0f:92:e3:c3:20:ed:8a:91:54:70:ff:a1:25:
76:9c:2b:c5:d5:9f:e6:08:ec:87:a6:3b:84:64:7a:c7:50:9c:
49:5d:b3:21:c2:06:c9:42:d7:2d:77:22:5f:51:7e:8d:c7:c1:
52:46:0c:76:b4:d7:6d:9b:dd:2b:18:5c:49:8c:bb:5c:27:05:
d0:af:3c:ad:04:89:b2:cc:a7:9f:33:f3:ce:21:f2:6b:d1:7b:
d4:10:67:74:5f:8f:1c:e7:77:1b:68:ce:cf:87:22:e6:85:e9:
43:01:c0:ce:b9:e9:9d:89:02:c8:4f:39:7d:a0:27:9e:19:10:
2d:44:60:d6:22:23:cf:71:77:1e:7a:48:e4:99:b7:28:85:58:
f8:7d:1d:26:a7:1e:0d:db:67:6a:9f:bc:18:f0:05:2d:8f:5f:
84:9f:39:3d:72:d1:0c:70:0a:f7:5b:dd:06:2a:ad:dc:aa:90:
57:05:85:d9:70:5c:4c:a3:96:63:9b:c3:d4:17:36:3f:11:3a:
43:ed:cd:7f:a0:37:41:af:61:0c:89:2b:87:b0:f4:b4:67:9b:
9d:b6:69:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgtIgLcMVgMqKSRL44feKIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYWU3YmM4ZDMzMTYzY2M0YjZkZGExNzFhMzg3ZmY5ODAy
MmEwZjYwHhcNMjUwNzIxMTMxNzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThjZDJjZDkxNGJhOWQ1NDQzY2FhNTA5MzkxMTZhMWU4NTIzNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA3NYivbfPxi+GbpaNk/pg2Nee64
lByQq28e1wLEshdWrBAhdnqpKbxDh0EYwHM1HfJZic1HWq1UAUCGJ0uAskZ3lMfM
jkVsZwVJFSvDyUrcCP7+sZCpMpNIblVno1TRkcMqvJEFzJO+SeXOOU8Y7nH03EZ1
nZxUlKDudgs0X15oDJ3zVS0VtQkFltYDLqHXKeCvRDDa2rVQQuWQv7nHWMyPdW8e
O/y4QxVnPZbrbNqzjn0ErK2G2rsjaI8ny/7V+lJUcIpHprELUECB2LZk8oWmNZ4o
xGF6OxOfdiOxQOzorhinZS3tmvmh+CticPC3vXjG08awz4Va5npXhtQPJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmM0s2RS6nVRDyqUJORFqHoUjRMMB8GA1UdIwQY
MBaAFGque8jTMWPMS23aFxo4f/mAIqD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXE1N3lOTXhZOHhMYmRvWEdqaF8tWUFpb1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lNWRiZjgtYjQxZC00YWNkLTk2YWMt
OGY1OWNmMDE2NDY2LzEvYVl6U3paRkxxZFZFUEtwUWs1RVdvZWhTTkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lNWRiZjgtYjQxZC00YWNkLTk2YWMtOGY1OWNmMDE2NDY2
LzEvYXE1N3lOTXhZOHhMYmRvWEdqaF8tWUFpb1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwYoEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ0BMYRAiWl+9WL16uEbkjBSakfb7lsLKlRwQ37gti
EuyTSfWAEs7TrQ+S48Mg7YqRVHD/oSV2nCvF1Z/mCOyHpjuEZHrHUJxJXbMhwgbJ
QtctdyJfUX6Nx8FSRgx2tNdtm90rGFxJjLtcJwXQrzytBImyzKefM/POIfJr0XvU
EGd0X48c53cbaM7PhyLmhelDAcDOuemdiQLITzl9oCeeGRAtRGDWIiPPcXceekjk
mbcohVj4fR0mpx4N22dqn7wY8AUtj1+Enzk9ctEMcAr3W90GKq3cqpBXBYXZcFxM
o5Zjm8PUFzY/ETpD7c1/oDdBr2EMiSuHsPS0Z5udtmku
-----END CERTIFICATE-----
Generated at Mon Aug 11 06:15:06 2025 by rpki-client