Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rgX-hjZzP11zMV1Ss9yk5s0hpP4.roa
File: rgX-hjZzP11zMV1Ss9yk5s0hpP4.roa (raw, json)
Hash identifier: FEjTW0DqzWf2eGcKYZInTkY5n6SwvMFRvxDiX/jjxsA=
Subject key identifier: AE:05:FE:86:36:73:3F:5D:73:31:5D:52:B3:DC:A4:E6:CD:21:A4:FE
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019879331BFAF6CB705F159EC563EFF49E77
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rgX-hjZzP11zMV1Ss9yk5s0hpP4.roa
Signing time: Tue 05 Aug 2025 07:47:29 +0000
ROA not before: Tue 05 Aug 2025 07:47:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8613
IP address blocks: 185.8.204.0/22 maxlen: 22
195.200.128.0/19 maxlen: 19
212.102.192.0/19 maxlen: 19
2a00:b300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 22:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:33:1b:fa:f6:cb:70:5f:15:9e:c5:63:ef:f4:9e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Aug 5 07:47:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae05fe8636733f5d73315d52b3dca4e6cd21a4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e4:91:8d:e4:72:65:a5:86:f2:bb:08:ca:48:
e8:ae:e3:55:62:6c:b2:c5:10:e2:38:44:97:ed:0a:
93:3d:c0:db:1b:10:5c:60:51:b7:15:29:68:98:26:
26:08:d9:37:85:e3:04:b5:4e:bd:6e:79:da:d6:1a:
3e:6f:9c:11:5d:ae:10:71:e6:e7:0a:e7:9d:95:72:
61:01:19:e9:39:4e:bc:0a:93:d3:f9:62:65:df:4d:
3a:2e:14:79:ba:9f:96:9b:a8:33:56:6e:0b:e2:2e:
9e:51:9a:b0:3a:8d:d8:d7:5d:b7:f4:75:71:9b:7e:
b9:92:eb:e3:1f:b5:39:18:54:a7:6c:24:6f:96:a9:
cc:b2:e0:bc:db:bc:bf:16:8c:13:a1:e0:78:a2:14:
d5:63:10:9e:23:c1:0a:39:eb:61:35:51:6e:6d:53:
c1:ed:6d:cd:4a:d6:b7:aa:f5:b8:da:4f:81:66:cd:
10:8d:ae:ab:ac:30:c0:ef:c6:39:0c:bd:15:1b:78:
2b:42:a9:e7:76:b8:d8:ee:51:62:e2:c9:11:74:c8:
89:7f:b5:e0:30:88:8b:1b:c3:1e:0c:91:93:53:4f:
0a:71:a4:3b:c8:85:dc:88:69:6b:2a:be:bb:aa:e3:
30:d0:7a:a0:9c:7f:31:c8:fe:6f:d1:1c:09:ac:83:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:05:FE:86:36:73:3F:5D:73:31:5D:52:B3:DC:A4:E6:CD:21:A4:FE
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rgX-hjZzP11zMV1Ss9yk5s0hpP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.204.0/22
195.200.128.0/19
212.102.192.0/19
IPv6:
2a00:b300::/32
Signature Algorithm: sha256WithRSAEncryption
83:bc:96:12:63:24:89:dc:eb:9e:11:4f:29:57:ea:84:b3:1e:
76:56:93:77:3b:92:58:14:b3:7b:9a:dd:15:a3:f3:e3:cd:b5:
37:49:6d:7a:ef:68:66:fc:7c:6e:7c:1d:52:25:11:9d:c2:19:
b6:e5:97:ed:30:a1:66:8c:a8:49:25:ff:fb:05:54:40:64:53:
2c:a9:22:1e:90:85:7c:be:7b:e1:25:28:8d:bf:a4:ef:09:74:
25:44:13:db:f9:cf:72:39:b4:66:78:91:77:ff:9f:e4:bf:3b:
1b:56:27:65:48:e6:c1:cb:b2:5d:73:ba:9d:d0:0f:73:f7:d2:
42:ec:75:8e:2e:7b:db:3f:ac:76:00:bd:a4:70:ee:43:6a:72:
b4:eb:b6:69:64:bd:c5:8a:cf:ee:77:7c:e1:3c:27:0c:9f:9d:
06:d1:59:38:83:e1:c7:64:16:87:ed:4e:3c:dc:2e:6f:4b:65:
21:71:b0:4f:3c:4f:89:5b:7c:e9:69:c3:6f:98:e9:3d:cf:4a:
80:e7:5c:a1:ce:a2:88:9d:3f:30:43:75:e9:f2:e7:f8:d0:12:
01:06:01:02:a4:01:fd:91:e4:88:d6:63:f5:2b:75:46:df:e0:
3f:4e:ec:c0:ca:6a:d9:db:49:34:54:ab:f8:b2:5d:c0:31:25:
26:27:4a:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZh5Mxv69stwXxWexWPv9J53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwODA1MDc0NzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA1ZmU4NjM2NzMzZjVkNzMzMTVkNTJiM2RjYTRlNmNkMjFhNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eSRjeRyZaWG8rsIykjoruNVYmyy
xRDiOESX7QqTPcDbGxBcYFG3FSlomCYmCNk3heMEtU69bnna1ho+b5wRXa4Qcebn
CuedlXJhARnpOU68CpPT+WJl3006LhR5up+Wm6gzVm4L4i6eUZqwOo3Y11239HVx
m365kuvjH7U5GFSnbCRvlqnMsuC827y/FowToeB4ohTVYxCeI8EKOethNVFubVPB
7W3NSta3qvW42k+BZs0Qja6rrDDA78Y5DL0VG3grQqnndrjY7lFi4skRdMiJf7Xg
MIiLG8MeDJGTU08KcaQ7yIXciGlrKr67quMw0HqgnH8xyP5v0RwJrIN/MQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK4F/oY2cz9dczFdUrPcpObNIaT+MB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvcmdYLWhqWnpQMTF6TVYxU3M5eWs1czBocFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQjMAwQF
w8iAAwQF1GbAMA0EAgACMAcDBQAqALMAMA0GCSqGSIb3DQEBCwUAA4IBAQCDvJYS
YySJ3OueEU8pV+qEsx52VpN3O5JYFLN7mt0Vo/PjzbU3SW1672hm/HxufB1SJRGd
whm25ZftMKFmjKhJJf/7BVRAZFMsqSIekIV8vnvhJSiNv6TvCXQlRBPb+c9yObRm
eJF3/5/kvzsbVidlSObBy7Jdc7qd0A9z99JC7HWOLnvbP6x2AL2kcO5DanK067Zp
ZL3Fis/ud3zhPCcMn50G0Vk4g+HHZBaH7U483C5vS2UhcbBPPE+JW3zpacNvmOk9
z0qA51yhzqKInT8wQ3Xp8uf40BIBBgECpAH9keSI1mP1K3VG3+A/TuzAymrZ20k0
VKv4sl3AMSUmJ0rV
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:36:59 2025 by rpki-client