Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/G84nSnFfBrOXB5TxCVqTwO-xQrc.roa
File: G84nSnFfBrOXB5TxCVqTwO-xQrc.roa (raw, json)
Hash identifier: sHzLt8TyRIpkmD2wq3S6cJSRz781Ec/Z+hCEalJIZtM=
Subject key identifier: 1B:CE:27:4A:71:5F:06:B3:97:07:94:F1:09:5A:93:C0:EF:B1:42:B7
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019857BF453C804D456EDE00F01484B44D9C
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/G84nSnFfBrOXB5TxCVqTwO-xQrc.roa
Signing time: Tue 29 Jul 2025 19:53:29 +0000
ROA not before: Tue 29 Jul 2025 19:53:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209554
IP address blocks: 194.231.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:bf:45:3c:80:4d:45:6e:de:00:f0:14:84:b4:4d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jul 29 19:53:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bce274a715f06b3970794f1095a93c0efb142b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0f:f4:8c:81:c4:53:2d:2b:de:dd:b0:c2:34:
95:4b:5c:34:37:2e:9c:72:15:38:bb:62:b3:ff:1c:
3b:a9:4c:59:3b:70:f8:a2:f9:00:d1:57:c6:6f:13:
42:1e:b5:40:c0:6c:e2:b0:5c:98:fe:c3:3f:cf:a4:
45:a3:86:98:8e:e2:59:d0:bc:0d:9c:29:e2:c5:70:
62:5e:a9:07:1f:a6:17:b9:44:7c:71:c4:8b:57:87:
9f:1d:4a:61:b8:e9:2b:af:15:6f:81:c6:81:6b:27:
fb:e5:7d:13:66:d4:97:01:7f:63:7b:c0:0d:2f:f1:
07:ea:c7:4e:72:bd:9a:f4:40:85:eb:fb:0d:d3:29:
53:ff:19:ee:58:77:f3:ae:a4:dc:8a:20:11:db:44:
14:dc:81:d4:09:02:73:e7:d7:07:bb:b0:f8:96:a5:
45:86:2b:33:01:fe:60:e4:99:f1:12:99:49:67:5c:
94:65:11:25:70:3e:54:b9:96:0e:1c:6f:59:72:e3:
42:0d:63:fa:be:a9:1b:e8:3a:db:bb:11:41:71:25:
b8:49:78:92:c7:b5:dd:19:6d:59:58:f7:dc:35:41:
2b:1b:43:81:33:fa:d9:a5:ec:1f:7e:2c:06:aa:bf:
a9:b3:56:72:07:a8:27:18:7b:cf:75:bc:ac:d5:58:
d8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CE:27:4A:71:5F:06:B3:97:07:94:F1:09:5A:93:C0:EF:B1:42:B7
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/G84nSnFfBrOXB5TxCVqTwO-xQrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.149.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ee:eb:d1:3b:95:ea:a5:43:e8:9e:70:f1:fa:6e:21:35:ba:
e5:bb:66:0f:af:a7:26:f0:0d:8d:fc:5c:56:e7:bc:20:79:f1:
2d:8a:48:28:8d:75:79:3a:b1:b4:a8:4c:0f:2a:a9:cf:17:1f:
0c:f8:75:66:89:90:fe:cb:61:22:b2:fd:ae:de:2d:45:9f:7f:
a8:30:36:08:b2:8e:f9:cc:72:d5:0f:b9:8b:bb:25:c0:e7:40:
aa:60:32:0d:2e:ad:84:d2:ca:30:a0:32:2e:c9:0f:5e:dc:a0:
a8:d8:ad:7d:2f:e6:2b:87:c5:ca:99:38:bc:68:23:94:09:c3:
7c:fc:49:6a:d8:d1:3e:0b:e5:d1:d7:15:a3:9d:58:8c:49:9c:
4c:fc:a0:79:d4:7a:7c:dc:c9:0c:80:9d:3f:f2:d0:49:63:a5:
28:2d:4c:5f:c9:ab:eb:f4:b0:1e:e0:8b:ae:f4:69:eb:63:31:
0e:de:bb:29:50:4f:6c:a5:2c:65:c1:a9:79:d4:24:88:9c:99:
f3:17:c3:9a:87:c0:2c:d2:ab:73:40:60:7c:c8:83:41:20:b6:
9c:2f:e5:66:89:20:ce:da:40:f3:4e:fe:ae:85:88:ce:1d:d1:
55:fd:88:a7:80:a9:64:b3:fd:7c:6e:4b:5a:06:1a:50:fc:d3:
cc:d2:0c:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhXv0U8gE1Fbt4A8BSEtE2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNzI5MTk1MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNlMjc0YTcxNWYwNmIzOTcwNzk0ZjEwOTVhOTNjMGVmYjE0MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg/0jIHEUy0r3t2wwjSVS1w0Ny6c
chU4u2Kz/xw7qUxZO3D4ovkA0VfGbxNCHrVAwGzisFyY/sM/z6RFo4aYjuJZ0LwN
nCnixXBiXqkHH6YXuUR8ccSLV4efHUphuOkrrxVvgcaBayf75X0TZtSXAX9je8AN
L/EH6sdOcr2a9ECF6/sN0ylT/xnuWHfzrqTciiAR20QU3IHUCQJz59cHu7D4lqVF
hiszAf5g5JnxEplJZ1yUZRElcD5UuZYOHG9ZcuNCDWP6vqkb6DrbuxFBcSW4SXiS
x7XdGW1ZWPfcNUErG0OBM/rZpewffiwGqr+ps1ZyB6gnGHvPdbys1VjYpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvOJ0pxXwazlweU8Qlak8DvsUK3MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvRzg0blNuRmZCck9YQjVUeENWcVR3Ty14UXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwueVMA0G
CSqGSIb3DQEBCwUAA4IBAQAV7uvRO5XqpUPonnDx+m4hNbrlu2YPr6cm8A2N/FxW
57wgefEtikgojXV5OrG0qEwPKqnPFx8M+HVmiZD+y2Eisv2u3i1Fn3+oMDYIso75
zHLVD7mLuyXA50CqYDINLq2E0sowoDIuyQ9e3KCo2K19L+Yrh8XKmTi8aCOUCcN8
/Elq2NE+C+XR1xWjnViMSZxM/KB51Hp83MkMgJ0/8tBJY6UoLUxfyavr9LAe4Iuu
9GnrYzEO3rspUE9spSxlwal51CSInJnzF8Oah8As0qtzQGB8yINBILacL+VmiSDO
2kDzTv6uhYjOHdFV/YingKlks/18bktaBhpQ/NPM0gw6
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:21:53 2025 by rpki-client