Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/Cyo0vgpJooRhhQGTNLDVrhTVpFE.roa
File: Cyo0vgpJooRhhQGTNLDVrhTVpFE.roa (raw, json)
Hash identifier: LY9FHhGpeiEV0YSyhn8sqnrszg5NO3LFheQVRLdgaNI=
Subject key identifier: 0B:2A:34:BE:0A:49:A2:84:61:85:01:93:34:B0:D5:AE:14:D5:A4:51
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0196D7F6FE662BCD6FF5EDE37C8F4549EA40
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/Cyo0vgpJooRhhQGTNLDVrhTVpFE.roa
Signing time: Fri 16 May 2025 07:20:10 +0000
ROA not before: Fri 16 May 2025 07:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8820
IP address blocks: 46.236.208.0/20 maxlen: 24
78.41.48.0/22 maxlen: 24
81.92.0.0/20 maxlen: 24
82.139.192.0/18 maxlen: 24
82.139.196.0/22 maxlen: 24
82.139.222.0/23 maxlen: 24
82.139.252.0/22 maxlen: 24
195.8.224.0/19 maxlen: 24
195.8.253.0/24 maxlen: 24
195.8.254.2/31 maxlen: 32
212.17.224.0/19 maxlen: 24
212.60.128.0/19 maxlen: 24
213.240.128.0/18 maxlen: 24
2a01:170::/32 maxlen: 64
2a01:170:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d7:f6:fe:66:2b:cd:6f:f5:ed:e3:7c:8f:45:49:ea:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: May 16 07:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b2a34be0a49a2846185019334b0d5ae14d5a451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:b4:95:93:91:e3:f8:55:d9:22:48:ff:1f:
46:77:de:3d:23:e8:85:83:d0:00:22:2c:78:46:4a:
14:36:61:c1:84:e3:72:4b:d1:4a:53:03:18:d0:40:
cb:dd:4e:21:10:d7:4c:17:4c:c5:b3:17:c3:88:4d:
22:b2:35:44:86:6c:56:0f:de:2b:19:e1:5b:6c:79:
ad:50:50:02:bf:53:e4:61:c3:ab:d6:fd:0b:b9:57:
b0:f4:81:ba:a9:d9:de:80:4c:53:56:2e:5f:6d:41:
5d:ad:d1:35:0b:45:ba:29:9d:2b:86:7e:1c:24:2c:
a3:4f:bf:1b:45:23:d9:33:17:d3:85:63:36:2a:25:
78:4f:27:27:56:78:f4:61:d1:ef:19:23:49:82:42:
5f:71:b2:8b:06:1d:f7:33:e0:c0:95:14:61:fd:c2:
1c:9b:ba:51:33:7f:cb:e6:32:3c:4a:88:9c:9a:15:
ef:57:ad:7c:07:27:b5:be:81:29:20:7f:5b:b5:a6:
49:0d:1e:f0:e4:f2:a3:82:f3:6e:31:a9:df:f3:8e:
2a:ac:c9:f9:af:1a:52:55:38:9e:4d:fd:10:10:da:
62:cc:99:85:6a:cc:ab:84:bc:27:8e:42:bb:d1:46:
b3:72:88:d3:cd:4e:57:a7:f5:e1:c0:eb:16:85:d0:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2A:34:BE:0A:49:A2:84:61:85:01:93:34:B0:D5:AE:14:D5:A4:51
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/Cyo0vgpJooRhhQGTNLDVrhTVpFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.208.0/20
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
Signature Algorithm: sha256WithRSAEncryption
7d:93:ac:97:b3:fa:41:95:c7:50:e9:74:a2:fa:5e:b9:cb:b2:
61:fe:1f:40:79:67:60:8c:83:8e:aa:0c:26:57:71:c3:fa:c3:
5b:e4:53:62:ea:ee:ab:8c:b7:99:79:02:86:d6:1a:b3:ab:4e:
87:ee:dc:26:d4:4b:aa:27:56:4c:33:8b:c6:36:59:58:ea:c9:
e2:ea:81:72:17:47:55:57:3e:2a:75:e7:0b:67:df:80:94:43:
cc:f7:92:f7:36:2a:bd:8d:b4:be:62:05:5f:68:af:a0:de:7d:
72:d1:7a:00:be:cf:20:b4:78:14:95:cb:d9:56:b4:00:a4:7e:
9e:66:45:d8:de:19:50:9f:ef:69:63:c9:50:c1:11:77:68:7a:
1b:a4:f4:e4:b4:09:3c:a3:15:8c:1f:7c:63:e8:02:37:31:82:
da:a4:fb:59:9d:18:b5:e7:c1:bd:77:d9:95:1b:9d:9a:11:69:
a0:50:f3:97:79:46:2a:ff:d3:89:b2:ba:0a:f8:bd:74:da:8e:
f5:e4:94:f2:98:ea:ee:15:f9:d8:6a:15:c7:db:6c:76:c4:ef:
cb:a0:b6:30:3f:35:e2:d0:c5:21:61:49:e9:76:2c:67:44:7f:
99:1f:94:e8:ae:7c:d7:21:2e:a4:c4:9c:35:28:67:d0:c5:b7:
93:04:66:78
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZbX9v5mK81v9e3jfI9FSepAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNTE2MDcyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjJhMzRiZTBhNDlhMjg0NjE4NTAxOTMzNGIwZDVhZTE0ZDVhNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsu0lZOR4/hV2SJI/x9Gd949I+iF
g9AAIix4RkoUNmHBhONyS9FKUwMY0EDL3U4hENdMF0zFsxfDiE0isjVEhmxWD94r
GeFbbHmtUFACv1PkYcOr1v0LuVew9IG6qdnegExTVi5fbUFdrdE1C0W6KZ0rhn4c
JCyjT78bRSPZMxfThWM2KiV4TycnVnj0YdHvGSNJgkJfcbKLBh33M+DAlRRh/cIc
m7pRM3/L5jI8SoicmhXvV618Bye1voEpIH9btaZJDR7w5PKjgvNuManf844qrMn5
rxpSVTieTf0QENpizJmFasyrhLwnjkK70UazcojTzU5Xp/XhwOsWhdCbbwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAsqNL4KSaKEYYUBkzSw1a4U1aRRMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvQ3lvMHZncEpvb1JoaFFHVE5MRFZyaFRWcEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELuzQAwQC
TikwAwQEUVwAAwQGUovAAwQFwwjgAwQF1BHgAwQF1DyAAwQG1fCAMA0EAgACMAcD
BQAqAQFwMA0GCSqGSIb3DQEBCwUAA4IBAQB9k6yXs/pBlcdQ6XSi+l65y7Jh/h9A
eWdgjIOOqgwmV3HD+sNb5FNi6u6rjLeZeQKG1hqzq06H7twm1EuqJ1ZMM4vGNllY
6sni6oFyF0dVVz4qdecLZ9+AlEPM95L3Niq9jbS+YgVfaK+g3n1y0XoAvs8gtHgU
lcvZVrQApH6eZkXY3hlQn+9pY8lQwRF3aHobpPTktAk8oxWMH3xj6AI3MYLapPtZ
nRi158G9d9mVG52aEWmgUPOXeUYq/9OJsroK+L102o715JTymOruFfnYahXH22x2
xO/LoLYwPzXi0MUhYUnpdixnRH+ZH5TornzXIS6kxJw1KGfQxbeTBGZ4
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:54:45 2025 by rpki-client