Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/EdKvKktbhV253248rH8OS7KgOJc.roa
File: EdKvKktbhV253248rH8OS7KgOJc.roa (raw, json)
Hash identifier: OVq8FxeeYttd7uYMiCGl4rm6BCNN8JrWv82y6k+zOKs=
Subject key identifier: 11:D2:AF:2A:4B:5B:85:5D:B9:DF:6E:3C:AC:7F:0E:4B:B2:A0:38:97
Certificate issuer: /CN=c989660bf147f628fb7cf8b2718737fea86298d0
Certificate serial: 0197F88AB2985F7784517ECE416B6A002C4A
Authority key identifier: C9:89:66:0B:F1:47:F6:28:FB:7C:F8:B2:71:87:37:FE:A8:62:98:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYlmC_FH9ij7fPiycYc3_qhimNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/EdKvKktbhV253248rH8OS7KgOJc.roa
Signing time: Fri 11 Jul 2025 08:12:08 +0000
ROA not before: Fri 11 Jul 2025 08:12:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33883
IP address blocks: 46.30.232.0/21 maxlen: 21
185.22.124.0/22 maxlen: 22
217.168.208.0/20 maxlen: 20
2a03:2b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/yYlmC_FH9ij7fPiycYc3_qhimNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/yYlmC_FH9ij7fPiycYc3_qhimNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYlmC_FH9ij7fPiycYc3_qhimNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f8:8a:b2:98:5f:77:84:51:7e:ce:41:6b:6a:00:2c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c989660bf147f628fb7cf8b2718737fea86298d0
Validity
Not Before: Jul 11 08:12:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11d2af2a4b5b855db9df6e3cac7f0e4bb2a03897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9a:0a:71:9f:34:5e:97:12:8a:c7:e8:bf:47:
00:42:5b:a4:0d:4d:ff:09:63:22:41:09:1e:c2:c7:
01:0e:97:06:4d:e8:14:7f:63:cd:09:20:96:f7:2a:
28:85:29:2f:3b:a2:45:90:92:cf:5b:2b:97:e9:8c:
b6:c0:58:20:63:54:de:fa:57:df:d1:a0:51:e8:2a:
5b:c4:6c:de:d3:d8:79:c5:39:11:63:eb:24:38:bd:
78:2a:ea:3e:97:7b:30:b2:d0:46:8d:c6:0d:a0:ae:
5c:70:db:63:24:64:b3:a0:f2:7a:62:ff:0f:38:2b:
bd:5b:65:74:f1:e3:66:fe:a2:35:d3:ec:c7:20:3d:
8e:48:40:12:09:bc:84:47:b2:5c:b1:1a:70:cb:f2:
dd:c5:fb:73:82:fd:84:9d:c3:54:89:0b:27:7b:38:
89:56:c0:9b:16:29:ee:af:4f:8d:7a:32:77:39:28:
05:41:b4:82:2d:0a:7a:53:39:78:12:23:20:36:30:
22:32:dd:f3:61:44:87:b7:29:ea:c8:db:4e:ce:ba:
82:b3:26:be:4b:b4:41:14:b2:a2:ac:80:3d:05:09:
be:c0:0c:c1:cf:cf:aa:c4:5c:cb:6b:10:ea:d2:b4:
18:0d:2d:7c:9b:5a:f5:a7:14:6e:37:a0:82:de:0d:
0a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D2:AF:2A:4B:5B:85:5D:B9:DF:6E:3C:AC:7F:0E:4B:B2:A0:38:97
X509v3 Authority Key Identifier:
keyid:C9:89:66:0B:F1:47:F6:28:FB:7C:F8:B2:71:87:37:FE:A8:62:98:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYlmC_FH9ij7fPiycYc3_qhimNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/EdKvKktbhV253248rH8OS7KgOJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6f0392-8a85-47ab-8746-c198653aac5f/1/yYlmC_FH9ij7fPiycYc3_qhimNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.232.0/21
185.22.124.0/22
217.168.208.0/20
IPv6:
2a03:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
16:d7:9c:be:e3:dd:6a:dd:90:a5:52:6f:6a:ae:e9:90:4e:d5:
87:5e:23:ee:f3:5d:b1:97:09:85:a1:70:35:00:81:c0:db:1c:
e4:46:96:ae:da:34:c4:91:36:67:87:a5:54:83:37:54:2d:fb:
6d:56:3e:fb:54:aa:21:de:05:d3:70:02:d8:54:28:9a:42:77:
35:0d:1f:c3:b2:43:e7:96:a4:2c:32:f9:86:6a:cd:03:1f:5a:
d7:87:40:16:0f:a8:2c:e4:46:23:3b:ad:98:83:89:43:80:6b:
3d:dc:3e:63:01:ce:4a:f7:65:54:a2:e6:0c:8c:9a:10:08:00:
97:5e:01:41:a8:15:c9:87:0b:51:4c:77:ec:cc:c8:c9:4f:a0:
cf:b2:36:9c:df:79:08:e7:b6:4b:76:be:9d:63:9f:b4:a5:35:
12:da:3b:76:f0:a9:8a:f8:eb:40:3a:ee:b2:45:f9:07:30:52:
91:e2:b1:fb:f5:24:9f:1e:81:85:ee:a4:c2:3c:92:d7:be:1c:
e6:11:4e:b2:c7:ef:d5:79:75:3f:b9:a3:cf:0e:25:b5:d0:09:
0a:40:d6:8b:3b:11:14:9e:79:92:c5:d2:09:97:e4:05:95:d0:
4b:4b:58:a7:cf:f5:cb:7b:07:69:b4:c4:cc:a7:b1:88:93:3b:
fa:08:27:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZf4irKYX3eEUX7OQWtqACxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODk2NjBiZjE0N2Y2MjhmYjdjZjhiMjcxODczN2ZlYTg2
Mjk4ZDAwHhcNMjUwNzExMDgxMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQyYWYyYTRiNWI4NTVkYjlkZjZlM2NhYzdmMGU0YmIyYTAzODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpoKcZ80XpcSisfov0cAQlukDU3/
CWMiQQkewscBDpcGTegUf2PNCSCW9yoohSkvO6JFkJLPWyuX6Yy2wFggY1Te+lff
0aBR6CpbxGze09h5xTkRY+skOL14Kuo+l3swstBGjcYNoK5ccNtjJGSzoPJ6Yv8P
OCu9W2V08eNm/qI10+zHID2OSEASCbyER7JcsRpwy/Ldxftzgv2EncNUiQsneziJ
VsCbFinur0+NejJ3OSgFQbSCLQp6Uzl4EiMgNjAiMt3zYUSHtynqyNtOzrqCsya+
S7RBFLKirIA9BQm+wAzBz8+qxFzLaxDq0rQYDS18m1r1pxRuN6CC3g0KhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBHSrypLW4Vdud9uPKx/DkuyoDiXMB8GA1UdIwQY
MBaAFMmJZgvxR/Yo+3z4snGHN/6oYpjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlsbUNfRkg5aWo3ZlBpeWNZYzNfcWhpbU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82ZjAzOTItOGE4NS00N2FiLTg3NDYt
YzE5ODY1M2FhYzVmLzEvRWRLdktrdGJoVjI1MzI0OHJIOE9TN0tnT0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82ZjAzOTItOGE4NS00N2FiLTg3NDYtYzE5ODY1M2FhYzVm
LzEveVlsbUNfRkg5aWo3ZlBpeWNZYzNfcWhpbU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLh7oAwQC
uRZ8AwQE2ajQMA0EAgACMAcDBQMqAyuAMA0GCSqGSIb3DQEBCwUAA4IBAQAW15y+
491q3ZClUm9qrumQTtWHXiPu812xlwmFoXA1AIHA2xzkRpau2jTEkTZnh6VUgzdU
LfttVj77VKoh3gXTcALYVCiaQnc1DR/DskPnlqQsMvmGas0DH1rXh0AWD6gs5EYj
O62Yg4lDgGs93D5jAc5K92VUouYMjJoQCACXXgFBqBXJhwtRTHfszMjJT6DPsjac
33kI57ZLdr6dY5+0pTUS2jt28KmK+OtAOu6yRfkHMFKR4rH79SSfHoGF7qTCPJLX
vhzmEU6yx+/VeXU/uaPPDiW10AkKQNaLOxEUnnmSxdIJl+QFldBLS1inz/XLewdp
tMTMp7GIkzv6CCcI
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:43:59 2025 by rpki-client