Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1-Q0Fpm13AkA52n8l5k0ctr3-0Uw.roa
File: 1-Q0Fpm13AkA52n8l5k0ctr3-0Uw.roa (raw, json)
Hash identifier: ImmrJcgcy8CHYkqIH5BT8/9I+/F0fh7xK4lUIvl0rVw=
Subject key identifier: F9:0D:05:A6:6D:77:02:40:39:DA:7F:25:E6:4D:1C:B6:BD:FE:D1:4C
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 019856D6B7BB14AA987272DA8AFC03691272
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1-Q0Fpm13AkA52n8l5k0ctr3-0Uw.roa
Signing time: Tue 29 Jul 2025 15:39:29 +0000
ROA not before: Tue 29 Jul 2025 15:39:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 158.173.8.0/21 maxlen: 24
185.251.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:d6:b7:bb:14:aa:98:72:72:da:8a:fc:03:69:12:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Jul 29 15:39:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f90d05a66d77024039da7f25e64d1cb6bdfed14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a5:89:4f:25:47:30:71:82:e2:d8:21:b8:18:
a9:1f:bb:89:f6:ff:92:95:83:fa:b0:85:33:2d:4a:
06:1d:3e:0d:81:c7:ca:c8:e4:ac:9d:bc:37:d5:61:
a2:fb:cd:01:03:cb:82:bd:82:4a:6d:a6:95:3f:00:
41:59:40:67:83:05:a7:e2:7e:af:4a:36:e3:00:4c:
ad:9c:68:ed:4e:c4:84:31:f1:e7:36:fc:84:c8:31:
04:c3:b5:ef:52:93:7d:00:3c:f9:3a:e3:a2:e4:3e:
94:6a:86:cd:7e:f4:e7:20:0c:bb:ef:17:b7:59:31:
82:76:fe:3d:af:82:4b:e9:88:ab:5f:f1:31:b4:d8:
bb:d2:c6:09:b0:cd:eb:a0:d4:e8:13:8c:ae:f3:78:
9f:a3:bc:6e:3f:f5:e3:db:a9:4c:78:51:3d:63:43:
dd:8f:58:3f:81:e2:35:eb:fb:53:9a:c1:25:bf:a8:
d1:21:be:d5:cd:00:14:29:5c:5f:e8:4d:94:8d:f0:
b2:a2:9c:e4:83:48:c3:be:dd:ca:66:62:82:84:1a:
80:9f:4f:ec:b0:e2:76:bc:91:46:08:e7:a6:c1:88:
3c:68:e0:dd:1a:52:74:25:aa:b4:7e:7e:4b:f3:80:
db:b0:d4:b3:79:3e:e7:99:33:d2:cb:c4:39:fa:69:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0D:05:A6:6D:77:02:40:39:DA:7F:25:E6:4D:1C:B6:BD:FE:D1:4C
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/1-Q0Fpm13AkA52n8l5k0ctr3-0Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.8.0/21
185.251.21.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:5c:89:6d:ad:ee:67:f7:86:15:d0:12:1a:57:bb:81:53:16:
6f:86:16:49:42:66:39:7a:e1:e4:7e:bf:4b:fc:50:27:49:ee:
f3:76:36:4b:c3:69:02:ef:79:3c:ae:3f:87:f0:7d:af:52:60:
7c:11:44:f5:ee:71:ca:31:10:53:7e:a6:93:e4:24:cb:92:e7:
01:e3:26:ad:3c:4a:2f:1b:9d:7a:fe:25:03:f8:8a:d9:55:11:
5b:bf:08:c8:72:dc:72:35:ad:3b:95:c4:4d:4d:5d:68:a1:d5:
e3:21:85:d6:93:50:6e:35:64:75:e6:53:5e:9e:fe:ac:5b:47:
32:5e:05:58:e6:9a:f1:a1:a9:3a:2c:50:60:d6:06:be:03:94:
ea:85:d6:7a:68:a5:c6:96:ce:9b:7c:6d:dd:c1:24:be:ad:ae:
fe:a0:f4:51:93:db:e3:f0:93:62:e0:1c:d3:42:f3:43:d7:22:
b9:6b:22:68:66:00:fe:88:5d:a2:11:66:9a:35:12:3c:b8:b1:
09:94:fe:14:36:c0:16:eb:00:28:ad:ff:f9:35:00:7c:72:c9:
62:47:e9:85:b9:74:68:d4:70:14:bd:44:9b:e3:48:50:d3:aa:
81:db:20:ad:42:fd:5c:9a:e2:64:af:2f:9b:e5:ac:ed:b2:fb:
a4:8b:ad:12
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZhW1re7FKqYcnLaivwDaRJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjUwNzI5MTUzOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTBkMDVhNjZkNzcwMjQwMzlkYTdmMjVlNjRkMWNiNmJkZmVkMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKWJTyVHMHGC4tghuBipH7uJ9v+S
lYP6sIUzLUoGHT4NgcfKyOSsnbw31WGi+80BA8uCvYJKbaaVPwBBWUBngwWn4n6v
SjbjAEytnGjtTsSEMfHnNvyEyDEEw7XvUpN9ADz5OuOi5D6UaobNfvTnIAy77xe3
WTGCdv49r4JL6YirX/ExtNi70sYJsM3roNToE4yu83ifo7xuP/Xj26lMeFE9Y0Pd
j1g/geI16/tTmsElv6jRIb7VzQAUKVxf6E2UjfCyopzkg0jDvt3KZmKChBqAn0/s
sOJ2vJFGCOemwYg8aODdGlJ0Jaq0fn5L84DbsNSzeT7nmTPSy8Q5+mlhawIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkNBaZtdwJAOdp/JeZNHLa9/tFMMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvMS1RMEZwbTEzQWtBNTJuOGw1azBjdHIzLTBVdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvM2MwNzg1LWIyNzMtNDA3Mi1hNjM1LWQyY2QyNmI2OWRm
MS8xL1ltb290OFktOXFzaFNsTFBwOFBuamJta0NDTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA56tCAME
ALn7FTANBgkqhkiG9w0BAQsFAAOCAQEALFyJba3uZ/eGFdASGle7gVMWb4YWSUJm
OXrh5H6/S/xQJ0nu83Y2S8NpAu95PK4/h/B9r1JgfBFE9e5xyjEQU36mk+Qky5Ln
AeMmrTxKLxudev4lA/iK2VURW78IyHLccjWtO5XETU1daKHV4yGF1pNQbjVkdeZT
Xp7+rFtHMl4FWOaa8aGpOixQYNYGvgOU6oXWemilxpbOm3xt3cEkvq2u/qD0UZPb
4/CTYuAc00LzQ9ciuWsiaGYA/ohdohFmmjUSPLixCZT+FDbAFusAKK3/+TUAfHLJ
Ykfphbl0aNRwFL1Em+NIUNOqgdsgrUL9XJriZK8vm+Ws7bL7pIutEg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:45:16 2025 by rpki-client