Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7lwdIx-BmOBxqDqyRpd2S7FSWhg.roa
File: 7lwdIx-BmOBxqDqyRpd2S7FSWhg.roa (raw, json)
Hash identifier: v8LBl/JbK1k+h9sE877SToNyvPg3xMWSAzwQUf+90EY=
Subject key identifier: EE:5C:1D:23:1F:81:98:E0:71:A8:3A:B2:46:97:76:4B:B1:52:5A:18
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0198131BA09AE979C9B5A237B15F0058C856
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7lwdIx-BmOBxqDqyRpd2S7FSWhg.roa
Signing time: Wed 16 Jul 2025 12:00:34 +0000
ROA not before: Wed 16 Jul 2025 12:00:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215232
IP address blocks: 185.238.191.0/24 maxlen: 24
2a0e:b107:2693::/48 maxlen: 48
2a0e:b107:27de::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:1b:a0:9a:e9:79:c9:b5:a2:37:b1:5f:00:58:c8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 16 12:00:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee5c1d231f8198e071a83ab24697764bb1525a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bb:e8:36:dd:5a:bf:b8:a1:77:33:5e:74:87:
85:b6:bf:86:62:f8:5c:aa:70:86:7e:44:86:56:a8:
5b:fb:42:b1:e2:bf:18:9c:82:c0:ad:0c:8d:3b:1f:
8c:0e:23:80:ce:45:13:43:91:9e:38:6d:2f:fe:e9:
ac:a5:8f:b2:e1:72:f9:83:38:2b:ec:fb:53:31:b8:
45:33:30:36:62:06:38:e3:6b:ae:7e:10:5b:9c:68:
8e:69:40:bd:3b:43:c8:b8:36:3a:62:52:1a:24:c8:
70:b9:09:f3:ab:6e:9c:39:2c:0e:35:9b:2d:ae:c8:
4c:47:74:17:33:70:ef:44:75:1b:c4:55:74:4f:1c:
c5:b1:be:25:7e:11:7f:e7:1b:0d:49:d6:30:6f:9e:
e2:b0:b6:51:48:90:6a:56:dd:dc:4a:04:00:37:1b:
ee:52:5b:1d:6f:5f:eb:b4:5c:40:61:2c:d9:70:8e:
c1:5c:17:35:06:37:2b:30:a1:10:3c:ed:b8:92:96:
3f:24:68:f6:c5:8d:37:98:d2:71:ba:57:2f:00:2f:
de:6d:5f:64:64:5c:a5:7e:c2:ce:ee:1a:91:42:2a:
ea:6b:38:f9:80:8c:a5:2f:4e:96:4f:1d:92:07:65:
14:fe:31:68:9f:10:78:bb:5a:67:c2:43:09:8a:04:
9d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5C:1D:23:1F:81:98:E0:71:A8:3A:B2:46:97:76:4B:B1:52:5A:18
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7lwdIx-BmOBxqDqyRpd2S7FSWhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.191.0/24
IPv6:
2a0e:b107:2693::/48
2a0e:b107:27de::/48
Signature Algorithm: sha256WithRSAEncryption
12:2c:6b:6e:41:0c:93:8e:e2:8e:01:e6:42:22:04:29:96:23:
46:69:9b:89:8a:1e:69:d4:c6:45:28:b9:a5:34:39:37:b5:e3:
70:a2:8b:d7:98:6f:f8:94:3f:13:cf:ef:dc:e9:f0:e3:ac:5d:
a4:51:8a:c4:54:d3:b4:e1:c2:06:77:d9:0b:5e:f3:26:e0:cd:
19:f0:e6:66:d9:c7:72:b5:37:7b:be:46:1d:87:d8:93:f7:75:
04:e7:64:02:da:34:9a:36:30:29:d6:e7:7e:b8:46:c5:8e:8f:
7f:b1:9b:4b:88:58:3d:76:eb:7e:4f:11:ae:6f:ed:ce:86:97:
29:42:d2:be:f8:3c:e3:94:3a:36:c1:24:66:c7:f5:6d:c0:7c:
4e:d2:b3:00:85:0a:67:b2:e6:a3:de:23:35:8b:d7:38:32:ad:
27:2a:75:ae:e9:e1:c1:78:75:25:dd:ac:28:f3:98:ba:76:f1:
43:f1:54:54:2c:2d:38:c9:81:53:5d:76:dc:60:c6:18:42:55:
4d:0a:bb:4b:7c:ba:40:6c:13:c7:ba:28:00:dd:4b:fc:3d:6b:
fa:6b:31:9c:f9:c0:d3:70:7d:34:83:90:fb:24:e6:68:be:62:
f9:12:5c:8b:d4:68:4f:7e:6f:8d:5d:92:36:18:dc:8c:3e:9d:
22:60:9a:6b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZgTG6Ca6XnJtaI3sV8AWMhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNzE2MTIwMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVjMWQyMzFmODE5OGUwNzFhODNhYjI0Njk3NzY0YmIxNTI1YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LvoNt1av7ihdzNedIeFtr+GYvhc
qnCGfkSGVqhb+0Kx4r8YnILArQyNOx+MDiOAzkUTQ5GeOG0v/umspY+y4XL5gzgr
7PtTMbhFMzA2YgY442uufhBbnGiOaUC9O0PIuDY6YlIaJMhwuQnzq26cOSwONZst
rshMR3QXM3DvRHUbxFV0TxzFsb4lfhF/5xsNSdYwb57isLZRSJBqVt3cSgQANxvu
Ulsdb1/rtFxAYSzZcI7BXBc1BjcrMKEQPO24kpY/JGj2xY03mNJxulcvAC/ebV9k
ZFylfsLO7hqRQirqazj5gIylL06WTx2SB2UU/jFonxB4u1pnwkMJigSdcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO5cHSMfgZjgcag6skaXdkuxUloYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN2x3ZEl4LUJtT0J4cURxeVJwZDJTN0ZTV2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAue6/MBgE
AgACMBIDBwAqDrEHJpMDBwAqDrEHJ94wDQYJKoZIhvcNAQELBQADggEBABIsa25B
DJOO4o4B5kIiBCmWI0Zpm4mKHmnUxkUouaU0OTe143Cii9eYb/iUPxPP79zp8OOs
XaRRisRU07ThwgZ32Qte8ybgzRnw5mbZx3K1N3u+Rh2H2JP3dQTnZALaNJo2MCnW
5364RsWOj3+xm0uIWD12635PEa5v7c6GlylC0r74POOUOjbBJGbH9W3AfE7SswCF
Cmey5qPeIzWL1zgyrScqda7p4cF4dSXdrCjzmLp28UPxVFQsLTjJgVNddtxgxhhC
VU0Ku0t8ukBsE8e6KADdS/w9a/prMZz5wNNwfTSDkPsk5mi+YvkSXIvUaE9+b41d
kjYY3Iw+nSJgmms=
-----END CERTIFICATE-----
Generated at Sat Aug 9 15:10:25 2025 by rpki-client