Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/yP_dwUj9wkpGZraCJm3_QUlcxSc.roa
File: yP_dwUj9wkpGZraCJm3_QUlcxSc.roa (raw, json)
Hash identifier: PpcRyK/zlLSo8ZccoU5Ov6j3mDsKb8kB7dCU9P4KBZQ=
Subject key identifier: C8:FF:DD:C1:48:FD:C2:4A:46:66:B6:82:26:6D:FF:41:49:5C:C5:27
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 01987F58243424229A029E27D9FE44158F1A
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/yP_dwUj9wkpGZraCJm3_QUlcxSc.roa
Signing time: Wed 06 Aug 2025 12:25:39 +0000
ROA not before: Wed 06 Aug 2025 12:25:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197477
IP address blocks: 185.97.215.0/24 maxlen: 24
2a13:e3c0::/32 maxlen: 48
2a13:e3c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:58:24:34:24:22:9a:02:9e:27:d9:fe:44:15:8f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Aug 6 12:25:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8ffddc148fdc24a4666b682266dff41495cc527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5f:7b:b8:e7:d2:2b:d8:2e:09:56:5c:6a:c7:
15:ea:ee:8e:3b:cf:c6:3f:9a:41:26:ce:7f:14:91:
02:52:57:e5:a5:bb:0f:3d:4a:c4:73:43:d7:f6:da:
14:5b:45:2b:69:1c:e1:35:8b:5d:3a:b6:70:3c:a6:
58:63:27:cb:30:96:8b:c6:1d:f9:a0:35:98:53:ac:
27:dc:d1:10:82:94:a2:0c:86:8e:e4:4a:1d:ce:fe:
84:59:cb:57:69:9f:14:a1:e2:db:36:72:39:2b:5a:
31:6b:bf:15:68:61:19:e1:47:9f:6c:1f:6c:96:f6:
f7:45:9b:b9:dd:22:54:03:44:04:03:7f:be:85:01:
33:f5:51:77:d4:f5:a5:88:f2:4e:a6:a8:f8:3e:69:
06:d6:6c:a1:ee:20:fe:5a:93:00:25:84:cf:48:31:
fb:14:22:dc:b9:f2:c8:e9:79:f9:78:24:d3:35:31:
c2:e6:4b:ae:f8:f6:32:6c:11:d2:b7:a9:91:b5:87:
52:e5:f2:f7:23:77:36:16:8c:40:2e:fc:49:38:b3:
4b:36:62:02:fd:ba:bf:78:c7:b4:53:74:fb:a0:be:
92:d6:40:b7:65:2a:c4:13:b9:b8:0a:04:7a:7b:03:
f2:5d:81:9e:58:0b:de:61:f5:a6:69:77:93:74:f3:
69:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FF:DD:C1:48:FD:C2:4A:46:66:B6:82:26:6D:FF:41:49:5C:C5:27
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/yP_dwUj9wkpGZraCJm3_QUlcxSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.215.0/24
IPv6:
2a13:e3c0::/31
Signature Algorithm: sha256WithRSAEncryption
c3:cf:1a:93:31:cf:69:4f:01:68:e5:1f:f3:31:8d:e2:18:a9:
eb:6c:b6:21:4b:4a:a0:2a:1e:5c:25:d4:c7:2c:8b:21:91:f2:
6c:4f:25:c6:07:f6:c9:28:06:7e:d8:d9:ac:20:fa:6b:0a:2f:
6f:39:ec:23:d6:fa:8f:7c:6e:0e:b7:e2:53:23:50:42:11:4d:
f8:56:a9:a6:dc:c0:7a:50:7d:9e:92:2d:31:09:5b:40:44:d9:
5f:1f:7a:cd:fb:27:46:ed:f1:13:33:d0:ba:96:4e:d3:95:71:
e7:62:a1:ba:cd:38:d5:77:75:b8:85:78:81:eb:c6:61:88:6c:
e8:05:8a:2f:68:61:62:ba:4c:05:12:db:52:c4:aa:fb:ff:31:
48:31:0a:b5:98:1a:09:09:34:76:55:d3:44:44:2a:81:0e:21:
ac:b6:97:9d:59:c6:ae:93:72:d2:39:31:0a:6a:d4:1d:f4:2c:
50:12:83:49:11:17:f3:72:37:bc:f4:6b:63:f8:c9:8e:59:a0:
9f:6f:d1:0c:c7:2e:63:f2:fc:c3:18:6d:fd:60:bb:32:60:ae:
5c:17:1a:5a:2f:0e:09:fc:7f:e5:89:23:1d:17:b9:b8:bc:8f:
79:26:e8:88:f3:bc:39:cf:9f:b5:c9:71:23:38:a0:a4:11:b3:
1b:25:60:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZh/WCQ0JCKaAp4n2f5EFY8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjUwODA2MTIyNTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZmZGRjMTQ4ZmRjMjRhNDY2NmI2ODIyNjZkZmY0MTQ5NWNjNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw197uOfSK9guCVZcascV6u6OO8/G
P5pBJs5/FJECUlflpbsPPUrEc0PX9toUW0UraRzhNYtdOrZwPKZYYyfLMJaLxh35
oDWYU6wn3NEQgpSiDIaO5Eodzv6EWctXaZ8UoeLbNnI5K1oxa78VaGEZ4UefbB9s
lvb3RZu53SJUA0QEA3++hQEz9VF31PWliPJOpqj4PmkG1myh7iD+WpMAJYTPSDH7
FCLcufLI6Xn5eCTTNTHC5kuu+PYybBHSt6mRtYdS5fL3I3c2FoxALvxJOLNLNmIC
/bq/eMe0U3T7oL6S1kC3ZSrEE7m4CgR6ewPyXYGeWAveYfWmaXeTdPNp/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMj/3cFI/cJKRma2giZt/0FJXMUnMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEveVBfZHdVajl3a3BHWnJhQ0ptM19RVWxjeFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWHXMA0E
AgACMAcDBQEqE+PAMA0GCSqGSIb3DQEBCwUAA4IBAQDDzxqTMc9pTwFo5R/zMY3i
GKnrbLYhS0qgKh5cJdTHLIshkfJsTyXGB/bJKAZ+2NmsIPprCi9vOewj1vqPfG4O
t+JTI1BCEU34Vqmm3MB6UH2eki0xCVtARNlfH3rN+ydG7fETM9C6lk7TlXHnYqG6
zTjVd3W4hXiB68ZhiGzoBYovaGFiukwFEttSxKr7/zFIMQq1mBoJCTR2VdNERCqB
DiGstpedWcauk3LSOTEKatQd9CxQEoNJERfzcje89Gtj+MmOWaCfb9EMxy5j8vzD
GG39YLsyYK5cFxpaLw4J/H/liSMdF7m4vI95JuiI87w5z5+1yXEjOKCkEbMbJWB0
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:10:01 2025 by rpki-client