Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/PatIGgqD86wzEVK_Ek5eJMyyPEQ.roa
File: PatIGgqD86wzEVK_Ek5eJMyyPEQ.roa (raw, json)
Hash identifier: Jnvv+9lMqzmCQICWK+8e6OXgwkBFe9S6SxW0ystXjQE=
Subject key identifier: 3D:AB:48:1A:0A:83:F3:AC:33:11:52:BF:12:4E:5E:24:CC:B2:3C:44
Certificate issuer: /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Certificate serial: 01984115330D9F56D13CC12E5479D99021F8
Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/PatIGgqD86wzEVK_Ek5eJMyyPEQ.roa
Signing time: Fri 25 Jul 2025 10:16:05 +0000
ROA not before: Fri 25 Jul 2025 10:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43458
IP address blocks: 213.159.136.0/24 maxlen: 24
213.159.137.0/24 maxlen: 24
213.159.138.0/24 maxlen: 24
2a0a:d7c0:724::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:15:33:0d:9f:56:d1:3c:c1:2e:54:79:d9:90:21:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Validity
Not Before: Jul 25 10:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dab481a0a83f3ac331152bf124e5e24ccb23c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:c3:a7:ce:38:3a:53:3f:8b:d0:2c:a8:5c:
58:55:d0:1f:d3:d5:40:34:46:cd:73:4b:87:44:95:
ad:52:95:c6:08:60:a1:51:ad:db:7f:f3:60:e4:e6:
cd:b5:bb:57:60:73:a9:f3:3b:22:bb:00:33:ff:ac:
fd:5d:98:58:70:8c:24:d3:e6:2a:28:96:3c:ef:e8:
bb:1e:cc:5a:7a:df:ad:22:ef:bb:8c:04:01:82:bf:
d8:af:32:3a:b8:fd:22:a0:3c:e8:c6:6c:ee:74:75:
a3:8e:36:47:d4:5f:4b:94:6d:f9:0f:5b:69:2d:ec:
f1:63:b7:34:8b:89:49:b5:48:64:0f:32:2f:f3:74:
9f:42:5b:67:ea:85:10:02:d6:d3:70:0e:88:a9:b1:
fe:bc:34:b3:6e:46:b7:7e:0f:5f:41:ba:e9:63:b3:
e6:99:7b:9b:16:51:e1:dc:5c:10:68:7e:9c:1b:a6:
00:45:72:ac:3e:73:1e:69:1a:51:32:c2:7a:d3:68:
81:dc:41:aa:c1:f5:b7:7f:d8:00:16:8e:22:c5:ff:
fc:2f:9c:03:6f:29:8e:f6:63:43:dc:d0:99:bc:62:
9f:5e:d4:ed:cd:08:18:3c:bf:7f:13:cc:3c:b3:fd:
fe:ff:86:26:5f:e7:fc:3c:c4:0c:a1:94:4a:15:84:
02:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AB:48:1A:0A:83:F3:AC:33:11:52:BF:12:4E:5E:24:CC:B2:3C:44
X509v3 Authority Key Identifier:
keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/PatIGgqD86wzEVK_Ek5eJMyyPEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.159.136.0-213.159.138.255
IPv6:
2a0a:d7c0:724::/48
Signature Algorithm: sha256WithRSAEncryption
6d:b4:78:2f:eb:a0:2b:a1:b8:9c:99:63:a2:00:67:2e:cb:a9:
84:e7:81:c1:7e:10:62:c6:cf:55:82:ed:d4:fb:83:5d:69:9c:
86:42:a6:18:36:92:86:5c:52:fa:13:b9:ca:4f:ef:70:3c:10:
5f:29:8e:3f:2b:43:9b:ee:40:24:9c:01:f6:1f:6e:53:2a:4d:
08:ce:e1:7f:f8:91:27:84:13:bb:fb:bc:6b:85:48:1a:ef:fe:
13:d6:59:80:1c:34:c8:c4:72:91:b7:14:db:bd:82:74:91:16:
b8:2a:29:88:63:8e:72:00:01:e3:82:2a:28:23:0d:7a:12:3d:
0d:a0:1c:c9:4c:95:6b:e7:4f:db:41:7a:e3:9a:24:36:2f:b2:
7d:3d:4f:60:1a:0e:eb:51:83:a7:46:1b:4c:f4:9c:23:08:c5:
94:2f:7e:3c:b8:8c:65:69:30:67:aa:18:29:48:18:b7:36:31:
94:12:25:62:92:fc:50:d7:74:1a:c4:49:26:af:eb:e7:e4:9b:
65:bb:97:4b:bb:b9:cb:8f:40:c5:86:b9:d0:a1:71:da:a0:cf:
fe:7c:42:37:bf:ed:17:67:22:61:49:68:3b:fb:c4:7d:d5:dc:
aa:98:4b:73:5e:d1:8a:ef:a5:f9:ad:ef:26:fe:84:01:1e:da:
c2:41:08:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhBFTMNn1bRPMEuVHnZkCH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw
MTU4YWUwHhcNMjUwNzI1MTAxNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGFiNDgxYTBhODNmM2FjMzMxMTUyYmYxMjRlNWUyNGNjYjIzYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNvDp844OlM/i9AsqFxYVdAf09VA
NEbNc0uHRJWtUpXGCGChUa3bf/Ng5ObNtbtXYHOp8zsiuwAz/6z9XZhYcIwk0+Yq
KJY87+i7Hsxaet+tIu+7jAQBgr/YrzI6uP0ioDzoxmzudHWjjjZH1F9LlG35D1tp
LezxY7c0i4lJtUhkDzIv83SfQltn6oUQAtbTcA6IqbH+vDSzbka3fg9fQbrpY7Pm
mXubFlHh3FwQaH6cG6YARXKsPnMeaRpRMsJ602iB3EGqwfW3f9gAFo4ixf/8L5wD
bymO9mND3NCZvGKfXtTtzQgYPL9/E8w8s/3+/4YmX+f8PMQMoZRKFYQCjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2rSBoKg/OsMxFSvxJOXiTMsjxEMB8GA1UdIwQY
MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt
MGFmMmU1NDE2NDZjLzEvUGF0SUdncUQ4Nnd6RVZLX0VrNWVKTXl5UEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj
LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPVn4gD
BADVn4owDwQCAAIwCQMHACoK18AHJDANBgkqhkiG9w0BAQsFAAOCAQEAbbR4L+ug
K6G4nJljogBnLsuphOeBwX4QYsbPVYLt1PuDXWmchkKmGDaShlxS+hO5yk/vcDwQ
XymOPytDm+5AJJwB9h9uUypNCM7hf/iRJ4QTu/u8a4VIGu/+E9ZZgBw0yMRykbcU
272CdJEWuCopiGOOcgAB44IqKCMNehI9DaAcyUyVa+dP20F645okNi+yfT1PYBoO
61GDp0YbTPScIwjFlC9+PLiMZWkwZ6oYKUgYtzYxlBIlYpL8UNd0GsRJJq/r5+Sb
ZbuXS7u5y49AxYa50KFx2qDP/nxCN7/tF2ciYUloO/vEfdXcqphLc17Riu+l+a3v
Jv6EAR7awkEIqA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:29:47 2025 by rpki-client