Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Sucl-ga8bKlbfGlHsxsq1Oo80t0.roa
File: Sucl-ga8bKlbfGlHsxsq1Oo80t0.roa (raw, json)
Hash identifier: k1Htljgs56uFbBPsZWyrCnN1sbAvxLT63YyfljrMCbY=
Subject key identifier: 4A:E7:25:FA:06:BC:6C:A9:5B:7C:69:47:B3:1B:2A:D4:EA:3C:D2:DD
Certificate issuer: /CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Certificate serial: 019874341D4A9495EB6A9F7E922AED338B8E
Authority key identifier: BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Sucl-ga8bKlbfGlHsxsq1Oo80t0.roa
Signing time: Mon 04 Aug 2025 08:30:29 +0000
ROA not before: Mon 04 Aug 2025 08:30:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60284
IP address blocks: 178.238.0.0/22 maxlen: 24
193.9.27.0/24 maxlen: 24
193.135.96.0/22 maxlen: 24
193.135.96.0/23 maxlen: 23
193.135.98.0/24 maxlen: 24
193.135.99.0/24 maxlen: 32
193.228.197.0/24 maxlen: 24
193.228.198.0/24 maxlen: 24
2a13:a200::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:34:1d:4a:94:95:eb:6a:9f:7e:92:2a:ed:33:8b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Validity
Not Before: Aug 4 08:30:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae725fa06bc6ca95b7c6947b31b2ad4ea3cd2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:14:d7:4f:83:60:52:03:36:e2:66:a3:85:
4a:cc:43:c9:13:df:92:34:0a:0b:81:de:1d:18:a7:
2d:a8:d6:fd:a7:d6:e5:8f:b7:a6:cc:0e:1a:c8:29:
49:16:e7:eb:0d:8a:03:b2:e2:ce:db:cd:0f:27:1b:
1d:d8:94:cc:d7:ec:30:02:49:1c:8e:7f:40:94:da:
17:10:ac:6e:59:53:ae:2f:8d:65:f5:30:28:da:93:
d9:e4:41:4f:71:1f:94:f8:fc:8d:fb:1c:a6:d2:9a:
e6:67:22:11:ea:a7:43:a7:33:67:5a:00:4f:1f:9b:
65:cd:d3:74:15:b0:fc:43:71:52:e1:bf:b8:f9:2f:
8e:a8:bd:11:55:4c:fe:be:0d:38:3b:9d:7d:63:d9:
45:38:ce:2a:7c:d2:4b:47:ed:c3:18:e4:6f:40:a4:
67:9c:64:81:fb:f8:52:32:06:b1:b8:61:16:83:81:
71:94:5b:b9:83:ba:25:15:6c:65:25:d9:ba:a8:74:
be:6c:f6:59:0d:93:be:8a:99:b3:39:2a:66:d8:38:
d1:11:10:af:a6:48:b6:04:b3:04:c4:20:42:b4:b8:
ae:13:4e:3f:a9:5b:e2:9c:bd:4b:dc:e4:06:80:d4:
10:03:e9:61:d6:14:29:9c:28:f1:7f:cb:2a:77:59:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E7:25:FA:06:BC:6C:A9:5B:7C:69:47:B3:1B:2A:D4:EA:3C:D2:DD
X509v3 Authority Key Identifier:
keyid:BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Sucl-ga8bKlbfGlHsxsq1Oo80t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.0.0/22
193.9.27.0/24
193.135.96.0/22
193.228.197.0-193.228.198.255
IPv6:
2a13:a200::/29
Signature Algorithm: sha256WithRSAEncryption
68:17:94:65:e9:1a:1f:d6:58:e4:d7:b7:03:47:9f:da:c1:67:
8f:58:81:6b:56:e2:26:8a:41:66:17:26:e5:aa:c2:ee:17:ff:
12:88:3c:4b:26:dc:38:5f:31:40:bf:c1:d8:2c:47:9f:c1:f0:
ce:d1:ae:c5:3e:25:f9:e2:5d:42:53:b6:8b:3d:0c:41:aa:c5:
6d:93:96:5b:47:ac:0e:f7:66:57:0e:ed:d1:2c:fd:38:b3:d5:
30:c4:5a:8d:7a:19:22:4b:26:f3:2c:d0:61:df:a8:43:2d:9b:
45:7a:19:77:60:53:5b:17:8b:5c:b0:4e:81:4f:38:7d:54:bd:
4a:d6:b6:fe:9a:d6:0a:fc:92:35:80:a6:7d:76:34:94:7b:c1:
18:7c:c1:bb:c1:43:97:5b:3e:eb:17:57:96:7a:d9:fb:d1:a8:
7b:c7:47:51:45:2e:09:6f:6c:42:02:cf:c2:19:81:6c:9c:37:
89:3c:3d:2c:b5:08:dd:3b:87:56:84:48:33:81:96:13:d0:47:
52:9e:9c:c7:b8:1e:66:2d:89:b0:8f:a5:08:b3:63:0b:52:52:
84:d7:76:0e:dc:ef:a2:b4:c9:20:8b:82:7d:a9:9a:bb:9e:13:
42:a6:9b:59:cd:6f:46:cd:0f:dc:b7:7c:cc:89:8f:e1:b9:ea:
3b:25:00:d7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZh0NB1KlJXrap9+kirtM4uOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTYzNmZmNTIzZTVmMzczNDIyN2YzM2M0NGMyZTUwZmY4
ZDFlZTIwHhcNMjUwODA0MDgzMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU3MjVmYTA2YmM2Y2E5NWI3YzY5NDdiMzFiMmFkNGVhM2NkMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BMU10+DYFIDNuJmo4VKzEPJE9+S
NAoLgd4dGKctqNb9p9blj7emzA4ayClJFufrDYoDsuLO280PJxsd2JTM1+wwAkkc
jn9AlNoXEKxuWVOuL41l9TAo2pPZ5EFPcR+U+PyN+xym0prmZyIR6qdDpzNnWgBP
H5tlzdN0FbD8Q3FS4b+4+S+OqL0RVUz+vg04O519Y9lFOM4qfNJLR+3DGORvQKRn
nGSB+/hSMgaxuGEWg4FxlFu5g7olFWxlJdm6qHS+bPZZDZO+ipmzOSpm2DjRERCv
pki2BLMExCBCtLiuE04/qVvinL1L3OQGgNQQA+lh1hQpnCjxf8sqd1kr9QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFErnJfoGvGypW3xpR7MbKtTqPNLdMB8GA1UdIwQY
MBaAFL3mNv9SPl83NCJ/M8RMLlD/jR7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYt
N2JmYjQzODFhYjU0LzEvU3VjbC1nYThiS2xiZkdsSHN4c3ExT284MHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYtN2JmYjQzODFhYjU0
LzEvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCsu4AAwQA
wQkbAwQCwYdgMAwDBADB5MUDBADB5MYwDQQCAAIwBwMFAyoTogAwDQYJKoZIhvcN
AQELBQADggEBAGgXlGXpGh/WWOTXtwNHn9rBZ49YgWtW4iaKQWYXJuWqwu4X/xKI
PEsm3DhfMUC/wdgsR5/B8M7RrsU+JfniXUJTtos9DEGqxW2TlltHrA73ZlcO7dEs
/Tiz1TDEWo16GSJLJvMs0GHfqEMtm0V6GXdgU1sXi1ywToFPOH1UvUrWtv6a1gr8
kjWApn12NJR7wRh8wbvBQ5dbPusXV5Z62fvRqHvHR1FFLglvbEICz8IZgWycN4k8
PSy1CN07h1aESDOBlhPQR1KenMe4HmYtibCPpQizYwtSUoTXdg7c76K0ySCLgn2p
mrueE0Kmm1nNb0bND9y3fMyJj+G56jslANc=
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:27:41 2025 by rpki-client