Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IjrjYfDxQnaqu73HCaI9NZP99aY.roa
File: IjrjYfDxQnaqu73HCaI9NZP99aY.roa (raw, json)
Hash identifier: EMjEX1lQD1fe02ixdZmOzc2m8jqmEx8HUhzBk5zU/Dw=
Subject key identifier: 22:3A:E3:61:F0:F1:42:76:AA:BB:BD:C7:09:A2:3D:35:93:FD:F5:A6
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0197583995ED396B772AE19AA9B5208732D0
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IjrjYfDxQnaqu73HCaI9NZP99aY.roa
Signing time: Tue 10 Jun 2025 05:04:18 +0000
ROA not before: Tue 10 Jun 2025 05:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209155
IP address blocks: 203.188.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 13:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:39:95:ed:39:6b:77:2a:e1:9a:a9:b5:20:87:32:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 10 05:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=223ae361f0f14276aabbbdc709a23d3593fdf5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:c2:16:fd:de:df:5f:3e:23:34:8c:30:f3:
00:74:39:4e:9b:f9:e5:c3:2e:a5:f6:82:dc:8b:4e:
da:25:51:0e:a0:fb:f5:ea:56:74:02:9d:35:06:df:
4d:40:2f:7b:6c:9a:58:1a:85:60:7f:ad:1d:1c:02:
8a:6d:6e:d2:27:06:d3:78:13:89:8c:d5:61:3c:8c:
d7:da:fb:e5:8c:50:9a:d0:08:8f:14:19:19:b4:42:
c4:b9:79:d1:d9:a7:35:6f:97:53:a5:99:07:1b:6c:
fa:74:65:21:7b:03:2e:50:a8:3d:1d:bc:bd:e4:a8:
23:d9:58:43:95:30:6e:ac:d3:89:d5:f0:89:88:c6:
9f:f1:df:8e:94:d2:9f:e9:58:48:df:f5:96:d1:80:
2b:74:65:8a:0b:bc:cb:f4:06:4f:d1:2a:c1:c4:51:
36:6c:4c:6c:8b:d3:ea:d7:89:f4:93:eb:4e:4d:78:
1c:a8:0d:ff:4e:c6:b0:50:8a:90:7a:0b:2d:70:7a:
7a:2a:21:38:c0:5c:31:64:c0:86:30:3f:c9:92:ff:
68:14:9c:37:46:a8:c8:a5:51:13:e6:0e:ce:a0:79:
4d:f6:24:f5:ea:ae:cf:c7:34:df:cd:9a:ab:db:5c:
8e:4f:8e:a5:8e:f9:33:ad:8c:5e:ff:da:0c:db:39:
c1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3A:E3:61:F0:F1:42:76:AA:BB:BD:C7:09:A2:3D:35:93:FD:F5:A6
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IjrjYfDxQnaqu73HCaI9NZP99aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.188.166.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:36:12:84:d4:c6:8e:13:aa:2a:b6:39:34:98:ac:68:a3:9b:
5c:1d:7a:d9:3d:64:98:58:d0:5d:25:f3:06:85:67:48:8c:e7:
0d:5e:90:9c:82:97:fa:b9:14:06:ce:80:a3:62:9e:fc:bc:42:
17:0b:5c:b4:5c:cf:4f:26:6a:ed:c8:b3:d9:04:3d:7e:4e:7f:
56:5b:80:98:ae:64:f6:5c:6b:da:c3:97:18:98:12:63:fa:b9:
ad:96:bc:c8:5a:11:6b:00:ef:03:87:e2:24:f8:61:c3:cf:d1:
9c:49:03:9a:45:2c:ad:83:50:1d:3b:e7:2c:f5:dc:52:99:e1:
fd:1a:66:27:de:bf:8e:a6:fd:19:ab:04:b0:f8:4c:f3:4e:0f:
cd:2e:de:fc:f8:9d:5d:42:0f:ab:b7:ac:63:dc:a4:bc:1b:9c:
4f:aa:9c:15:e0:5b:58:c6:8a:e8:94:76:0b:88:06:59:a4:25:
8a:15:5d:c9:e4:03:3a:34:a6:a6:0d:90:a1:16:b9:23:c2:47:
83:16:fa:29:01:8f:24:78:c4:c2:b8:04:df:79:da:1a:30:45:
0d:60:0e:2a:97:59:77:3a:ad:3a:76:bb:88:7d:6a:be:05:4c:
b4:2a:8e:8c:4b:d6:9a:e4:a8:06:4f:6e:1d:6e:c4:66:17:f4:
94:b7:c7:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdYOZXtOWt3KuGaqbUghzLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjEwMDUwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNhZTM2MWYwZjE0Mjc2YWFiYmJkYzcwOWEyM2QzNTkzZmRmNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurPCFv3e318+IzSMMPMAdDlOm/nl
wy6l9oLci07aJVEOoPv16lZ0Ap01Bt9NQC97bJpYGoVgf60dHAKKbW7SJwbTeBOJ
jNVhPIzX2vvljFCa0AiPFBkZtELEuXnR2ac1b5dTpZkHG2z6dGUhewMuUKg9Hby9
5Kgj2VhDlTBurNOJ1fCJiMaf8d+OlNKf6VhI3/WW0YArdGWKC7zL9AZP0SrBxFE2
bExsi9Pq14n0k+tOTXgcqA3/TsawUIqQegstcHp6KiE4wFwxZMCGMD/Jkv9oFJw3
RqjIpVET5g7OoHlN9iT16q7PxzTfzZqr21yOT46ljvkzrYxe/9oM2znBiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCI642Hw8UJ2qru9xwmiPTWT/fWmMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSWpyallmRHhRbmFxdTczSENhSTlOWlA5OWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy7ymMA0G
CSqGSIb3DQEBCwUAA4IBAQDhNhKE1MaOE6oqtjk0mKxoo5tcHXrZPWSYWNBdJfMG
hWdIjOcNXpCcgpf6uRQGzoCjYp78vEIXC1y0XM9PJmrtyLPZBD1+Tn9WW4CYrmT2
XGvaw5cYmBJj+rmtlrzIWhFrAO8Dh+Ik+GHDz9GcSQOaRSytg1AdO+cs9dxSmeH9
GmYn3r+Opv0ZqwSw+EzzTg/NLt78+J1dQg+rt6xj3KS8G5xPqpwV4FtYxorolHYL
iAZZpCWKFV3J5AM6NKamDZChFrkjwkeDFvopAY8keMTCuATfedoaMEUNYA4ql1l3
Oq06druIfWq+BUy0Ko6MS9aa5KgGT24dbsRmF/SUt8c0
-----END CERTIFICATE-----
Generated at Tue Jun 17 21:57:11 2025 by rpki-client