Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/DEQLPd7kVP4LAfpRUwqx7t6qC3c.roa
File: DEQLPd7kVP4LAfpRUwqx7t6qC3c.roa (raw, json)
Hash identifier: 97bH2Jfesvh4hZCUhnNQlMTsv9wODQy0lXnaunvUmc8=
Subject key identifier: 0C:44:0B:3D:DE:E4:54:FE:0B:01:FA:51:53:0A:B1:EE:DE:AA:0B:77
Certificate issuer: /CN=ed64691c31892cc991ad4e9a9671147759e417ab
Certificate serial: 0197782FA59348C824766ADE61BA518B4B38
Authority key identifier: ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/DEQLPd7kVP4LAfpRUwqx7t6qC3c.roa
Signing time: Mon 16 Jun 2025 10:01:17 +0000
ROA not before: Mon 16 Jun 2025 10:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34689
IP address blocks: 95.131.202.0/24 maxlen: 24
185.75.242.0/24 maxlen: 24
185.75.243.0/24 maxlen: 24
2a05:5502::/32 maxlen: 32
2a13:9400::/32 maxlen: 32
2a13:9401::/32 maxlen: 32
2a13:9402::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:2f:a5:93:48:c8:24:76:6a:de:61:ba:51:8b:4b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed64691c31892cc991ad4e9a9671147759e417ab
Validity
Not Before: Jun 16 10:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c440b3ddee454fe0b01fa51530ab1eedeaa0b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9c:c5:56:a5:06:a8:37:5f:b3:b4:bc:82:f4:
cb:6e:59:d1:41:91:05:79:3d:0d:39:0d:2f:c8:fb:
85:41:1a:55:64:49:16:4d:a6:a7:e6:da:cd:0a:66:
77:5e:9e:99:fe:3b:23:88:18:de:b4:8b:eb:35:e9:
5b:c0:b8:a4:8c:aa:d5:92:ff:9d:b0:f9:8f:e8:2a:
c4:dc:c6:ac:40:d0:06:28:8c:eb:04:b6:ac:65:d9:
2f:99:71:cf:17:f5:94:40:62:c4:66:a6:17:0e:d9:
f3:20:68:6d:d1:7a:57:56:a0:09:a3:28:ca:8b:ea:
2d:37:95:f5:f8:70:26:e7:81:71:1a:2a:81:55:9f:
ec:de:15:46:45:77:14:39:b9:1f:fc:b0:48:ba:31:
9c:e7:ad:7a:88:d8:81:f9:5c:e5:7f:e9:59:55:4d:
6a:de:8c:01:91:5c:81:69:50:f9:81:0b:ae:98:07:
4d:d3:5b:08:03:25:2e:81:f4:d8:c9:4f:24:89:34:
2c:18:7a:c4:e6:f0:55:ef:07:94:83:a4:61:f1:fe:
ec:66:72:6b:a7:9e:84:2c:23:e2:f5:9d:df:fb:43:
02:fb:ab:93:1a:ed:50:1e:0f:90:bf:40:20:f8:1f:
b8:b6:ca:d9:1d:22:e7:18:22:10:3f:c3:88:64:3f:
2d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:44:0B:3D:DE:E4:54:FE:0B:01:FA:51:53:0A:B1:EE:DE:AA:0B:77
X509v3 Authority Key Identifier:
keyid:ED:64:69:1C:31:89:2C:C9:91:AD:4E:9A:96:71:14:77:59:E4:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WRpHDGJLMmRrU6alnEUd1nkF6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/DEQLPd7kVP4LAfpRUwqx7t6qC3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f67d09-8923-4152-95f2-7c7db21230a3/1/7WRpHDGJLMmRrU6alnEUd1nkF6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.202.0/24
185.75.242.0/23
IPv6:
2a05:5502::/32
2a13:9400::-2a13:9402:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:c1:0b:ea:da:e3:14:d0:70:19:86:ac:12:a5:01:14:f3:ec:
6b:2d:81:28:fa:fd:1f:61:0e:ac:a8:92:5b:d3:89:fb:74:37:
1b:cf:2e:e0:86:f0:f4:9e:c9:9e:8e:d7:18:b1:39:fd:73:01:
27:4d:1a:b8:3f:13:ba:a4:53:1c:1e:cb:1c:e5:42:76:db:21:
eb:97:70:e2:14:c6:62:09:8d:aa:03:92:d7:45:de:8f:89:15:
f5:47:d4:b7:63:99:87:a0:b5:13:6c:03:ac:fe:e0:69:f6:27:
6e:9a:e8:8d:91:12:e2:36:52:f1:f4:6a:21:77:28:eb:31:6c:
79:ac:b3:0b:f4:d2:de:ee:60:ec:02:84:74:27:9f:f7:ea:9f:
35:ee:b6:32:9d:b1:91:30:e5:3e:a8:e4:00:4a:4f:96:50:9d:
03:1e:52:4d:86:9a:6e:96:eb:fa:7c:91:27:36:3e:25:1a:64:
e6:08:cb:5a:66:74:2a:50:05:f1:c9:46:ad:63:9b:f9:4a:53:
ee:2c:99:95:ed:c3:5a:49:a8:2a:65:20:f2:93:da:59:ce:32:
0e:42:e7:fc:32:77:5c:e9:97:37:12:87:4b:01:eb:9d:ce:ed:
a7:cc:80:e0:e2:67:38:a7:37:1c:40:e2:1c:e2:53:7c:56:7c:
11:94:fc:b8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZd4L6WTSMgkdmreYbpRi0s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjQ2OTFjMzE4OTJjYzk5MWFkNGU5YTk2NzExNDc3NTll
NDE3YWIwHhcNMjUwNjE2MTAwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ0MGIzZGRlZTQ1NGZlMGIwMWZhNTE1MzBhYjFlZWRlYWEwYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45zFVqUGqDdfs7S8gvTLblnRQZEF
eT0NOQ0vyPuFQRpVZEkWTaan5trNCmZ3Xp6Z/jsjiBjetIvrNelbwLikjKrVkv+d
sPmP6CrE3MasQNAGKIzrBLasZdkvmXHPF/WUQGLEZqYXDtnzIGht0XpXVqAJoyjK
i+otN5X1+HAm54FxGiqBVZ/s3hVGRXcUObkf/LBIujGc5616iNiB+Vzlf+lZVU1q
3owBkVyBaVD5gQuumAdN01sIAyUugfTYyU8kiTQsGHrE5vBV7weUg6Rh8f7sZnJr
p56ELCPi9Z3f+0MC+6uTGu1QHg+Qv0Ag+B+4tsrZHSLnGCIQP8OIZD8tHwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAxECz3e5FT+CwH6UVMKse7eqgt3MB8GA1UdIwQY
MBaAFO1kaRwxiSzJka1OmpZxFHdZ5BerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjIt
N2M3ZGIyMTIzMGEzLzEvREVRTFBkN2tWUDRMQWZwUlV3cXg3dDZxQzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNjdkMDktODkyMy00MTUyLTk1ZjItN2M3ZGIyMTIzMGEz
LzEvN1dScEhER0pMTW1SclU2YWxuRVVkMW5rRjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjASBAIAATAMAwQAX4PKAwQB
uUvyMBwEAgACMBYDBQAqBVUCMA0DBAIqE5QDBQAqE5QCMA0GCSqGSIb3DQEBCwUA
A4IBAQAnwQvq2uMU0HAZhqwSpQEU8+xrLYEo+v0fYQ6sqJJb04n7dDcbzy7ghvD0
nsmejtcYsTn9cwEnTRq4PxO6pFMcHssc5UJ22yHrl3DiFMZiCY2qA5LXRd6PiRX1
R9S3Y5mHoLUTbAOs/uBp9idumuiNkRLiNlLx9GohdyjrMWx5rLML9NLe7mDsAoR0
J5/36p817rYynbGRMOU+qOQASk+WUJ0DHlJNhppuluv6fJEnNj4lGmTmCMtaZnQq
UAXxyUatY5v5SlPuLJmV7cNaSagqZSDyk9pZzjIOQuf8Mndc6Zc3EodLAeudzu2n
zIDg4mc4pzccQOIc4lN8VnwRlPy4
-----END CERTIFICATE-----
Generated at Tue Jun 17 16:49:34 2025 by rpki-client