Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/He25UWkTLLFKhTHFzz-APm0o_4c.roa
File: He25UWkTLLFKhTHFzz-APm0o_4c.roa (raw, json)
Hash identifier: qf89l1jhdOX3RHCcx3FCmLLItRgQ6aCJ5/hEoWKez8g=
Subject key identifier: 1D:ED:B9:51:69:13:2C:B1:4A:85:31:C5:CF:3F:80:3E:6D:28:FF:87
Certificate issuer: /CN=3f56231e7ef53181b630260f5739a939980bce0f
Certificate serial: 01975DA005F5D618626FBF2D3442F4EC79E1
Authority key identifier: 3F:56:23:1E:7E:F5:31:81:B6:30:26:0F:57:39:A9:39:98:0B:CE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1YjHn71MYG2MCYPVzmpOZgLzg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/He25UWkTLLFKhTHFzz-APm0o_4c.roa
Signing time: Wed 11 Jun 2025 06:14:17 +0000
ROA not before: Wed 11 Jun 2025 06:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 193.106.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/P1YjHn71MYG2MCYPVzmpOZgLzg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/P1YjHn71MYG2MCYPVzmpOZgLzg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/P1YjHn71MYG2MCYPVzmpOZgLzg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:a0:05:f5:d6:18:62:6f:bf:2d:34:42:f4:ec:79:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f56231e7ef53181b630260f5739a939980bce0f
Validity
Not Before: Jun 11 06:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dedb95169132cb14a8531c5cf3f803e6d28ff87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b2:26:82:f1:fb:df:19:10:25:55:44:03:7a:
49:50:8e:5b:e2:ac:6d:aa:a0:dc:58:8d:3c:48:3d:
af:90:89:54:c6:16:55:05:1e:4a:42:33:5c:62:b3:
ba:dd:03:3e:18:e2:96:74:bc:0d:ec:9c:3e:1d:c6:
cd:ac:2e:19:a5:35:80:79:d5:02:35:6b:b0:9b:f6:
b8:94:a9:fb:71:33:30:12:3f:87:37:aa:e9:e2:60:
86:c7:8d:d2:48:41:c0:d7:bb:d1:b2:62:d7:19:5b:
b9:14:49:56:02:6f:dc:fa:5b:35:20:38:1d:93:9c:
5c:c5:c8:bd:3a:62:3b:b4:1c:e2:ac:65:98:7c:ee:
87:d9:eb:45:70:8b:84:38:ed:54:d8:13:30:0d:5b:
e5:cf:76:ae:28:8d:e3:94:87:b9:42:5f:90:75:e7:
f7:e6:b9:fb:c4:7a:48:fc:40:0d:ab:58:14:1d:c5:
ca:c5:0b:8f:f6:86:d8:6b:9c:f6:cd:77:49:e1:d8:
47:03:19:35:c3:a0:6a:95:57:5b:cb:0b:24:64:3b:
bb:9f:5a:b3:cd:d8:b7:0d:91:7f:7d:9d:12:9d:73:
9e:f6:72:d0:e8:9b:f9:b3:f8:12:18:26:45:9c:0f:
50:88:75:17:02:d8:43:19:6d:2a:00:27:a9:a8:c1:
ba:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:ED:B9:51:69:13:2C:B1:4A:85:31:C5:CF:3F:80:3E:6D:28:FF:87
X509v3 Authority Key Identifier:
keyid:3F:56:23:1E:7E:F5:31:81:B6:30:26:0F:57:39:A9:39:98:0B:CE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1YjHn71MYG2MCYPVzmpOZgLzg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/He25UWkTLLFKhTHFzz-APm0o_4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/P1YjHn71MYG2MCYPVzmpOZgLzg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.191.0/24
Signature Algorithm: sha256WithRSAEncryption
82:04:9b:4a:af:1f:f5:c8:44:43:ae:6e:de:86:34:f4:15:c3:
2e:60:aa:b0:dc:c5:bb:c5:06:54:45:0c:91:34:df:2d:c0:b3:
d6:b6:87:43:60:db:2d:6a:46:33:cd:2f:07:7c:f9:7e:1c:72:
cf:08:2c:e0:7e:70:da:0f:94:b0:08:33:35:f5:0d:a0:d6:d2:
3a:98:cb:33:b8:8f:0b:ba:b8:9f:a0:c5:85:2d:40:16:aa:c6:
f5:25:15:b8:ac:77:78:e2:25:09:62:92:3b:dd:19:07:14:ec:
6d:75:ad:aa:de:5b:de:f4:65:b5:0f:34:de:7c:97:1c:f4:c7:
74:4b:f1:b7:dd:09:de:5c:cc:fb:95:0c:ea:42:15:b4:23:27:
06:3c:8e:f5:87:7f:b5:08:ee:cb:77:3d:e3:cd:1e:71:65:a1:
72:9f:5f:28:01:2b:ed:9c:f7:04:f0:6a:e0:60:14:06:24:e8:
18:8d:14:2a:24:21:aa:c6:e1:ac:b6:c7:f3:c3:ef:89:8b:18:
80:d9:fe:dd:44:a4:00:3b:a4:6a:f8:af:fd:f1:af:09:42:df:
55:98:31:f4:dc:26:ee:c3:9f:e2:11:dc:2c:a5:5c:99:6d:8b:
b5:b2:1e:ba:12:cf:18:62:8a:b5:9f:0b:9c:b3:62:bd:28:07:
9f:f6:85:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZddoAX11hhib78tNEL07HnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNTYyMzFlN2VmNTMxODFiNjMwMjYwZjU3MzlhOTM5OTgw
YmNlMGYwHhcNMjUwNjExMDYxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVkYjk1MTY5MTMyY2IxNGE4NTMxYzVjZjNmODAzZTZkMjhmZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7ImgvH73xkQJVVEA3pJUI5b4qxt
qqDcWI08SD2vkIlUxhZVBR5KQjNcYrO63QM+GOKWdLwN7Jw+HcbNrC4ZpTWAedUC
NWuwm/a4lKn7cTMwEj+HN6rp4mCGx43SSEHA17vRsmLXGVu5FElWAm/c+ls1IDgd
k5xcxci9OmI7tBzirGWYfO6H2etFcIuEOO1U2BMwDVvlz3auKI3jlIe5Ql+Qdef3
5rn7xHpI/EANq1gUHcXKxQuP9obYa5z2zXdJ4dhHAxk1w6BqlVdbywskZDu7n1qz
zdi3DZF/fZ0SnXOe9nLQ6Jv5s/gSGCZFnA9QiHUXAthDGW0qACepqMG69QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3tuVFpEyyxSoUxxc8/gD5tKP+HMB8GA1UdIwQY
MBaAFD9WIx5+9TGBtjAmD1c5qTmYC84PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDFZakhuNzFNWUcyTUNZUFZ6bXBPWmdMemc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81YzJlMzYtYTlkYi00NTIyLWE2M2Ut
NDU1ZGRjN2Q5ZTM4LzEvSGUyNVVXa1RMTEZLaFRIRnp6LUFQbTBvXzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81YzJlMzYtYTlkYi00NTIyLWE2M2UtNDU1ZGRjN2Q5ZTM4
LzEvUDFZakhuNzFNWUcyTUNZUFZ6bXBPWmdMemc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWq/MA0G
CSqGSIb3DQEBCwUAA4IBAQCCBJtKrx/1yERDrm7ehjT0FcMuYKqw3MW7xQZURQyR
NN8twLPWtodDYNstakYzzS8HfPl+HHLPCCzgfnDaD5SwCDM19Q2g1tI6mMszuI8L
urifoMWFLUAWqsb1JRW4rHd44iUJYpI73RkHFOxtda2q3lve9GW1DzTefJcc9Md0
S/G33QneXMz7lQzqQhW0IycGPI71h3+1CO7Ldz3jzR5xZaFyn18oASvtnPcE8Grg
YBQGJOgYjRQqJCGqxuGstsfzw++JixiA2f7dRKQAO6Rq+K/98a8JQt9VmDH03Cbu
w5/iEdwspVyZbYu1sh66Es8YYoq1nwucs2K9KAef9oUA
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:45:29 2025 by rpki-client