Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/0yv-YpT7EAlDFfaPmF8_vcpGZrw.roa
File: 0yv-YpT7EAlDFfaPmF8_vcpGZrw.roa (raw, json)
Hash identifier: FCFF4a6p1Kz9hIASitWn3Cuesp3ppA1vaf6u6HK9VUE=
Subject key identifier: D3:2B:FE:62:94:FB:10:09:43:15:F6:8F:98:5F:3F:BD:CA:46:66:BC
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01986CAC0373183A7F40EC56C2FACBCBBD8C
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/0yv-YpT7EAlDFfaPmF8_vcpGZrw.roa
Signing time: Sat 02 Aug 2025 21:24:29 +0000
ROA not before: Sat 02 Aug 2025 21:24:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35285
IP address blocks: 193.189.122.0/24 maxlen: 24
193.189.123.0/24 maxlen: 24
194.225.70.0/24 maxlen: 24
2001:678:b1::/48 maxlen: 48
2001:14e8:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6c:ac:03:73:18:3a:7f:40:ec:56:c2:fa:cb:cb:bd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Aug 2 21:24:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d32bfe6294fb10094315f68f985f3fbdca4666bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:35:4b:a3:17:8f:6a:07:9a:c3:5f:be:2d:
44:ef:fe:20:42:c3:33:5f:1a:a3:cc:68:e0:bf:47:
2d:d1:86:d4:9f:6b:9d:a1:e6:a9:20:85:66:c3:66:
1a:20:05:42:47:a7:21:36:72:06:59:f2:6a:1e:49:
9f:06:3a:b4:a6:36:4f:3c:78:70:3c:28:c4:52:2a:
ee:9c:f3:92:79:eb:1b:48:44:fb:21:67:d3:00:3d:
0b:e5:b8:a2:da:63:00:8d:84:d4:04:05:f5:5a:bd:
95:e0:91:4d:1a:ad:8a:37:77:49:e5:46:ad:77:85:
5f:f2:52:d8:2d:52:04:4f:45:17:4c:71:d6:8d:9b:
45:87:6e:00:27:fe:fe:12:d1:29:52:1b:fe:97:fa:
9d:30:65:59:3f:ec:ef:42:31:c7:60:94:74:64:55:
9f:5e:52:06:3d:95:bf:ba:8b:fd:58:c5:54:61:1b:
b2:21:2d:78:ff:98:1a:e9:c1:82:b6:f1:5f:a4:dd:
33:ee:d0:fb:ad:3b:49:62:a2:3e:a7:b8:22:f1:de:
3a:a9:60:1c:b8:d9:bc:0d:83:71:17:39:0a:a0:69:
17:16:77:75:92:ca:a6:bd:c2:4d:bf:fb:5f:7a:3d:
64:35:ad:f8:8c:b3:c2:6d:03:dc:8b:b8:bc:bc:d9:
58:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2B:FE:62:94:FB:10:09:43:15:F6:8F:98:5F:3F:BD:CA:46:66:BC
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/0yv-YpT7EAlDFfaPmF8_vcpGZrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.122.0/23
194.225.70.0/24
IPv6:
2001:678:b1::/48
2001:14e8:c::/48
Signature Algorithm: sha256WithRSAEncryption
4d:98:8f:af:1e:13:90:79:33:15:d6:6a:fc:42:38:39:29:50:
2c:4a:fd:3e:25:94:49:90:f1:df:51:c8:e7:e8:de:97:55:5a:
ab:83:87:35:3e:21:f0:a0:43:73:42:b1:27:84:73:7b:00:b9:
12:31:6c:2b:e8:31:79:c0:7a:ad:59:b7:fb:cb:34:fe:70:30:
24:cc:bb:95:bf:23:6c:9e:f9:32:e3:40:77:ea:67:4a:bc:5e:
1f:81:56:de:1a:fb:23:26:bf:3a:da:0b:e2:8c:36:92:d6:a2:
a8:86:a2:ca:b4:ea:62:1d:ac:ae:e5:0a:63:3d:91:c1:34:15:
2a:6e:02:02:3f:5e:9d:4c:d1:c9:ae:f3:07:62:32:6f:4d:28:
e2:89:93:0f:0f:7a:bc:e9:c4:ba:27:25:30:5a:3e:ed:39:f3:
05:cd:47:b9:7a:31:15:dc:ca:03:84:08:cb:a0:54:eb:62:61:
cf:fd:d6:c7:a1:86:d8:a8:81:10:ed:63:1a:7e:cd:aa:07:6f:
f8:80:48:aa:49:36:c5:de:0a:60:53:3c:d7:ed:f6:71:89:a9:
60:63:5f:f7:f0:03:f9:86:b0:dd:e0:96:8e:66:60:a2:95:11:
3c:1b:58:7d:23:44:cf:fd:2e:03:4e:fc:ef:d6:97:7b:25:1a:
84:94:29:71
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhsrANzGDp/QOxWwvrLy72MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjUwODAyMjEyNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJiZmU2Mjk0ZmIxMDA5NDMxNWY2OGY5ODVmM2ZiZGNhNDY2NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQU1S6MXj2oHmsNfvi1E7/4gQsMz
XxqjzGjgv0ct0YbUn2udoeapIIVmw2YaIAVCR6chNnIGWfJqHkmfBjq0pjZPPHhw
PCjEUirunPOSeesbSET7IWfTAD0L5bii2mMAjYTUBAX1Wr2V4JFNGq2KN3dJ5Uat
d4Vf8lLYLVIET0UXTHHWjZtFh24AJ/7+EtEpUhv+l/qdMGVZP+zvQjHHYJR0ZFWf
XlIGPZW/uov9WMVUYRuyIS14/5ga6cGCtvFfpN0z7tD7rTtJYqI+p7gi8d46qWAc
uNm8DYNxFzkKoGkXFnd1ksqmvcJNv/tfej1kNa34jLPCbQPci7i8vNlY+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNMr/mKU+xAJQxX2j5hfP73KRma8MB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvMHl2LVlwVDdFQWxERmZhUG1GOF92Y3BHWnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBwb16AwQA
wuFGMBgEAgACMBIDBwAgAQZ4ALEDBwAgARToAAwwDQYJKoZIhvcNAQELBQADggEB
AE2Yj68eE5B5MxXWavxCODkpUCxK/T4llEmQ8d9RyOfo3pdVWquDhzU+IfCgQ3NC
sSeEc3sAuRIxbCvoMXnAeq1Zt/vLNP5wMCTMu5W/I2ye+TLjQHfqZ0q8Xh+BVt4a
+yMmvzraC+KMNpLWoqiGosq06mIdrK7lCmM9kcE0FSpuAgI/Xp1M0cmu8wdiMm9N
KOKJkw8PerzpxLonJTBaPu058wXNR7l6MRXcygOECMugVOtiYc/91sehhtiogRDt
Yxp+zaoHb/iASKpJNsXeCmBTPNft9nGJqWBjX/fwA/mGsN3glo5mYKKVETwbWH0j
RM/9LgNO/O/Wl3slGoSUKXE=
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:33:57 2025 by rpki-client