Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/X7AbURR2iVFhkbsUOSRABvp19rw.roa
File: X7AbURR2iVFhkbsUOSRABvp19rw.roa (raw, json)
Hash identifier: QqkAKSZiThJiSl/ggoW54Ag5K4Xe4BJNoeVorGuKsRQ=
Subject key identifier: 5F:B0:1B:51:14:76:89:51:61:91:BB:14:39:24:40:06:FA:75:F6:BC
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01984FDD12E62C077F6A3AA6C9149093F20A
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/X7AbURR2iVFhkbsUOSRABvp19rw.roa
Signing time: Mon 28 Jul 2025 07:09:04 +0000
ROA not before: Mon 28 Jul 2025 07:09:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4f:dd:12:e6:2c:07:7f:6a:3a:a6:c9:14:90:93:f2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jul 28 07:09:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fb01b51147689516191bb1439244006fa75f6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:40:15:11:c2:22:bd:f5:71:b7:fb:0b:2f:af:
f8:c2:a7:76:ad:27:a2:59:bb:13:fc:9a:e3:64:98:
31:82:88:07:2e:6f:08:2f:58:44:e7:9e:42:77:fe:
37:31:b7:ba:da:a7:6e:e2:ca:6a:e1:ef:cc:06:0f:
7c:6d:aa:6c:0c:25:c8:e3:6a:ba:6d:80:5e:1a:99:
9f:e6:67:56:cf:eb:5a:c8:6d:89:a0:cb:9d:56:94:
ac:d0:7e:2b:9f:eb:1b:ab:cc:04:3c:4d:53:5b:1e:
8a:71:d7:c1:8a:3f:6f:d5:0c:51:fb:19:e9:3f:09:
bb:6f:ca:b7:71:e1:cd:c3:4d:f2:47:c4:a3:e6:2d:
78:3d:cc:01:74:0e:7b:7d:bb:04:10:93:b2:8d:30:
54:11:94:ae:a2:a5:5d:2a:92:38:a4:68:40:e9:0e:
61:9b:73:db:a8:76:0b:a9:ed:64:cf:ec:66:b0:9b:
54:2f:1e:1a:79:09:51:50:0a:50:6a:b1:bf:0e:f3:
d9:db:61:ec:c3:05:d4:2b:80:d3:2a:28:cd:55:e0:
9c:79:c8:c5:2f:67:e5:16:d5:08:71:c8:37:24:2f:
0d:fd:d7:02:15:58:76:e0:b6:d4:fe:88:fb:7a:22:
f1:f5:2d:a0:fa:1b:43:8c:a4:33:e4:ed:80:7c:25:
66:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B0:1B:51:14:76:89:51:61:91:BB:14:39:24:40:06:FA:75:F6:BC
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/X7AbURR2iVFhkbsUOSRABvp19rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.2.0-193.232.4.255
193.232.6.0/24
193.232.8.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.28.0/24
193.232.31.0/24
193.232.192.0-193.232.197.255
193.232.207.0/24
193.232.212.0/24
193.232.218.0/23
Signature Algorithm: sha256WithRSAEncryption
98:ad:1c:df:5f:9a:1b:94:97:66:41:24:b2:0d:60:aa:23:0b:
48:45:b3:b9:0e:15:04:ee:d8:07:f3:f1:e3:11:83:14:b7:83:
f3:5b:d0:aa:6e:ed:fa:3f:b1:53:0d:68:3e:8d:42:82:24:a9:
bd:99:41:0d:3b:12:1e:af:4b:83:fd:e9:e7:0e:d6:8e:1d:80:
f3:8d:5b:aa:18:98:33:ff:6b:6e:dd:ef:03:85:75:4a:12:dc:
37:be:5f:7b:40:7f:c8:f3:b3:d1:81:dc:33:b7:9c:b1:13:7b:
88:82:50:96:95:39:58:6d:38:56:9c:4d:38:9f:a5:fb:61:5a:
28:79:06:2d:ed:c9:04:99:48:49:21:eb:fe:3d:3d:82:a9:e4:
07:cd:6f:2c:2f:a2:7d:0e:5e:29:23:d9:0a:02:35:3c:ba:4d:
51:e2:91:02:b1:c6:dd:68:f5:08:09:06:01:b8:fb:ea:92:df:
93:88:16:15:e8:59:b2:27:a2:ab:1c:1b:cb:89:76:10:76:11:
c5:56:5d:c6:e8:b3:42:ba:a2:d4:c1:36:86:a1:4f:03:48:83:
a3:41:a7:33:75:16:73:55:3a:b6:f5:8d:e6:cc:a5:1f:8a:d3:
03:0b:c8:2f:ff:01:83:0f:41:45:ca:dc:97:57:3f:2b:51:ad:
e7:81:19:45
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZhP3RLmLAd/ajqmyRSQk/IKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNzI4MDcwOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmIwMWI1MTE0NzY4OTUxNjE5MWJiMTQzOTI0NDAwNmZhNzVmNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUAVEcIivfVxt/sLL6/4wqd2rSei
WbsT/JrjZJgxgogHLm8IL1hE555Cd/43Mbe62qdu4spq4e/MBg98bapsDCXI42q6
bYBeGpmf5mdWz+tayG2JoMudVpSs0H4rn+sbq8wEPE1TWx6KcdfBij9v1QxR+xnp
Pwm7b8q3ceHNw03yR8Sj5i14PcwBdA57fbsEEJOyjTBUEZSuoqVdKpI4pGhA6Q5h
m3PbqHYLqe1kz+xmsJtULx4aeQlRUApQarG/DvPZ22HswwXUK4DTKijNVeCcecjF
L2flFtUIccg3JC8N/dcCFVh24LbU/oj7eiLx9S2g+htDjKQz5O2AfCVmzQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFF+wG1EUdolRYZG7FDkkQAb6dfa8MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvWDdBYlVSUjJpVkZoa2JzVU9TUkFCdnAxOXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBAHB6AID
BADB6AQDBADB6AYwDAMEA8HoCAMEAcHoDAMEAMHoEQMEAMHoEwMEAMHoHAMEAMHo
HzAMAwQGwejAAwQBwejEAwQAwejPAwQAwejUAwQBwejaMA0GCSqGSIb3DQEBCwUA
A4IBAQCYrRzfX5oblJdmQSSyDWCqIwtIRbO5DhUE7tgH8/HjEYMUt4PzW9Cqbu36
P7FTDWg+jUKCJKm9mUENOxIer0uD/ennDtaOHYDzjVuqGJgz/2tu3e8DhXVKEtw3
vl97QH/I87PRgdwzt5yxE3uIglCWlTlYbThWnE04n6X7YVooeQYt7ckEmUhJIev+
PT2CqeQHzW8sL6J9Dl4pI9kKAjU8uk1R4pECscbdaPUICQYBuPvqkt+TiBYV6Fmy
J6KrHBvLiXYQdhHFVl3G6LNCuqLUwTaGoU8DSIOjQaczdRZzVTq29Y3mzKUfitMD
C8gv/wGDD0FFytyXVz8rUa3ngRlF
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:20:51 2025 by rpki-client