Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/PqTOmFPSGAKNeE2YcblZG_Wl6iY.roa
File: PqTOmFPSGAKNeE2YcblZG_Wl6iY.roa (raw, json)
Hash identifier: 8Xr6waKnu+E2qqO+UtOvKWYxqXyjlVupEIsHjk9OnCs=
Subject key identifier: 3E:A4:CE:98:53:D2:18:02:8D:78:4D:98:71:B9:59:1B:F5:A5:EA:26
Certificate issuer: /CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Certificate serial: 0197BFC0A46831C87BFBF406573C8E38501F
Authority key identifier: F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/PqTOmFPSGAKNeE2YcblZG_Wl6iY.roa
Signing time: Mon 30 Jun 2025 07:32:42 +0000
ROA not before: Mon 30 Jun 2025 07:32:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202191
IP address blocks: 185.26.208.0/24 maxlen: 24
185.26.209.0/24 maxlen: 24
185.26.210.0/23 maxlen: 23
185.26.210.0/24 maxlen: 24
185.26.211.0/24 maxlen: 24
193.53.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:c0:a4:68:31:c8:7b:fb:f4:06:57:3c:8e:38:50:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Validity
Not Before: Jun 30 07:32:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ea4ce9853d218028d784d9871b9591bf5a5ea26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7d:34:d5:54:c5:50:82:00:cb:07:07:d2:e8:
cc:ac:37:88:61:a2:d3:2a:29:81:5a:47:25:89:f2:
60:a3:4d:60:58:01:d4:f5:65:49:05:ba:21:26:5b:
f6:fd:5a:3c:16:a2:37:9e:dc:7b:d0:6d:f7:2e:f8:
b8:e4:82:91:3f:5c:65:d2:0c:33:28:bd:31:42:ef:
b4:83:ee:ae:e6:fc:89:03:08:5c:73:5d:37:6f:3f:
4d:bc:22:fd:d7:d3:e2:e7:87:da:bb:73:6b:e5:26:
2f:94:0e:e1:0d:4f:a6:18:ee:eb:ea:c1:08:01:64:
49:14:56:37:93:aa:e3:fd:0f:54:71:38:aa:f9:ea:
be:b5:ce:3d:68:c1:0b:42:d7:74:c6:eb:8e:48:91:
e6:7f:42:7f:df:9b:91:cd:a6:97:3f:36:8b:80:93:
0e:ca:f2:d1:b1:6d:86:04:89:11:fd:08:6d:a2:e9:
a1:96:e5:61:b6:a6:28:f0:7a:75:5e:9a:29:f5:d9:
67:2f:e3:68:75:66:87:82:74:fe:b1:45:14:de:be:
97:83:c8:59:85:2c:2c:34:10:3c:95:8d:eb:b6:b6:
14:fb:e6:d1:b5:b1:69:d0:a5:85:55:1f:ff:b1:37:
ba:14:b6:ce:a2:57:73:b3:81:fc:56:81:d5:c6:f1:
b0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A4:CE:98:53:D2:18:02:8D:78:4D:98:71:B9:59:1B:F5:A5:EA:26
X509v3 Authority Key Identifier:
keyid:F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/PqTOmFPSGAKNeE2YcblZG_Wl6iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.208.0/22
193.53.39.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c2:78:f2:4f:e6:81:62:c1:a8:5e:bd:6e:57:15:8e:05:d0:
3c:33:34:44:d0:60:f4:19:67:2e:3d:ba:ea:e6:63:1b:8f:d3:
8a:0f:9c:b3:b8:8a:fb:a5:a9:b6:d7:85:83:44:22:48:ec:75:
4c:d3:13:76:1c:9d:fc:43:0e:b2:7b:56:c6:e5:4d:90:d0:dd:
40:cd:dc:ca:79:bb:8d:b7:8e:cb:9e:74:2c:5d:c4:25:d3:03:
22:ad:b8:83:86:7c:38:19:2b:53:90:15:91:14:b6:6d:0f:f5:
0b:ef:bf:53:48:81:4a:57:14:e7:e9:d7:c4:8d:9d:68:f8:28:
ab:36:d1:63:38:43:62:47:0e:78:ca:a7:9e:a2:1f:b0:f2:af:
a3:45:23:c6:ad:4d:d8:ab:95:dd:4b:6b:ab:16:8d:af:90:fe:
41:b1:ab:18:d3:10:1f:f3:ac:a1:cd:3d:88:d1:af:33:ca:65:
cb:1e:37:bd:ed:17:a2:94:fb:16:40:a7:74:35:ad:65:56:84:
cc:54:18:c1:e6:f8:5a:70:cb:bf:75:5a:23:34:1a:f7:b9:72:
18:b2:22:cd:11:19:1d:5a:3a:41:d2:62:18:03:78:99:40:ba:
ea:f8:ec:39:08:b8:cf:6c:00:2d:ff:06:3a:19:87:2a:b4:f3:
07:43:a4:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZe/wKRoMch7+/QGVzyOOFAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NjMyNDdkMGQ4M2I5ZjYwOGNmODY0ZjQyN2NkZmU5NGIy
NTJhMTAwHhcNMjUwNjMwMDczMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE0Y2U5ODUzZDIxODAyOGQ3ODRkOTg3MWI5NTkxYmY1YTVlYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH001VTFUIIAywcH0ujMrDeIYaLT
KimBWkclifJgo01gWAHU9WVJBbohJlv2/Vo8FqI3ntx70G33Lvi45IKRP1xl0gwz
KL0xQu+0g+6u5vyJAwhcc103bz9NvCL919Pi54fau3Nr5SYvlA7hDU+mGO7r6sEI
AWRJFFY3k6rj/Q9UcTiq+eq+tc49aMELQtd0xuuOSJHmf0J/35uRzaaXPzaLgJMO
yvLRsW2GBIkR/QhtoumhluVhtqYo8Hp1Xpop9dlnL+NodWaHgnT+sUUU3r6Xg8hZ
hSwsNBA8lY3rtrYU++bRtbFp0KWFVR//sTe6FLbOoldzs4H8VoHVxvGwLQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD6kzphT0hgCjXhNmHG5WRv1peomMB8GA1UdIwQY
MBaAFPljJH0Ng7n2CM+GT0J83+lLJSoQMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1XTWtmUTJEdWZZSXo0WlBRbnpmNlVzbEtoQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5
LTJkN2YzODQ3NGMwOC8xL1BxVE9tRlBTR0FLTmVFMlljYmxaR19XbDZpWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5LTJkN2YzODQ3NGMw
OC8xLzEtV01rZlEyRHVmWUl6NFpQUW56ZjZVc2xLaEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5GtAD
BADBNScwDQYJKoZIhvcNAQELBQADggEBAGbCePJP5oFiwahevW5XFY4F0DwzNETQ
YPQZZy49uurmYxuP04oPnLO4ivulqbbXhYNEIkjsdUzTE3YcnfxDDrJ7VsblTZDQ
3UDN3Mp5u423jsuedCxdxCXTAyKtuIOGfDgZK1OQFZEUtm0P9Qvvv1NIgUpXFOfp
18SNnWj4KKs20WM4Q2JHDnjKp56iH7Dyr6NFI8atTdirld1La6sWja+Q/kGxqxjT
EB/zrKHNPYjRrzPKZcseN73tF6KU+xZAp3Q1rWVWhMxUGMHm+Fpwy791WiM0Gve5
chiyIs0RGR1aOkHSYhgDeJlAuur47DkIuM9sAC3/BjoZhyq08wdDpP0=
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:35:20 2025 by rpki-client