Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/paTtElWGmU9hAIEDu_IgYgPtAVs.roa
File: paTtElWGmU9hAIEDu_IgYgPtAVs.roa (raw, json)
Hash identifier: gF5VuGVggwKtY1Dsuv7xJ4ySU2bi6uUiiENjoaY2rmc=
Subject key identifier: A5:A4:ED:12:55:86:99:4F:61:00:81:03:BB:F2:20:62:03:ED:01:5B
Certificate issuer: /CN=0e5e32ff207c32f5a69894baeab56bf633dbaa1e
Certificate serial: 0197634C4A05DF153B178D28CD641A2724EE
Authority key identifier: 0E:5E:32:FF:20:7C:32:F5:A6:98:94:BA:EA:B5:6B:F6:33:DB:AA:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/paTtElWGmU9hAIEDu_IgYgPtAVs.roa
Signing time: Thu 12 Jun 2025 08:40:33 +0000
ROA not before: Thu 12 Jun 2025 08:40:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211943
IP address blocks: 185.85.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:4c:4a:05:df:15:3b:17:8d:28:cd:64:1a:27:24:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e5e32ff207c32f5a69894baeab56bf633dbaa1e
Validity
Not Before: Jun 12 08:40:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5a4ed125586994f61008103bbf2206203ed015b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c4:2c:4d:cc:6d:02:8e:ed:6d:9e:06:e8:73:
c1:b5:0c:4e:2d:74:a4:ef:44:7d:45:58:6e:c6:1c:
69:5b:5d:ac:d8:91:41:35:25:3b:fd:8b:de:12:01:
53:32:a3:08:f1:b9:a5:35:a9:47:4b:e1:b8:07:a6:
8e:8c:1a:70:c0:5d:d0:ed:99:cb:f1:68:7c:d6:84:
01:86:b1:18:b0:5d:e5:6a:7e:6e:ef:50:87:d0:96:
3c:9d:3a:33:5a:a4:d4:9f:26:93:02:e5:ce:da:41:
f3:ce:2d:3b:64:aa:21:a5:6c:2d:9f:61:cc:5f:00:
b8:56:21:8c:72:ec:4d:09:03:56:69:c5:72:54:fd:
6f:0a:62:0d:5a:6e:ef:f2:7f:ae:da:81:57:70:d6:
15:5f:84:25:e7:85:38:22:b1:bd:31:c8:fc:b0:b5:
7b:d3:ee:78:7f:6e:f1:33:11:88:a4:79:16:4d:b4:
a1:e2:a8:85:4d:40:bd:da:d9:f0:2c:b2:e4:02:8b:
87:ce:ee:11:56:8e:01:94:99:c3:90:2c:61:04:af:
e9:b2:2c:4d:fe:ef:d2:dc:fa:42:c2:67:54:c5:70:
ff:3d:f7:62:9a:50:53:66:30:d0:8b:cc:52:51:01:
cc:ea:09:e3:dd:15:d2:a1:d3:d0:54:c9:5b:c4:13:
8f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A4:ED:12:55:86:99:4F:61:00:81:03:BB:F2:20:62:03:ED:01:5B
X509v3 Authority Key Identifier:
keyid:0E:5E:32:FF:20:7C:32:F5:A6:98:94:BA:EA:B5:6B:F6:33:DB:AA:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dl4y_yB8MvWmmJS66rVr9jPbqh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/paTtElWGmU9hAIEDu_IgYgPtAVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/be9f29-0006-465e-9437-4ba8cb1501fd/1/Dl4y_yB8MvWmmJS66rVr9jPbqh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.252.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:80:81:68:7e:11:92:ad:aa:d4:45:f0:3e:16:38:88:84:e2:
28:98:ca:fa:4c:e5:33:93:64:38:c1:8c:83:c3:34:1a:98:0b:
87:51:0c:90:50:d3:8d:dd:cf:f3:c2:86:24:67:0e:77:a4:a0:
1f:67:20:cd:66:d7:f9:ae:f5:5f:d6:64:1d:f4:8e:e5:83:ce:
f9:73:a6:03:b5:44:4c:4f:8c:dc:ca:25:a9:eb:39:b8:38:0c:
e7:65:13:52:5a:c3:f1:ac:36:68:61:4a:1b:f6:18:f5:3a:a7:
75:4d:08:cd:99:ed:2f:a8:28:ef:aa:27:0e:53:19:f1:12:5d:
b6:80:ba:23:12:93:1f:02:7f:3f:83:5a:61:4b:8d:bb:48:96:
2c:ff:53:c1:4a:68:1b:dd:b1:28:80:c4:6a:91:33:70:1b:47:
be:25:cb:a0:ee:be:32:4e:6e:f3:f6:0c:63:31:f6:bb:0f:c6:
ae:b3:57:a3:8f:62:50:80:ff:7b:fc:0a:45:e9:5b:d6:5b:26:
67:68:15:ac:b7:15:02:12:db:a7:9d:8e:1f:c0:0e:4d:e6:d1:
b2:86:d9:ed:e8:cf:88:a5:07:d3:bf:65:4b:5e:db:21:3f:47:
b3:22:7d:32:2e:b4:9e:5e:6b:87:01:c3:86:f0:6f:16:35:8e:
1f:3c:30:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdjTEoF3xU7F40ozWQaJyTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNWUzMmZmMjA3YzMyZjVhNjk4OTRiYWVhYjU2YmY2MzNk
YmFhMWUwHhcNMjUwNjEyMDg0MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE0ZWQxMjU1ODY5OTRmNjEwMDgxMDNiYmYyMjA2MjAzZWQwMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcQsTcxtAo7tbZ4G6HPBtQxOLXSk
70R9RVhuxhxpW12s2JFBNSU7/YveEgFTMqMI8bmlNalHS+G4B6aOjBpwwF3Q7ZnL
8Wh81oQBhrEYsF3lan5u71CH0JY8nTozWqTUnyaTAuXO2kHzzi07ZKohpWwtn2HM
XwC4ViGMcuxNCQNWacVyVP1vCmINWm7v8n+u2oFXcNYVX4Ql54U4IrG9Mcj8sLV7
0+54f27xMxGIpHkWTbSh4qiFTUC92tnwLLLkAouHzu4RVo4BlJnDkCxhBK/psixN
/u/S3PpCwmdUxXD/PfdimlBTZjDQi8xSUQHM6gnj3RXSodPQVMlbxBOPEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWk7RJVhplPYQCBA7vyIGID7QFbMB8GA1UdIwQY
MBaAFA5eMv8gfDL1ppiUuuq1a/Yz26oeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGw0eV95QjhNdldtbUpTNjZyVnI5alBicWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZTlmMjktMDAwNi00NjVlLTk0Mzct
NGJhOGNiMTUwMWZkLzEvcGFUdEVsV0dtVTloQUlFRHVfSWdZZ1B0QVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZTlmMjktMDAwNi00NjVlLTk0MzctNGJhOGNiMTUwMWZk
LzEvRGw0eV95QjhNdldtbUpTNjZyVnI5alBicWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAdgIFofhGSrarURfA+FjiIhOIomMr6TOUzk2Q4wYyD
wzQamAuHUQyQUNON3c/zwoYkZw53pKAfZyDNZtf5rvVf1mQd9I7lg875c6YDtURM
T4zcyiWp6zm4OAznZRNSWsPxrDZoYUob9hj1Oqd1TQjNme0vqCjvqicOUxnxEl22
gLojEpMfAn8/g1phS427SJYs/1PBSmgb3bEogMRqkTNwG0e+Jcug7r4yTm7z9gxj
Mfa7D8aus1ejj2JQgP97/ApF6VvWWyZnaBWstxUCEtunnY4fwA5N5tGyhtnt6M+I
pQfTv2VLXtshP0ezIn0yLrSeXmuHAcOG8G8WNY4fPDDL
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:27:57 2025 by rpki-client