Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PYt8kOHzO0s7QVgsvS4-fTKkKs0.roa
File: PYt8kOHzO0s7QVgsvS4-fTKkKs0.roa (raw, json)
Hash identifier: d4L9drFSeWTKHOjHC/+6DEDn+TwjBuQXfP9K4MifJqg=
Subject key identifier: 3D:8B:7C:90:E1:F3:3B:4B:3B:41:58:2C:BD:2E:3E:7D:32:A4:2A:CD
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 01987FB008234132B6C922CC94D50E463830
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PYt8kOHzO0s7QVgsvS4-fTKkKs0.roa
Signing time: Wed 06 Aug 2025 14:01:39 +0000
ROA not before: Wed 06 Aug 2025 14:01:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.148.132.0/22 maxlen: 24
93.88.158.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.130.0/24 maxlen: 24
95.155.131.0/24 maxlen: 24
95.155.132.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/24 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.151.0/24 maxlen: 24
95.155.156.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
95.155.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:b0:08:23:41:32:b6:c9:22:cc:94:d5:0e:46:38:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Aug 6 14:01:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8b7c90e1f33b4b3b41582cbd2e3e7d32a42acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:cd:55:00:e5:a0:a1:0e:7d:cc:71:bb:6c:
f9:8f:91:c5:c9:86:87:12:af:fe:18:6e:35:fc:a8:
31:fd:09:9a:f4:95:28:fb:de:4c:04:39:79:6e:6e:
12:c0:4c:5a:17:72:08:37:49:43:96:6c:f6:96:35:
1f:01:b4:50:4f:e6:69:87:df:c0:50:36:ca:f1:64:
29:70:f8:bf:30:70:9a:e1:1f:7b:14:71:24:92:c6:
06:95:85:96:52:df:6b:19:d6:f5:d7:5b:7e:2c:11:
d2:7d:ea:bf:a6:1b:56:42:35:72:4c:d4:24:c8:e2:
ac:e5:5f:93:b1:b8:bc:65:1b:81:cf:20:fb:70:a7:
42:7b:80:ee:90:a2:62:3d:73:ce:99:a5:b5:a7:2c:
ec:b2:e6:b3:99:47:9d:56:21:8a:2c:3e:99:26:08:
77:3d:99:74:60:48:e9:ab:4b:c7:cb:69:a8:a8:51:
af:3a:3c:24:4e:fa:e6:38:10:17:06:b1:81:11:43:
b9:60:18:c9:0d:05:56:5c:cf:54:27:de:9c:08:41:
d2:d3:48:35:61:1e:bd:58:a6:77:ea:bc:96:7a:7e:
89:e0:91:98:0f:3e:67:02:a1:5a:d8:e2:80:3e:c2:
5a:11:fe:46:ac:c5:d1:6e:20:e3:88:5d:15:74:30:
ef:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:7C:90:E1:F3:3B:4B:3B:41:58:2C:BD:2E:3E:7D:32:A4:2A:CD
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/PYt8kOHzO0s7QVgsvS4-fTKkKs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.132.0/22
93.88.158.0/24
95.155.129.0-95.155.132.255
95.155.144.0/24
95.155.146.0-95.155.151.255
95.155.156.0-95.155.158.255
Signature Algorithm: sha256WithRSAEncryption
7d:f4:65:b3:a6:2e:a7:fc:45:a5:e0:39:0e:e6:d5:7f:50:75:
9d:f4:0d:f1:31:30:2d:d9:41:74:35:4d:e8:63:12:1a:9a:bb:
bb:62:1c:62:be:df:cb:78:d2:85:9c:ff:74:79:1a:91:13:19:
cb:06:88:1e:b6:94:4c:d1:c2:6d:2f:a1:de:15:9b:d1:7e:cb:
74:a9:56:42:95:85:8b:1c:e3:f1:37:79:d9:8e:dd:53:4a:86:
b3:87:45:db:9c:fe:e3:99:e9:7d:01:c4:27:6a:5f:81:33:17:
fb:2d:8a:20:20:26:25:6d:e4:2f:e2:c8:dd:01:63:1b:1f:93:
7a:2e:b6:50:93:c1:38:90:63:d9:f0:d7:1f:10:8b:b9:e1:36:
db:96:2d:e6:2d:c0:cf:38:9d:1e:25:05:40:cf:e9:67:4c:38:
8e:f7:52:4e:a1:9e:4f:de:89:ca:c9:9e:e2:d9:d1:67:9c:7e:
82:58:65:2e:4d:19:63:ea:81:f7:16:ab:8b:91:4a:3e:96:d1:
ff:1c:67:10:52:37:61:58:4f:3c:a6:60:5c:03:89:3e:c7:4e:
ad:3d:c6:27:df:2c:4f:53:25:f2:19:5c:b1:b8:d0:fa:a1:9c:
77:5f:c2:1a:a8:3c:61:a4:65:85:0a:f2:d5:34:cc:be:ab:2d:
f9:5a:d4:2f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZh/sAgjQTK2ySLMlNUORjgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwODA2MTQwMTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhiN2M5MGUxZjMzYjRiM2I0MTU4MmNiZDJlM2U3ZDMyYTQyYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8LNVQDloKEOfcxxu2z5j5HFyYaH
Eq/+GG41/Kgx/Qma9JUo+95MBDl5bm4SwExaF3IIN0lDlmz2ljUfAbRQT+Zph9/A
UDbK8WQpcPi/MHCa4R97FHEkksYGlYWWUt9rGdb111t+LBHSfeq/phtWQjVyTNQk
yOKs5V+Tsbi8ZRuBzyD7cKdCe4DukKJiPXPOmaW1pyzssuazmUedViGKLD6ZJgh3
PZl0YEjpq0vHy2moqFGvOjwkTvrmOBAXBrGBEUO5YBjJDQVWXM9UJ96cCEHS00g1
YR69WKZ36ryWen6J4JGYDz5nAqFa2OKAPsJaEf5GrMXRbiDjiF0VdDDvEwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFD2LfJDh8ztLO0FYLL0uPn0ypCrNMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvUFl0OGtPSHpPMHM3UVZnc3ZTNC1mVEtrS3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCJZSEAwQA
XVieMAwDBABfm4EDBABfm4QDBABfm5AwDAMEAV+bkgMEA1+bkDAMAwQCX5ucAwQA
X5ueMA0GCSqGSIb3DQEBCwUAA4IBAQB99GWzpi6n/EWl4DkO5tV/UHWd9A3xMTAt
2UF0NU3oYxIamru7Yhxivt/LeNKFnP90eRqRExnLBogetpRM0cJtL6HeFZvRfst0
qVZClYWLHOPxN3nZjt1TSoazh0XbnP7jmel9AcQnal+BMxf7LYogICYlbeQv4sjd
AWMbH5N6LrZQk8E4kGPZ8NcfEIu54Tbbli3mLcDPOJ0eJQVAz+lnTDiO91JOoZ5P
3onKyZ7i2dFnnH6CWGUuTRlj6oH3FquLkUo+ltH/HGcQUjdhWE88pmBcA4k+x06t
PcYn3yxPUyXyGVyxuND6oZx3X8IaqDxhpGWFCvLVNMy+qy35WtQv
-----END CERTIFICATE-----
Generated at Mon Aug 11 06:30:00 2025 by rpki-client