Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/xkDvueUU9N4cFlL1b_rByr6Kprs.roa
File: xkDvueUU9N4cFlL1b_rByr6Kprs.roa (raw, json)
Hash identifier: zMoJ8gPfKGeY6/o4KCAGexJTMa3L8ZNYU/xVse89JJE=
Subject key identifier: C6:40:EF:B9:E5:14:F4:DE:1C:16:52:F5:6F:FA:C1:CA:BE:8A:A6:BB
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0197797014709DA60DE90DA482E4025770B6
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/xkDvueUU9N4cFlL1b_rByr6Kprs.roa
Signing time: Mon 16 Jun 2025 15:51:17 +0000
ROA not before: Mon 16 Jun 2025 15:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197927
IP address blocks: 130.255.174.0/24 maxlen: 24
146.19.85.0/24 maxlen: 24
193.42.214.0/24 maxlen: 24
193.42.217.0/24 maxlen: 26
2a09:a740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:70:14:70:9d:a6:0d:e9:0d:a4:82:e4:02:57:70:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jun 16 15:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c640efb9e514f4de1c1652f56ffac1cabe8aa6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:87:8c:a6:81:06:47:f7:c6:f2:63:77:8f:b6:
3c:2b:5b:52:db:b9:f0:18:59:8c:47:ac:97:f1:b1:
24:f6:b9:4f:f0:30:67:0d:8f:63:a5:d5:e0:26:e3:
72:15:12:7b:9d:08:37:3a:bf:5c:93:7a:34:97:99:
0b:fe:13:1b:32:b7:61:1a:c7:3e:26:9f:dc:b4:10:
88:de:5c:ba:da:d0:be:b5:1c:6e:7f:2a:09:61:bf:
83:25:d8:8d:09:dd:9e:38:f4:ee:af:12:b6:fe:6b:
90:ea:23:99:34:6c:c2:83:e7:76:07:71:f3:da:6f:
26:30:e0:54:db:2c:78:68:b3:b2:1c:cc:24:8c:7b:
ef:85:f5:69:b8:41:6d:78:6a:34:0a:ad:f9:d9:e8:
2e:3d:38:f3:60:ab:82:ac:0c:b2:e6:d5:49:e2:c5:
cd:f0:35:81:49:5a:63:41:e1:08:dc:4b:54:8a:f4:
49:58:a2:78:80:cf:ea:22:fd:de:d9:8c:fb:54:c7:
9b:af:7b:ae:75:11:9c:5a:33:4a:b9:e2:90:c1:d7:
8a:a9:94:c7:db:be:61:86:cd:c2:69:b8:67:91:f0:
d6:1f:63:8c:ad:8e:d5:91:49:8b:d3:f5:7d:b9:5d:
b8:30:ee:56:af:16:3d:7d:45:3a:dc:12:ad:2f:f9:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:40:EF:B9:E5:14:F4:DE:1C:16:52:F5:6F:FA:C1:CA:BE:8A:A6:BB
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/xkDvueUU9N4cFlL1b_rByr6Kprs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
193.42.214.0/24
193.42.217.0/24
IPv6:
2a09:a740::/32
Signature Algorithm: sha256WithRSAEncryption
0f:cc:14:49:65:57:6b:31:65:09:39:3f:da:1b:6e:12:43:25:
00:37:9e:51:67:8b:69:76:91:1b:bf:8b:53:5a:67:d7:33:97:
ae:33:4d:59:81:68:b0:03:b6:70:f6:02:ee:89:d0:28:d2:fe:
16:41:20:10:9f:3a:7d:34:17:b1:51:58:b2:1b:65:9f:c2:4d:
cd:ed:a7:a8:ef:ec:63:77:87:ed:00:a8:b0:14:16:60:04:af:
ed:ad:95:31:ee:14:10:77:e8:0c:79:bf:9c:56:3b:1f:fa:a0:
da:44:18:37:dd:7f:cb:ec:4b:8d:29:fb:82:74:0a:31:51:21:
40:67:85:95:06:16:37:08:81:27:2f:d2:2c:cd:e5:aa:18:1e:
42:c6:8d:fb:2d:77:c9:82:9a:04:d1:29:db:77:fb:fa:70:79:
5d:4e:9f:86:bf:90:3a:6f:f0:a8:1b:f6:6b:a5:7d:a7:f4:ba:
d0:c1:fd:24:d6:f6:6c:29:bb:a4:6a:8d:94:d1:6c:8f:7e:76:
f6:cb:60:85:c9:49:60:5c:7e:c3:63:e4:09:73:cd:dc:34:4b:
70:fe:89:35:e6:86:f2:fd:81:1b:dd:b8:32:0f:b7:0d:fa:c4:
8b:03:e3:c7:b5:60:04:0c:6f:f2:55:b7:71:81:7d:01:3e:2c:
0d:b4:83:d4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZd5cBRwnaYN6Q2kguQCV3C2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjUwNjE2MTU1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQwZWZiOWU1MTRmNGRlMWMxNjUyZjU2ZmZhYzFjYWJlOGFhNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYeMpoEGR/fG8mN3j7Y8K1tS27nw
GFmMR6yX8bEk9rlP8DBnDY9jpdXgJuNyFRJ7nQg3Or9ck3o0l5kL/hMbMrdhGsc+
Jp/ctBCI3ly62tC+tRxufyoJYb+DJdiNCd2eOPTurxK2/muQ6iOZNGzCg+d2B3Hz
2m8mMOBU2yx4aLOyHMwkjHvvhfVpuEFteGo0Cq352eguPTjzYKuCrAyy5tVJ4sXN
8DWBSVpjQeEI3EtUivRJWKJ4gM/qIv3e2Yz7VMebr3uudRGcWjNKueKQwdeKqZTH
275hhs3CabhnkfDWH2OMrY7VkUmL0/V9uV24MO5WrxY9fUU63BKtL/mKWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMZA77nlFPTeHBZS9W/6wcq+iqa7MB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEveGtEdnVlVVU5TjRjRmxMMWJfckJ5cjZLcHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAgv+uAwQA
khNVAwQAwSrWAwQAwSrZMA0EAgACMAcDBQAqCadAMA0GCSqGSIb3DQEBCwUAA4IB
AQAPzBRJZVdrMWUJOT/aG24SQyUAN55RZ4tpdpEbv4tTWmfXM5euM01ZgWiwA7Zw
9gLuidAo0v4WQSAQnzp9NBexUViyG2Wfwk3N7aeo7+xjd4ftAKiwFBZgBK/trZUx
7hQQd+gMeb+cVjsf+qDaRBg33X/L7EuNKfuCdAoxUSFAZ4WVBhY3CIEnL9IszeWq
GB5Cxo37LXfJgpoE0Snbd/v6cHldTp+Gv5A6b/CoG/ZrpX2n9LrQwf0k1vZsKbuk
ao2U0WyPfnb2y2CFyUlgXH7DY+QJc83cNEtw/ok15oby/YEb3bgyD7cN+sSLA+PH
tWAEDG/yVbdxgX0BPiwNtIPU
-----END CERTIFICATE-----
Generated at Tue Jun 17 13:59:33 2025 by rpki-client