Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/2cU_Yyosgv72VzuSZ-lEPM4bEA0.roa
File: 2cU_Yyosgv72VzuSZ-lEPM4bEA0.roa (raw, json)
Hash identifier: rOVsbZQ+258/yYvznSDjCoRvmCP4xDAfS/95mmV0VJ8=
Subject key identifier: D9:C5:3F:63:2A:2C:82:FE:F6:57:3B:92:67:E9:44:3C:CE:1B:10:0D
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 019865EA945E08660B245A3A02943CDDA3E8
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/2cU_Yyosgv72VzuSZ-lEPM4bEA0.roa
Signing time: Fri 01 Aug 2025 13:55:28 +0000
ROA not before: Fri 01 Aug 2025 13:55:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 188.73.0.0/18 maxlen: 24
188.231.0.0/17 maxlen: 24
188.231.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:ea:94:5e:08:66:0b:24:5a:3a:02:94:3c:dd:a3:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Aug 1 13:55:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9c53f632a2c82fef6573b9267e9443cce1b100d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:b2:2a:b9:20:76:4e:8f:63:cf:5e:b7:ce:
fb:8d:11:ff:58:ee:fa:9a:58:2c:37:f0:a9:b4:48:
3a:8b:12:88:fb:e1:9c:e6:c0:2f:7d:b9:89:97:dd:
72:29:c3:76:95:84:20:52:dd:32:5b:cb:29:69:24:
73:c3:1b:bf:34:96:a7:c2:ae:65:14:60:52:1b:6e:
87:ef:d0:cd:e2:c5:33:c9:3b:d0:c6:a3:e9:35:55:
8e:a2:72:23:6a:83:94:1e:7c:72:d0:7d:82:de:9d:
03:52:70:51:49:55:90:88:19:1e:f2:a6:12:d2:b2:
eb:44:c2:12:84:b9:3a:df:14:59:58:2f:47:04:b9:
05:7f:58:d5:21:bf:af:0e:96:d8:e0:c9:27:8f:19:
f8:3d:67:22:99:2e:9c:56:f6:5c:0a:83:f7:e6:08:
ee:c5:a5:50:40:b2:6e:12:72:0c:05:a1:97:61:eb:
b3:24:35:e6:3b:b1:1b:5b:5c:ce:63:59:ee:e5:c6:
e2:6a:b4:e5:d1:5a:53:da:fe:7b:78:c6:eb:c2:1b:
61:e4:9e:e8:29:f0:0d:64:51:e5:14:d1:86:e3:4e:
18:cb:fb:a2:15:64:bb:f5:fe:e7:2b:44:85:66:2d:
b3:bf:70:46:7f:78:7a:bb:5b:2f:59:de:a4:fe:ad:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C5:3F:63:2A:2C:82:FE:F6:57:3B:92:67:E9:44:3C:CE:1B:10:0D
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/2cU_Yyosgv72VzuSZ-lEPM4bEA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.0.0/18
188.231.0.0/17
Signature Algorithm: sha256WithRSAEncryption
5a:40:ae:dc:4f:a3:c3:42:3d:1c:fb:66:43:c8:97:a1:e0:e6:
2e:8c:76:cd:4b:fc:3e:7c:31:dd:31:3f:4a:30:55:fd:5a:17:
6f:e3:21:c0:fa:d3:dd:ee:45:c6:4f:bb:c0:89:30:e4:91:50:
2d:99:a2:35:c8:ba:7a:7e:1e:2d:1d:56:12:42:9b:62:85:48:
9a:7f:9b:b3:a6:99:25:2b:00:75:0d:ec:ff:3d:eb:60:74:89:
06:b4:df:57:aa:5b:a1:74:45:d7:1a:de:31:9f:e9:fc:f8:d0:
20:02:9f:32:5a:38:ba:d5:65:51:4b:aa:1d:92:86:83:09:39:
7c:2c:39:42:17:55:da:c7:dd:be:b2:f8:07:c8:48:b7:08:4a:
64:71:c4:5d:f2:ec:d7:3a:e2:d1:4d:ab:74:c6:96:7c:be:11:
69:fa:fa:54:52:bc:1f:e1:53:56:f9:07:a9:4e:4f:d9:68:3c:
1c:bf:fd:72:9e:a6:e4:75:70:e9:54:a7:2e:6f:56:40:98:56:
bf:9f:88:25:d5:a1:36:b3:94:63:69:63:a6:90:47:d8:36:d1:
07:ad:94:ff:a8:20:79:50:c6:00:bc:d9:3c:be:83:dc:02:81:
13:08:f1:0d:d5:6f:0e:cc:f0:91:6e:5c:be:00:04:cb:a0:4f:
4d:df:c8:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhl6pReCGYLJFo6ApQ83aPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjUwODAxMTM1NTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM1M2Y2MzJhMmM4MmZlZjY1NzNiOTI2N2U5NDQzY2NlMWIxMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQSyKrkgdk6PY89et877jRH/WO76
mlgsN/CptEg6ixKI++Gc5sAvfbmJl91yKcN2lYQgUt0yW8spaSRzwxu/NJanwq5l
FGBSG26H79DN4sUzyTvQxqPpNVWOonIjaoOUHnxy0H2C3p0DUnBRSVWQiBke8qYS
0rLrRMIShLk63xRZWC9HBLkFf1jVIb+vDpbY4Mknjxn4PWcimS6cVvZcCoP35gju
xaVQQLJuEnIMBaGXYeuzJDXmO7EbW1zOY1nu5cbiarTl0VpT2v57eMbrwhth5J7o
KfANZFHlFNGG404Yy/uiFWS79f7nK0SFZi2zv3BGf3h6u1svWd6k/q3q+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNnFP2MqLIL+9lc7kmfpRDzOGxANMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvMmNVX1l5b3NndjcyVnp1U1otbEVQTTRiRUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGvEkAAwQH
vOcAMA0GCSqGSIb3DQEBCwUAA4IBAQBaQK7cT6PDQj0c+2ZDyJeh4OYujHbNS/w+
fDHdMT9KMFX9Whdv4yHA+tPd7kXGT7vAiTDkkVAtmaI1yLp6fh4tHVYSQptihUia
f5uzppklKwB1Dez/PetgdIkGtN9XqluhdEXXGt4xn+n8+NAgAp8yWji61WVRS6od
koaDCTl8LDlCF1Xax92+svgHyEi3CEpkccRd8uzXOuLRTat0xpZ8vhFp+vpUUrwf
4VNW+QepTk/ZaDwcv/1ynqbkdXDpVKcub1ZAmFa/n4gl1aE2s5RjaWOmkEfYNtEH
rZT/qCB5UMYAvNk8voPcAoETCPEN1W8OzPCRbly+AATLoE9N38i4
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:08:32 2025 by rpki-client