Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/v_SKShFDpQLE97FIfb9dU2f7gTw.roa
File: v_SKShFDpQLE97FIfb9dU2f7gTw.roa (raw, json)
Hash identifier: oAcmeVOLuoyrXmmJm/ud/VikfiniUaev/5ojXR6Otro=
Subject key identifier: BF:F4:8A:4A:11:43:A5:02:C4:F7:B1:48:7D:BF:5D:53:67:FB:81:3C
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 0198562F2D05E272274D28BA740E530E7F2D
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/v_SKShFDpQLE97FIfb9dU2f7gTw.roa
Signing time: Tue 29 Jul 2025 12:36:29 +0000
ROA not before: Tue 29 Jul 2025 12:36:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214783
IP address blocks: 86.105.224.0/24 maxlen: 24
146.19.172.0/24 maxlen: 24
185.234.13.0/24 maxlen: 24
2a11:1400:5000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 00:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:2f:2d:05:e2:72:27:4d:28:ba:74:0e:53:0e:7f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: Jul 29 12:36:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bff48a4a1143a502c4f7b1487dbf5d5367fb813c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:52:7f:66:e3:9b:0f:7f:bd:3f:20:6d:38:97:
c8:7c:44:c9:88:3e:93:17:ae:64:34:57:e6:b8:19:
e7:3b:59:a2:8a:a2:20:a5:dc:6c:6f:d0:7e:43:25:
95:22:90:70:a1:8a:3c:8a:6c:2d:bb:56:db:18:7d:
09:53:dd:0a:71:5e:65:31:a5:7e:33:11:30:65:f6:
fa:bc:c1:50:37:00:ba:ef:6c:6a:8c:3d:24:c8:c6:
ab:46:3b:15:19:c2:8f:51:1f:d8:bf:18:cc:b4:fd:
4a:9b:4a:da:c2:29:d7:18:ab:a2:5a:e6:a0:99:52:
05:ee:54:de:54:57:60:60:12:c2:f9:d4:00:b5:73:
dc:d6:87:6e:d9:84:3a:7a:ee:4e:78:ef:72:69:1c:
86:30:b9:34:ed:21:23:00:27:79:3d:7e:3e:8b:51:
6d:a2:bd:cc:94:e6:24:6e:f2:11:63:11:6b:b4:af:
c0:dd:e6:57:b0:90:4c:99:17:5f:62:6c:d8:57:52:
1f:6a:99:cb:4e:f2:f3:30:53:80:ee:68:7d:b6:72:
9d:31:ed:c5:ce:0b:79:1a:30:a0:a7:c2:fb:f2:f5:
7a:32:3b:07:9c:ec:b0:86:95:9a:61:4b:e8:22:6a:
f8:b5:be:54:18:2d:fd:52:00:36:98:8c:67:c7:49:
a6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F4:8A:4A:11:43:A5:02:C4:F7:B1:48:7D:BF:5D:53:67:FB:81:3C
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/v_SKShFDpQLE97FIfb9dU2f7gTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.224.0/24
146.19.172.0/24
185.234.13.0/24
IPv6:
2a11:1400:5000::/44
Signature Algorithm: sha256WithRSAEncryption
2d:c6:ba:c6:19:44:9a:e8:3a:e4:c2:46:d4:ff:48:11:bb:2d:
8a:fc:99:0b:49:02:35:55:3f:49:79:0c:4e:9e:a3:39:e8:8c:
d9:8c:e1:38:1a:2d:26:35:fe:fc:c8:ec:bc:c8:b0:28:98:5d:
2b:6f:f5:09:b8:db:1f:19:00:eb:0e:f6:b5:d1:9d:7f:ed:22:
fc:5f:f5:2d:42:a8:30:6f:40:f1:b2:f6:76:0a:1d:26:d8:98:
6d:18:8b:6c:09:a7:99:7c:fc:8b:7d:eb:b7:1d:08:6e:b1:14:
6a:0f:15:0d:90:94:56:70:85:e6:8b:b9:49:8c:e5:b5:33:fa:
12:78:f7:5d:f2:3a:e2:e7:5c:e0:65:ae:d7:fa:ed:8a:5e:5d:
2d:c7:f1:5b:1a:f8:da:28:59:04:57:4d:9b:97:f3:62:33:91:
ca:fc:c0:46:1d:1f:9e:f2:69:29:8f:c3:29:a5:bf:6e:c3:e9:
49:a7:63:b0:aa:5c:8d:0c:61:9d:41:27:79:3d:3f:62:a4:c3:
3d:ff:cb:77:c2:e4:6d:d5:05:52:30:ed:48:60:68:63:74:b7:
ce:94:a3:6c:58:14:e5:e7:f8:05:82:2b:c7:d5:e2:6d:f9:1f:
89:08:00:0f:72:5e:7e:cb:91:ea:ce:90:c8:5a:bd:cc:84:f4:
8c:a8:26:78
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZhWLy0F4nInTSi6dA5TDn8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjUwNzI5MTIzNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmY0OGE0YTExNDNhNTAyYzRmN2IxNDg3ZGJmNWQ1MzY3ZmI4MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFJ/ZuObD3+9PyBtOJfIfETJiD6T
F65kNFfmuBnnO1miiqIgpdxsb9B+QyWVIpBwoYo8imwtu1bbGH0JU90KcV5lMaV+
MxEwZfb6vMFQNwC672xqjD0kyMarRjsVGcKPUR/YvxjMtP1Km0rawinXGKuiWuag
mVIF7lTeVFdgYBLC+dQAtXPc1odu2YQ6eu5OeO9yaRyGMLk07SEjACd5PX4+i1Ft
or3MlOYkbvIRYxFrtK/A3eZXsJBMmRdfYmzYV1IfapnLTvLzMFOA7mh9tnKdMe3F
zgt5GjCgp8L78vV6MjsHnOywhpWaYUvoImr4tb5UGC39UgA2mIxnx0mmqQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL/0ikoRQ6UCxPexSH2/XVNn+4E8MB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvdl9TS1NoRkRwUUxFOTdGSWZiOWRVMmY3Z1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAVmngAwQA
khOsAwQAueoNMA8EAgACMAkDBwQqERQAUAAwDQYJKoZIhvcNAQELBQADggEBAC3G
usYZRJroOuTCRtT/SBG7LYr8mQtJAjVVP0l5DE6eoznojNmM4TgaLSY1/vzI7LzI
sCiYXStv9Qm42x8ZAOsO9rXRnX/tIvxf9S1CqDBvQPGy9nYKHSbYmG0Yi2wJp5l8
/It967cdCG6xFGoPFQ2QlFZwheaLuUmM5bUz+hJ4913yOuLnXOBlrtf67YpeXS3H
8Vsa+NooWQRXTZuX82Izkcr8wEYdH57yaSmPwymlv27D6UmnY7CqXI0MYZ1BJ3k9
P2Kkwz3/y3fC5G3VBVIw7UhgaGN0t86Uo2xYFOXn+AWCK8fV4m35H4kIAA9yXn7L
kerOkMhavcyE9IyoJng=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:20:16 2025 by rpki-client