Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ce8LRFwM6wCXX-cKMVilSCLACTA.roa
File: ce8LRFwM6wCXX-cKMVilSCLACTA.roa (raw, json)
Hash identifier: SjdlAeta3OBEM6FH48Ybj415juI53asPm3ETveUv2Eg=
Subject key identifier: 71:EF:0B:44:5C:0C:EB:00:97:5F:E7:0A:31:58:A5:48:22:C0:09:30
Certificate issuer: /CN=65ea93d88a202d51d34d2a903597e76b8f17f0ea
Certificate serial: 019824CBB288347A2BA0D55ACBFDC69A2B3D
Authority key identifier: 65:EA:93:D8:8A:20:2D:51:D3:4D:2A:90:35:97:E7:6B:8F:17:F0:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ce8LRFwM6wCXX-cKMVilSCLACTA.roa
Signing time: Sat 19 Jul 2025 22:26:26 +0000
ROA not before: Sat 19 Jul 2025 22:26:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213887
IP address blocks: 213.165.54.0/24 maxlen: 24
213.165.55.0/24 maxlen: 24
213.165.56.0/24 maxlen: 24
213.165.57.0/24 maxlen: 24
213.165.58.0/24 maxlen: 24
213.165.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:24:cb:b2:88:34:7a:2b:a0:d5:5a:cb:fd:c6:9a:2b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ea93d88a202d51d34d2a903597e76b8f17f0ea
Validity
Not Before: Jul 19 22:26:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71ef0b445c0ceb00975fe70a3158a54822c00930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d5:ef:75:4c:2b:e2:5e:3a:62:f4:d4:a1:d5:
be:ce:be:b9:24:4b:8d:b1:b3:39:e9:2a:15:6b:0a:
64:0a:12:fb:72:01:4f:0a:b4:d9:99:f0:6c:7b:34:
59:ab:2f:9e:44:c6:33:a8:3d:f2:a0:f5:12:0a:ff:
86:4b:4a:e6:42:34:50:86:9b:cc:64:44:e4:7d:44:
98:d2:6b:e2:16:80:a7:8a:17:81:12:0f:ba:af:53:
a4:00:9d:6c:04:cc:d7:a9:4e:4a:e5:4a:e1:32:5c:
0d:21:14:d1:20:c1:40:f8:7d:47:3a:d6:f3:cd:70:
f8:bb:d5:d2:d7:8e:3a:da:dd:ad:b0:61:d0:b3:c0:
68:59:d3:8f:ec:5c:05:93:96:aa:c0:5d:2a:4b:ca:
2d:67:e4:01:66:20:90:e2:57:d3:cf:69:75:fb:39:
f5:2d:50:f7:48:bc:47:39:ca:f2:b5:88:27:fb:42:
da:e5:3d:37:bf:4c:0b:18:89:65:a1:76:95:d1:99:
44:d4:5a:96:2d:48:df:3b:1e:3f:13:3c:ee:b2:90:
04:ae:d2:d9:24:cc:5c:82:63:a6:43:53:51:89:5e:
07:cc:dc:2c:a9:a9:70:5a:ec:97:d9:d8:1a:51:9d:
94:7d:f2:33:9e:39:78:9a:8a:a6:7b:25:88:7c:4a:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EF:0B:44:5C:0C:EB:00:97:5F:E7:0A:31:58:A5:48:22:C0:09:30
X509v3 Authority Key Identifier:
keyid:65:EA:93:D8:8A:20:2D:51:D3:4D:2A:90:35:97:E7:6B:8F:17:F0:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ce8LRFwM6wCXX-cKMVilSCLACTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.165.54.0-213.165.59.255
Signature Algorithm: sha256WithRSAEncryption
8b:3b:a3:90:bf:a5:2f:99:34:5f:5d:f4:c9:f9:7b:b9:aa:9a:
ca:9a:38:93:f9:eb:27:c8:ee:7a:44:5e:d0:df:6e:4f:e3:c2:
7c:e8:00:95:6c:50:4c:3c:50:57:d5:9b:8d:9e:a7:42:79:28:
98:89:b5:05:c9:e7:6b:a6:d8:92:31:20:50:42:90:22:b4:aa:
27:93:ca:8e:1b:bb:e2:20:fe:5e:c0:92:3d:42:14:9e:da:48:
a2:d2:7d:9a:e8:66:36:72:0e:bb:b7:fe:b2:fd:06:2c:2b:a5:
52:88:56:6b:64:0e:5b:30:c8:4f:03:f6:1e:43:28:39:a3:a2:
bc:3f:a8:98:24:b1:d6:96:3a:bf:aa:fd:6a:7c:4f:79:18:16:
dd:45:f2:9f:ac:13:f6:78:91:43:24:ef:1a:e9:c0:39:e5:1d:
36:f2:d3:0f:34:97:3f:f2:0a:27:93:d4:54:00:99:12:0f:b5:
9f:1d:5e:d7:e1:fc:77:92:be:e7:af:6b:10:8f:56:1c:a3:87:
d3:7b:1e:06:89:71:91:45:ef:48:30:e8:f6:55:65:bf:5f:f8:
fd:54:7d:7b:f2:96:20:2b:df:6a:8a:39:3b:b9:9e:98:37:fc:
5a:8d:ab:bb:05:42:27:af:d3:b0:6d:0d:78:bf:2f:1c:d4:c6:
2e:f2:23:92
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZgky7KINHoroNVay/3Gmis9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZWE5M2Q4OGEyMDJkNTFkMzRkMmE5MDM1OTdlNzZiOGYx
N2YwZWEwHhcNMjUwNzE5MjIyNjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVmMGI0NDVjMGNlYjAwOTc1ZmU3MGEzMTU4YTU0ODIyYzAwOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdXvdUwr4l46YvTUodW+zr65JEuN
sbM56SoVawpkChL7cgFPCrTZmfBsezRZqy+eRMYzqD3yoPUSCv+GS0rmQjRQhpvM
ZETkfUSY0mviFoCniheBEg+6r1OkAJ1sBMzXqU5K5UrhMlwNIRTRIMFA+H1HOtbz
zXD4u9XS14462t2tsGHQs8BoWdOP7FwFk5aqwF0qS8otZ+QBZiCQ4lfTz2l1+zn1
LVD3SLxHOcrytYgn+0La5T03v0wLGIlloXaV0ZlE1FqWLUjfOx4/EzzuspAErtLZ
JMxcgmOmQ1NRiV4HzNwsqalwWuyX2dgaUZ2UffIznjl4moqmeyWIfEo99QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHHvC0RcDOsAl1/nCjFYpUgiwAkwMB8GA1UdIwQY
MBaAFGXqk9iKIC1R000qkDWX52uPF/DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmVxVDJJb2dMVkhUVFNxUU5aZm5hNDhYOE9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81NGVhYzAtNzFmZC00NmU5LTllMWIt
Y2UxYmJhNjkxYjM3LzEvY2U4TFJGd002d0NYWC1jS01WaWxTQ0xBQ1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC81NGVhYzAtNzFmZC00NmU5LTllMWItY2UxYmJhNjkxYjM3
LzEvWmVxVDJJb2dMVkhUVFNxUU5aZm5hNDhYOE9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHVpTYD
BALVpTgwDQYJKoZIhvcNAQELBQADggEBAIs7o5C/pS+ZNF9d9Mn5e7mqmsqaOJP5
6yfI7npEXtDfbk/jwnzoAJVsUEw8UFfVm42ep0J5KJiJtQXJ52um2JIxIFBCkCK0
qieTyo4bu+Ig/l7Akj1CFJ7aSKLSfZroZjZyDru3/rL9BiwrpVKIVmtkDlswyE8D
9h5DKDmjorw/qJgksdaWOr+q/Wp8T3kYFt1F8p+sE/Z4kUMk7xrpwDnlHTby0w80
lz/yCieT1FQAmRIPtZ8dXtfh/HeSvuevaxCPVhyjh9N7HgaJcZFF70gw6PZVZb9f
+P1UfXvyliAr32qKOTu5npg3/FqNq7sFQiev07BtDXi/LxzUxi7yI5I=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:33:14 2025 by rpki-client