Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/t5nV1PoAdO-HNQcriDtT0k19Y0k.roa
File: t5nV1PoAdO-HNQcriDtT0k19Y0k.roa (raw, json)
Hash identifier: ktgVwZj6sz4wVJV68ItMtiZ3hfrl5O5Cl3g1dZAV0fs=
Subject key identifier: B7:99:D5:D4:FA:00:74:EF:87:35:07:2B:88:3B:53:D2:4D:7D:63:49
Certificate issuer: /CN=cdf8efd3e3166e81aacf1580e2f0b94da29b3db4
Certificate serial: 019828B71BB30D658A9480985C275C68E59E
Authority key identifier: CD:F8:EF:D3:E3:16:6E:81:AA:CF:15:80:E2:F0:B9:4D:A2:9B:3D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfjv0-MWboGqzxWA4vC5TaKbPbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/t5nV1PoAdO-HNQcriDtT0k19Y0k.roa
Signing time: Sun 20 Jul 2025 16:42:25 +0000
ROA not before: Sun 20 Jul 2025 16:42:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207483
IP address blocks: 164.138.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/zfjv0-MWboGqzxWA4vC5TaKbPbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/zfjv0-MWboGqzxWA4vC5TaKbPbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zfjv0-MWboGqzxWA4vC5TaKbPbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:28:b7:1b:b3:0d:65:8a:94:80:98:5c:27:5c:68:e5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf8efd3e3166e81aacf1580e2f0b94da29b3db4
Validity
Not Before: Jul 20 16:42:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b799d5d4fa0074ef8735072b883b53d24d7d6349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:c0:87:42:7e:e2:46:40:16:34:d3:0b:9d:
90:06:24:92:33:f3:3c:83:c1:22:e5:37:2e:e0:d9:
20:48:c8:c8:52:c0:47:ed:4f:ab:f1:87:d8:0a:30:
b0:e3:ce:69:eb:04:c3:38:fd:db:e2:62:22:89:f3:
4a:1e:57:e2:8e:d1:0f:09:cb:87:dc:28:56:af:2d:
74:03:9c:b7:01:c4:ea:64:dc:75:78:af:c4:5a:4d:
04:ce:a8:b0:b4:92:dc:79:c6:56:c2:e9:79:6c:61:
2e:95:fa:c3:13:d0:18:0a:7c:08:81:51:d8:e0:cc:
54:07:b4:66:14:d2:8f:1b:30:75:8b:4c:1f:2d:71:
d4:29:c4:11:ae:49:a8:81:b8:40:1e:59:02:b4:24:
be:f3:b2:d9:35:3f:3b:cd:cd:0b:e4:33:47:bf:22:
be:ff:b6:68:4a:a2:eb:8a:aa:71:e4:ae:08:57:63:
80:08:70:70:3e:5e:00:31:a0:b9:16:d2:f5:68:39:
87:dd:9c:44:65:a9:1c:5d:59:ea:d3:e3:dd:e2:8b:
bb:4e:20:0a:0c:2d:03:c7:b4:99:19:b9:d6:9c:66:
76:45:29:0b:83:2b:23:fd:d4:67:6f:d0:27:ad:17:
94:f2:7e:6c:f9:86:cb:e3:fe:10:8a:18:2d:57:17:
45:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:99:D5:D4:FA:00:74:EF:87:35:07:2B:88:3B:53:D2:4D:7D:63:49
X509v3 Authority Key Identifier:
keyid:CD:F8:EF:D3:E3:16:6E:81:AA:CF:15:80:E2:F0:B9:4D:A2:9B:3D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfjv0-MWboGqzxWA4vC5TaKbPbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/t5nV1PoAdO-HNQcriDtT0k19Y0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/86c170-2067-40ee-8923-a03ad529997c/1/zfjv0-MWboGqzxWA4vC5TaKbPbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.202.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:91:9a:ba:c0:ab:a1:4f:a7:23:1e:c3:68:6e:36:7a:d4:d1:
e6:63:8c:69:ad:bf:07:95:4c:0c:f8:83:f8:aa:49:c3:63:d2:
7b:21:dc:ee:4b:c1:f0:6e:a9:1e:b1:66:c8:ee:94:b7:a3:b6:
26:91:0a:df:35:4c:c7:d2:b4:fd:4f:29:5d:39:6a:f3:74:3f:
0e:b7:93:97:1f:65:41:8c:82:19:4a:3d:77:7e:b5:4b:5c:5b:
f9:3e:3a:7a:a4:ed:4f:79:5a:d4:bb:27:27:c5:ad:cf:6f:23:
8f:d7:f5:70:62:3e:e2:a7:68:27:5e:c4:6b:6c:5a:44:27:08:
d6:34:dd:38:b5:9c:c3:c7:b4:36:f7:7d:c6:63:f4:2b:5d:87:
a5:ab:6b:5a:65:33:5c:e4:6d:aa:46:58:51:8b:92:1c:43:1d:
7a:7e:94:35:ba:b4:a4:4b:b9:3f:08:ce:27:a4:0b:b9:91:95:
c3:54:68:d2:34:2b:a6:22:36:68:51:95:34:e1:09:e7:f6:bd:
b2:29:a7:36:53:0e:00:da:da:b7:a7:54:6c:c0:af:36:20:af:
8b:b0:ed:dc:69:59:e5:2f:ae:65:ef:3b:8d:4a:b4:16:85:fb:
f6:ec:ba:b6:83:cb:35:26:fe:8b:c4:33:2a:6a:ac:3d:4a:1b:
ea:5e:72:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgotxuzDWWKlICYXCdcaOWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjhlZmQzZTMxNjZlODFhYWNmMTU4MGUyZjBiOTRkYTI5
YjNkYjQwHhcNMjUwNzIwMTY0MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk5ZDVkNGZhMDA3NGVmODczNTA3MmI4ODNiNTNkMjRkN2Q2MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofbAh0J+4kZAFjTTC52QBiSSM/M8
g8Ei5Tcu4NkgSMjIUsBH7U+r8YfYCjCw485p6wTDOP3b4mIiifNKHlfijtEPCcuH
3ChWry10A5y3AcTqZNx1eK/EWk0EzqiwtJLcecZWwul5bGEulfrDE9AYCnwIgVHY
4MxUB7RmFNKPGzB1i0wfLXHUKcQRrkmogbhAHlkCtCS+87LZNT87zc0L5DNHvyK+
/7ZoSqLriqpx5K4IV2OACHBwPl4AMaC5FtL1aDmH3ZxEZakcXVnq0+Pd4ou7TiAK
DC0Dx7SZGbnWnGZ2RSkLgysj/dRnb9AnrReU8n5s+YbL4/4QihgtVxdFAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeZ1dT6AHTvhzUHK4g7U9JNfWNJMB8GA1UdIwQY
MBaAFM3479PjFm6Bqs8VgOLwuU2imz20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZqdjAtTVdib0dxenhXQTR2QzVUYUtiUGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NmMxNzAtMjA2Ny00MGVlLTg5MjMt
YTAzYWQ1Mjk5OTdjLzEvdDVuVjFQb0FkTy1ITlFjcmlEdFQwazE5WTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NmMxNzAtMjA2Ny00MGVlLTg5MjMtYTAzYWQ1Mjk5OTdj
LzEvemZqdjAtTVdib0dxenhXQTR2QzVUYUtiUGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApIrKMA0G
CSqGSIb3DQEBCwUAA4IBAQB/kZq6wKuhT6cjHsNobjZ61NHmY4xprb8HlUwM+IP4
qknDY9J7IdzuS8HwbqkesWbI7pS3o7YmkQrfNUzH0rT9TyldOWrzdD8Ot5OXH2VB
jIIZSj13frVLXFv5Pjp6pO1PeVrUuycnxa3PbyOP1/VwYj7ip2gnXsRrbFpEJwjW
NN04tZzDx7Q2933GY/QrXYelq2taZTNc5G2qRlhRi5IcQx16fpQ1urSkS7k/CM4n
pAu5kZXDVGjSNCumIjZoUZU04Qnn9r2yKac2Uw4A2tq3p1RswK82IK+LsO3caVnl
L65l7zuNSrQWhfv27Lq2g8s1Jv6LxDMqaqw9ShvqXnKs
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:30:01 2025 by rpki-client