Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/8seIeZYPp9rqcCK7TPZgkaEa2sM.roa
File: 8seIeZYPp9rqcCK7TPZgkaEa2sM.roa (raw, json)
Hash identifier: lEY9JvA1Y/ZcT+qZ2KmpcWEYT64xi9Y1CYu2FswtJsM=
Subject key identifier: F2:C7:88:79:96:0F:A7:DA:EA:70:22:BB:4C:F6:60:91:A1:1A:DA:C3
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 01981E26A55B1AD336A7DD0188261BC50CD5
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/8seIeZYPp9rqcCK7TPZgkaEa2sM.roa
Signing time: Fri 18 Jul 2025 15:28:25 +0000
ROA not before: Fri 18 Jul 2025 15:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45691
IP address blocks: 185.217.5.0/24 maxlen: 24
2a12:f8c6::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:26:a5:5b:1a:d3:36:a7:dd:01:88:26:1b:c5:0c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Jul 18 15:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2c78879960fa7daea7022bb4cf66091a11adac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:74:95:e6:ad:21:e7:b7:7b:21:8c:f8:4d:
a2:87:db:93:8c:77:0e:83:32:c4:d1:ce:84:0e:a4:
60:15:fe:b6:8a:a8:cb:2d:19:c3:11:a3:2c:e7:65:
88:b4:96:31:fa:fd:31:81:fc:41:6a:18:b1:26:4c:
e8:0a:3b:f6:0e:51:80:d2:56:f6:86:3a:8b:09:be:
51:9b:00:df:bb:dc:ff:84:7a:b2:0b:fd:ef:06:e8:
e2:8f:11:4e:88:cb:9c:76:3e:24:c6:e5:81:49:bd:
b0:8f:23:29:4c:0e:28:b4:d0:a2:6d:fe:13:1d:03:
1e:ef:2d:b5:f7:88:a2:58:d9:0b:93:f4:2e:44:da:
3d:e4:a3:b5:75:e1:cb:63:b9:34:0f:95:63:bf:1b:
0e:cc:18:8e:1e:26:57:3c:d5:e4:9e:bb:e8:4b:16:
96:d9:70:31:67:66:37:34:3f:bc:fa:e8:98:c1:ae:
05:f2:dd:16:3f:cd:96:9b:81:61:0b:33:c3:dd:62:
f7:d5:d9:fc:6d:0f:a5:71:45:c7:5f:57:40:f2:03:
11:1d:f0:a4:b3:29:c7:bf:e7:bf:19:f7:c0:be:64:
b2:cc:76:26:37:6f:f2:ad:ed:d7:57:3e:73:5d:4a:
fb:e5:ac:43:ef:6d:76:81:f6:0d:43:9f:d7:b2:6e:
59:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C7:88:79:96:0F:A7:DA:EA:70:22:BB:4C:F6:60:91:A1:1A:DA:C3
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/8seIeZYPp9rqcCK7TPZgkaEa2sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.5.0/24
IPv6:
2a12:f8c6::/32
Signature Algorithm: sha256WithRSAEncryption
57:fd:75:55:5f:dd:94:41:8d:f1:f0:6c:75:76:f5:c2:7b:38:
dd:15:13:ee:f9:d3:01:d7:04:a5:94:1f:f2:20:68:07:76:97:
2b:cc:ca:a1:ec:e2:a2:fe:93:d1:56:18:eb:dc:b7:fc:78:8b:
d7:69:02:3c:3e:88:5b:72:cf:0c:0c:77:a5:72:09:37:61:d3:
ec:de:53:83:88:ec:11:e4:f1:19:e2:b4:ed:54:eb:aa:81:f0:
d5:97:b0:9f:4b:f2:c2:7b:29:a8:2a:90:7b:d2:1c:1e:aa:8c:
10:05:d5:2d:f3:dc:f5:6b:01:e6:57:e5:30:87:2a:42:56:28:
4c:3f:8c:77:d9:41:2f:5c:0c:ae:1b:cb:35:ea:c8:a1:0d:8f:
59:96:e2:1b:6a:2d:08:f2:20:50:64:eb:b4:96:69:3b:c5:e8:
06:96:01:61:44:7b:d6:64:ee:af:3b:12:94:24:67:da:aa:a1:
f9:3b:7b:e9:9c:86:e4:c4:0a:12:65:97:b5:ee:d0:96:b7:56:
60:5b:1b:91:74:55:34:90:51:93:1a:cd:b2:6a:98:df:70:59:
62:a6:4a:26:d4:8b:fb:c0:a0:33:68:11:e6:db:78:1b:df:bd:
2d:38:53:90:f9:97:ca:4e:c7:a4:3b:3d:6c:e1:d8:ef:39:fa:
13:4c:82:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgeJqVbGtM2p90BiCYbxQzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjUwNzE4MTUyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmM3ODg3OTk2MGZhN2RhZWE3MDIyYmI0Y2Y2NjA5MWExMWFkYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQl0leatIee3eyGM+E2ih9uTjHcO
gzLE0c6EDqRgFf62iqjLLRnDEaMs52WItJYx+v0xgfxBahixJkzoCjv2DlGA0lb2
hjqLCb5RmwDfu9z/hHqyC/3vBujijxFOiMucdj4kxuWBSb2wjyMpTA4otNCibf4T
HQMe7y2194iiWNkLk/QuRNo95KO1deHLY7k0D5VjvxsOzBiOHiZXPNXknrvoSxaW
2XAxZ2Y3ND+8+uiYwa4F8t0WP82Wm4FhCzPD3WL31dn8bQ+lcUXHX1dA8gMRHfCk
synHv+e/GffAvmSyzHYmN2/yre3XVz5zXUr75axD7212gfYNQ5/Xsm5ZFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPLHiHmWD6fa6nAiu0z2YJGhGtrDMB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvOHNlSWVaWVBwOXJxY0NLN1RQWmdrYUVhMnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudkFMA0E
AgACMAcDBQAqEvjGMA0GCSqGSIb3DQEBCwUAA4IBAQBX/XVVX92UQY3x8Gx1dvXC
ezjdFRPu+dMB1wSllB/yIGgHdpcrzMqh7OKi/pPRVhjr3Lf8eIvXaQI8Pohbcs8M
DHelcgk3YdPs3lODiOwR5PEZ4rTtVOuqgfDVl7CfS/LCeymoKpB70hweqowQBdUt
89z1awHmV+UwhypCVihMP4x32UEvXAyuG8s16sihDY9ZluIbai0I8iBQZOu0lmk7
xegGlgFhRHvWZO6vOxKUJGfaqqH5O3vpnIbkxAoSZZe17tCWt1ZgWxuRdFU0kFGT
Gs2yapjfcFlipkom1Iv7wKAzaBHm23gb370tOFOQ+ZfKTsekOz1s4djvOfoTTIKB
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:22:33 2025 by rpki-client