Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/KdtZNUXdFelPbJtHE7AST6ZA0X0.roa
File: KdtZNUXdFelPbJtHE7AST6ZA0X0.roa (raw, json)
Hash identifier: UOWlHeXTHlSYHeOJT7Yelw3uceAWL37s8H8oFtXwEWM=
Subject key identifier: 29:DB:59:35:45:DD:15:E9:4F:6C:9B:47:13:B0:12:4F:A6:40:D1:7D
Certificate issuer: /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial: 0197C6477A66B8EBE4B523E6AE4710FEEF4D
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/KdtZNUXdFelPbJtHE7AST6ZA0X0.roa
Signing time: Tue 01 Jul 2025 13:57:42 +0000
ROA not before: Tue 01 Jul 2025 13:57:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60014
IP address blocks: 78.31.232.0/22 maxlen: 22
185.119.240.0/22 maxlen: 22
193.106.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:47:7a:66:b8:eb:e4:b5:23:e6:ae:47:10:fe:ef:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Validity
Not Before: Jul 1 13:57:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29db593545dd15e94f6c9b4713b0124fa640d17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1f:9e:20:e7:7b:a5:48:70:6d:ed:63:da:f7:
e4:b8:f9:ce:44:a4:d9:01:55:c4:92:23:e2:1c:54:
f7:a2:72:c4:8b:63:96:ea:5b:3e:93:7a:8a:a0:08:
29:89:03:ae:8c:0f:e4:0f:7b:1d:2d:cb:e8:a7:8e:
6f:2b:e0:27:27:81:85:c7:d9:e1:51:18:b7:fd:2f:
65:9b:dd:1d:c5:d1:30:83:ca:6d:86:38:ea:20:8e:
97:01:dc:58:f1:64:82:fe:f6:fc:e1:76:97:c4:78:
c1:08:79:59:c3:75:66:dc:d4:17:05:46:4a:66:4b:
b6:31:8e:ca:94:a4:89:37:df:e0:0d:cf:bb:f7:89:
ac:c9:ff:09:2a:5a:68:c1:d4:b9:7e:cb:bc:f1:09:
3d:9f:80:47:60:9f:cd:cd:97:0e:fe:cc:66:a2:3f:
9b:1c:23:90:56:f7:ad:ac:d0:d6:4d:fe:10:4d:f3:
db:d9:54:49:10:79:c0:1e:b0:b4:65:07:dd:a7:08:
09:50:b9:15:83:e9:c0:30:29:4f:b8:f4:53:1a:b3:
2c:07:01:64:63:68:01:e6:44:9c:17:bf:b8:d3:f3:
90:23:7d:af:af:c1:db:45:24:45:c1:bd:d5:c3:f4:
c9:a1:74:67:39:76:bb:8b:63:0d:06:e1:d1:4f:bc:
9c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DB:59:35:45:DD:15:E9:4F:6C:9B:47:13:B0:12:4F:A6:40:D1:7D
X509v3 Authority Key Identifier:
keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/KdtZNUXdFelPbJtHE7AST6ZA0X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.232.0/22
185.119.240.0/22
193.106.190.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:70:a9:cc:91:d6:08:bc:ed:e6:79:34:bb:5f:89:d0:35:fa:
c7:55:61:04:3b:2b:26:58:6f:47:02:94:ab:51:7a:0a:1d:80:
ac:cf:8a:89:d1:13:52:33:58:e8:99:8f:c8:bc:02:7a:73:03:
a0:6a:d3:b0:b8:c3:45:39:0b:bb:4a:b7:09:c0:ed:72:cb:b9:
dc:9d:c3:a4:8c:f0:9f:8d:9d:a8:04:7b:fe:64:01:5b:fd:49:
67:9a:90:d0:a2:21:35:23:71:11:87:12:92:97:88:76:64:47:
94:bc:5c:97:dd:30:e1:36:c1:9e:c5:0e:9b:26:c3:aa:25:5d:
35:4d:0e:5e:31:68:d5:36:74:bc:8c:ef:3d:a6:e7:72:13:34:
01:fd:66:07:24:c2:1d:23:c3:e4:b3:47:1c:2c:66:c5:99:82:
b7:49:19:30:c6:94:1a:e1:16:42:d9:89:02:2e:07:30:6c:e1:
1a:7e:d1:a3:d8:10:c7:52:40:ff:15:b1:77:32:78:5f:6d:f7:
2a:7c:de:e6:09:9d:fd:32:e3:d9:6f:24:80:c0:de:84:97:63:
7c:55:2e:bc:ce:4a:21:79:bc:e7:7d:86:cc:c7:c1:e0:83:6e:
27:1c:f2:ad:b1:5b:ce:f5:c0:33:58:ab:62:5d:98:14:8a:04:
13:24:b0:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfGR3pmuOvktSPmrkcQ/u9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjUwNzAxMTM1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRiNTkzNTQ1ZGQxNWU5NGY2YzliNDcxM2IwMTI0ZmE2NDBkMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+R+eIOd7pUhwbe1j2vfkuPnORKTZ
AVXEkiPiHFT3onLEi2OW6ls+k3qKoAgpiQOujA/kD3sdLcvop45vK+AnJ4GFx9nh
URi3/S9lm90dxdEwg8pthjjqII6XAdxY8WSC/vb84XaXxHjBCHlZw3Vm3NQXBUZK
Zku2MY7KlKSJN9/gDc+794msyf8JKlpowdS5fsu88Qk9n4BHYJ/NzZcO/sxmoj+b
HCOQVvetrNDWTf4QTfPb2VRJEHnAHrC0ZQfdpwgJULkVg+nAMClPuPRTGrMsBwFk
Y2gB5kScF7+40/OQI32vr8HbRSRFwb3Vw/TJoXRnOXa7i2MNBuHRT7ycIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCnbWTVF3RXpT2ybRxOwEk+mQNF9MB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEvS2R0Wk5VWGRGZWxQYkp0SEU3QVNUNlpBMFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTh/oAwQC
uXfwAwQAwWq+MA0GCSqGSIb3DQEBCwUAA4IBAQCpcKnMkdYIvO3meTS7X4nQNfrH
VWEEOysmWG9HApSrUXoKHYCsz4qJ0RNSM1jomY/IvAJ6cwOgatOwuMNFOQu7SrcJ
wO1yy7ncncOkjPCfjZ2oBHv+ZAFb/UlnmpDQoiE1I3ERhxKSl4h2ZEeUvFyX3TDh
NsGexQ6bJsOqJV01TQ5eMWjVNnS8jO89pudyEzQB/WYHJMIdI8Pks0ccLGbFmYK3
SRkwxpQa4RZC2YkCLgcwbOEaftGj2BDHUkD/FbF3MnhfbfcqfN7mCZ39MuPZbySA
wN6El2N8VS68zkohebznfYbMx8Hgg24nHPKtsVvO9cAzWKtiXZgUigQTJLBN
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:38:39 2025 by rpki-client