Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/43Nv96ZZYJ2HSYMcFEPXcXc87Dg.roa
File: 43Nv96ZZYJ2HSYMcFEPXcXc87Dg.roa (raw, json)
Hash identifier: QKbqjFxUpHYLiD17UOwNlgpkv5Y2OQFGAF39sfyUd/A=
Subject key identifier: E3:73:6F:F7:A6:59:60:9D:87:49:83:1C:14:43:D7:71:77:3C:EC:38
Certificate issuer: /CN=e91f9dbbe68b84027ced4d31e8803f13e9d65d13
Certificate serial: 0197CC36579E9870CA1E71245D7577F03906
Authority key identifier: E9:1F:9D:BB:E6:8B:84:02:7C:ED:4D:31:E8:80:3F:13:E9:D6:5D:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R-du-aLhAJ87U0x6IA_E-nWXRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/43Nv96ZZYJ2HSYMcFEPXcXc87Dg.roa
Signing time: Wed 02 Jul 2025 17:36:42 +0000
ROA not before: Wed 02 Jul 2025 17:36:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42905
IP address blocks: 91.199.245.0/24 maxlen: 24
193.39.118.0/24 maxlen: 24
193.200.151.0/24 maxlen: 24
195.62.36.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/6R-du-aLhAJ87U0x6IA_E-nWXRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/6R-du-aLhAJ87U0x6IA_E-nWXRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R-du-aLhAJ87U0x6IA_E-nWXRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:36:57:9e:98:70:ca:1e:71:24:5d:75:77:f0:39:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91f9dbbe68b84027ced4d31e8803f13e9d65d13
Validity
Not Before: Jul 2 17:36:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3736ff7a659609d8749831c1443d771773cec38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:31:7c:ec:9f:b0:f6:2e:69:82:97:96:ea:0a:
c6:cf:e7:dc:cd:a5:19:9a:71:34:f7:bf:ee:26:1f:
8e:83:5d:c6:f0:f5:0d:75:a4:e5:90:d5:1d:68:27:
88:30:a9:f9:33:73:8e:32:bf:c5:ad:7b:00:ae:e6:
3f:fc:f7:b1:33:93:42:90:05:c3:ff:6a:58:82:d8:
25:40:4e:d7:dd:48:b3:68:1f:09:4c:5f:7d:b3:b9:
82:a8:19:65:17:f5:9e:0c:a3:64:f1:72:1f:82:d5:
8b:a3:0a:a4:50:ad:7e:57:01:8f:f5:df:ef:8f:23:
da:66:95:32:0f:14:6d:67:c6:c3:e7:97:81:cf:1d:
d3:b7:ae:a7:a8:0d:29:bb:15:14:10:54:82:3c:c4:
51:21:9e:24:b6:10:20:03:bd:91:05:a4:44:80:1b:
87:7d:87:88:0d:ca:5b:17:59:7b:b6:4d:71:9f:b4:
b7:77:31:f7:05:fe:46:c3:24:11:36:b4:72:83:ca:
a0:35:1a:67:b7:01:cb:1d:be:ac:8c:4c:46:86:f9:
f9:2c:d9:6d:fb:7d:b1:d2:82:94:2f:40:40:5e:6b:
e8:ad:cd:d5:a9:b8:e8:59:f5:02:26:2c:e7:d9:3f:
41:33:e7:3b:b8:82:d7:b5:12:c0:1a:05:78:b6:f1:
74:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:73:6F:F7:A6:59:60:9D:87:49:83:1C:14:43:D7:71:77:3C:EC:38
X509v3 Authority Key Identifier:
keyid:E9:1F:9D:BB:E6:8B:84:02:7C:ED:4D:31:E8:80:3F:13:E9:D6:5D:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R-du-aLhAJ87U0x6IA_E-nWXRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/43Nv96ZZYJ2HSYMcFEPXcXc87Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0afac0-27b9-4637-9cde-b4e79f781e4d/1/6R-du-aLhAJ87U0x6IA_E-nWXRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.245.0/24
193.39.118.0/24
193.200.151.0/24
195.62.36.0/23
Signature Algorithm: sha256WithRSAEncryption
03:78:a4:5b:2e:11:73:38:a0:6a:98:a3:70:45:b2:30:e4:8a:
d8:04:e8:68:09:61:8a:52:f5:3c:d0:60:8f:46:85:84:fc:e4:
6d:57:bf:62:35:dc:a7:17:16:8d:01:6a:21:1e:73:c3:13:ad:
fd:65:12:59:b6:86:3e:87:5b:8f:54:56:68:af:e8:ef:4e:15:
ed:98:25:49:f7:2c:43:80:d9:06:bc:1e:08:33:01:d2:df:c6:
cb:df:b3:4e:db:a2:86:90:56:6f:32:b0:5e:48:d8:c5:f0:19:
c7:56:72:97:de:30:8b:03:0e:6f:7b:73:7d:26:86:86:b7:ec:
91:fb:9e:05:4c:df:59:44:1c:1a:ac:df:e5:60:ea:d7:5e:bb:
99:52:c0:a4:b5:c1:43:bd:73:3f:82:91:cf:30:c2:76:b6:77:
fe:e3:b3:ed:b7:cc:e6:c3:da:3c:ef:4e:83:bb:80:2a:fb:ea:
f5:af:ef:68:0c:11:f6:81:6f:15:13:cd:cd:ba:5e:fd:af:35:
ec:2b:cc:1e:dd:54:27:63:69:76:87:63:28:13:e1:ed:7d:e2:
d5:7a:49:eb:2e:37:78:f0:40:63:b8:8b:4c:5b:20:31:07:d8:
fe:44:c6:69:db:c9:28:97:4a:e7:39:d3:0f:b1:5d:97:3b:1b:
f2:e4:51:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfMNleemHDKHnEkXXV38DkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWY5ZGJiZTY4Yjg0MDI3Y2VkNGQzMWU4ODAzZjEzZTlk
NjVkMTMwHhcNMjUwNzAyMTczNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzczNmZmN2E2NTk2MDlkODc0OTgzMWMxNDQzZDc3MTc3M2NlYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TF87J+w9i5pgpeW6grGz+fczaUZ
mnE097/uJh+Og13G8PUNdaTlkNUdaCeIMKn5M3OOMr/FrXsAruY//PexM5NCkAXD
/2pYgtglQE7X3UizaB8JTF99s7mCqBllF/WeDKNk8XIfgtWLowqkUK1+VwGP9d/v
jyPaZpUyDxRtZ8bD55eBzx3Tt66nqA0puxUUEFSCPMRRIZ4kthAgA72RBaREgBuH
fYeIDcpbF1l7tk1xn7S3dzH3Bf5GwyQRNrRyg8qgNRpntwHLHb6sjExGhvn5LNlt
+32x0oKUL0BAXmvorc3VqbjoWfUCJizn2T9BM+c7uILXtRLAGgV4tvF0pwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFONzb/emWWCdh0mDHBRD13F3POw4MB8GA1UdIwQY
MBaAFOkfnbvmi4QCfO1NMeiAPxPp1l0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlItZHUtYUxoQUo4N1UweDZJQV9FLW5XWFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYWZhYzAtMjdiOS00NjM3LTljZGUt
YjRlNzlmNzgxZTRkLzEvNDNOdjk2WlpZSjJIU1lNY0ZFUFhjWGM4N0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYWZhYzAtMjdiOS00NjM3LTljZGUtYjRlNzlmNzgxZTRk
LzEvNlItZHUtYUxoQUo4N1UweDZJQV9FLW5XWFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8f1AwQA
wSd2AwQAwciXAwQBwz4kMA0GCSqGSIb3DQEBCwUAA4IBAQADeKRbLhFzOKBqmKNw
RbIw5IrYBOhoCWGKUvU80GCPRoWE/ORtV79iNdynFxaNAWohHnPDE639ZRJZtoY+
h1uPVFZor+jvThXtmCVJ9yxDgNkGvB4IMwHS38bL37NO26KGkFZvMrBeSNjF8BnH
VnKX3jCLAw5ve3N9JoaGt+yR+54FTN9ZRBwarN/lYOrXXruZUsCktcFDvXM/gpHP
MMJ2tnf+47Ptt8zmw9o8706Du4Aq++r1r+9oDBH2gW8VE83Nul79rzXsK8we3VQn
Y2l2h2MoE+HtfeLVeknrLjd48EBjuItMWyAxB9j+RMZp28kol0rnOdMPsV2XOxvy
5FEr
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:38:00 2025 by rpki-client