Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/rDdl4wb7d9_eC22yvGjUcZm-ZF0.roa
File: rDdl4wb7d9_eC22yvGjUcZm-ZF0.roa (raw, json)
Hash identifier: IxVCz/Sbbi4L+BIjve8uTsWyEfGjkV7LQaO0qi7hXQI=
Subject key identifier: AC:37:65:E3:06:FB:77:DF:DE:0B:6D:B2:BC:68:D4:71:99:BE:64:5D
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019812726B24B8F1438CEFC5288D06DC2357
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/rDdl4wb7d9_eC22yvGjUcZm-ZF0.roa
Signing time: Wed 16 Jul 2025 08:55:45 +0000
ROA not before: Wed 16 Jul 2025 08:55:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 79.121.148.0/23 maxlen: 24
79.121.154.0/23 maxlen: 24
79.121.162.0/23 maxlen: 24
79.121.164.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:12:72:6b:24:b8:f1:43:8c:ef:c5:28:8d:06:dc:23:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jul 16 08:55:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac3765e306fb77dfde0b6db2bc68d47199be645d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:26:8b:78:62:5e:e0:e0:d9:5b:10:6c:c5:f3:
ae:e3:54:fd:ac:fa:27:68:a7:89:99:e9:5a:ef:23:
64:a6:79:9e:28:23:d6:4c:52:d3:e9:99:a1:b2:74:
1e:ac:93:08:ff:04:f8:a5:38:6c:1d:f9:5a:82:1d:
b6:d2:c4:b5:8a:13:f8:17:50:00:80:d7:5f:08:fc:
32:fd:c1:d2:39:38:e8:6a:a4:a6:81:74:af:32:7f:
b7:73:73:1f:88:77:2f:45:8b:90:e8:d3:d8:18:37:
c4:fe:1c:43:85:52:d1:15:58:67:64:f1:18:e5:c1:
60:2e:20:c7:03:40:3c:6a:a8:e9:50:b6:12:df:a9:
39:1a:6e:b1:c9:57:f7:b5:55:ce:04:06:fe:1f:75:
4b:f6:76:4e:a2:0f:69:5c:7a:9b:25:ba:b8:75:1d:
36:46:33:d4:bf:20:30:04:f4:c7:1e:92:fe:97:38:
d1:05:13:76:f2:c5:94:84:21:9d:d7:ca:2d:71:f3:
67:25:3e:6b:1e:36:48:9c:c9:28:fa:10:10:43:35:
4d:21:95:b4:b8:69:9a:ea:8f:c1:69:55:d7:d6:55:
08:c6:07:91:f2:2b:1a:8c:1b:12:ff:76:2a:2a:05:
a2:d3:e4:d8:7c:cf:c3:10:45:c5:74:e4:9d:9f:ea:
1d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:37:65:E3:06:FB:77:DF:DE:0B:6D:B2:BC:68:D4:71:99:BE:64:5D
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/rDdl4wb7d9_eC22yvGjUcZm-ZF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.121.148.0/23
79.121.154.0/23
79.121.162.0-79.121.165.255
Signature Algorithm: sha256WithRSAEncryption
6f:a9:04:ce:e2:0b:79:d5:de:1e:16:f3:24:28:8c:fc:96:66:
f8:94:e8:df:a8:03:93:4a:92:d1:2f:8e:da:9c:96:e0:4c:6d:
08:41:de:76:92:28:f5:10:0b:4c:8a:c4:e4:b2:ee:03:e8:e9:
5d:cd:15:96:48:58:63:0a:69:84:b3:32:ea:47:ea:25:cd:53:
0f:36:60:24:53:28:e5:8e:07:ce:63:2d:5f:20:ac:fd:14:0e:
72:56:36:52:2c:b3:30:2e:eb:51:e3:57:99:36:d8:25:19:0b:
b2:13:2a:b2:b8:97:6f:e4:46:b7:6c:56:f8:88:35:5a:ca:bf:
65:7f:00:c6:bd:56:2a:75:b2:31:8f:c5:17:24:26:4b:8e:ac:
1b:b4:3c:34:ce:79:3f:bf:23:e6:a6:69:9e:a6:0f:3b:ad:21:
1a:4a:8a:de:2f:85:3c:ba:b9:5a:1d:b5:0e:6a:c4:92:d4:70:
37:ea:6e:08:6c:a4:92:7b:e1:95:06:5a:e0:6e:97:d3:d6:5d:
4a:70:eb:c4:e3:55:84:3e:27:43:90:55:41:6e:a7:9d:a0:73:
f1:6f:65:df:03:6f:15:42:af:8e:d4:52:a7:d4:43:47:3a:36:
c5:e2:ed:15:34:30:2a:a5:fc:c1:ec:84:f1:b5:b3:db:81:f1:
11:5a:d3:61
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZgScmskuPFDjO/FKI0G3CNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwNzE2MDg1NTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM3NjVlMzA2ZmI3N2RmZGUwYjZkYjJiYzY4ZDQ3MTk5YmU2NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiaLeGJe4ODZWxBsxfOu41T9rPon
aKeJmela7yNkpnmeKCPWTFLT6ZmhsnQerJMI/wT4pThsHflagh220sS1ihP4F1AA
gNdfCPwy/cHSOTjoaqSmgXSvMn+3c3MfiHcvRYuQ6NPYGDfE/hxDhVLRFVhnZPEY
5cFgLiDHA0A8aqjpULYS36k5Gm6xyVf3tVXOBAb+H3VL9nZOog9pXHqbJbq4dR02
RjPUvyAwBPTHHpL+lzjRBRN28sWUhCGd18otcfNnJT5rHjZInMko+hAQQzVNIZW0
uGma6o/BaVXX1lUIxgeR8isajBsS/3YqKgWi0+TYfM/DEEXFdOSdn+od5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKw3ZeMG+3ff3gttsrxo1HGZvmRdMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvckRkbDR3YjdkOV9lQzIyeXZHalVjWm0tWkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBT3mUAwQB
T3maMAwDBAFPeaIDBAFPeaQwDQYJKoZIhvcNAQELBQADggEBAG+pBM7iC3nV3h4W
8yQojPyWZviU6N+oA5NKktEvjtqcluBMbQhB3naSKPUQC0yKxOSy7gPo6V3NFZZI
WGMKaYSzMupH6iXNUw82YCRTKOWOB85jLV8grP0UDnJWNlIsszAu61HjV5k22CUZ
C7ITKrK4l2/kRrdsVviINVrKv2V/AMa9Vip1sjGPxRckJkuOrBu0PDTOeT+/I+am
aZ6mDzutIRpKit4vhTy6uVodtQ5qxJLUcDfqbghspJJ74ZUGWuBul9PWXUpw68Tj
VYQ+J0OQVUFup52gc/FvZd8DbxVCr47UUqfUQ0c6NsXi7RU0MCql/MHshPG1s9uB
8RFa02E=
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:29:36 2025 by rpki-client