Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/F66eMicI53-acVWt47kdeyP6FqI.roa
File: F66eMicI53-acVWt47kdeyP6FqI.roa (raw, json)
Hash identifier: ZYJNh/K/A6duvXGW0YI3ZoV2iAJMbURLeohT4Gj7Aog=
Subject key identifier: 17:AE:9E:32:27:08:E7:7F:9A:71:55:AD:E3:B9:1D:7B:23:FA:16:A2
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0197D43DB27D848E81CA8813D59A4E02AD47
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/F66eMicI53-acVWt47kdeyP6FqI.roa
Signing time: Fri 04 Jul 2025 07:01:42 +0000
ROA not before: Fri 04 Jul 2025 07:01:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.235.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:3d:b2:7d:84:8e:81:ca:88:13:d5:9a:4e:02:ad:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jul 4 07:01:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17ae9e322708e77f9a7155ade3b91d7b23fa16a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:06:60:ff:06:ac:f5:db:f3:2f:7d:d4:a8:c9:
b2:6e:6a:c5:b8:03:80:19:e5:f6:b6:87:9d:ea:bc:
9a:6c:0c:98:84:3c:1d:38:7d:7f:ca:56:fb:7a:f6:
bb:4a:79:d7:f7:4f:e0:c3:e1:32:e4:e1:fb:8f:06:
cd:f4:97:f2:5d:6f:a8:8e:a0:a2:f6:31:f7:fc:f2:
b2:dd:33:51:33:d2:f2:97:4a:a1:cd:dc:5e:47:0a:
4e:a5:41:6b:e8:ce:f4:f6:be:6a:5a:52:9b:80:f1:
57:d5:06:42:ba:e6:c5:0d:b8:bd:d1:92:bf:c4:f4:
de:5e:6c:fa:1a:55:2a:ad:a2:ea:fd:8d:e2:9c:47:
b1:7e:63:67:cb:3e:77:05:ef:01:61:8d:93:83:ac:
71:9f:55:d0:42:8d:6c:2d:4e:7c:c6:e1:8a:29:55:
c6:a0:96:05:41:d6:b9:76:18:a0:98:7c:a0:23:d1:
01:66:de:5a:f7:20:73:58:3b:de:ac:4d:e5:77:cc:
8e:d9:8f:e6:bf:d6:51:76:13:c3:c8:e4:56:d4:ce:
69:37:8e:06:0f:cc:97:2b:89:bf:98:5f:85:df:d5:
ce:3e:f7:0c:c0:4a:53:72:87:1c:11:fb:93:b3:ac:
26:ea:7b:33:ba:f8:4e:fb:da:45:f9:ae:6d:c4:ce:
18:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AE:9E:32:27:08:E7:7F:9A:71:55:AD:E3:B9:1D:7B:23:FA:16:A2
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/F66eMicI53-acVWt47kdeyP6FqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0/24
80.71.235.0-80.71.236.255
Signature Algorithm: sha256WithRSAEncryption
5a:5d:4d:78:22:cc:50:92:32:49:02:29:2e:83:9d:4b:06:29:
07:5a:31:55:d2:d1:8c:ed:2b:d0:f7:89:a5:32:52:89:af:8b:
20:20:1c:a6:88:58:13:be:5c:8a:a9:fd:bf:3a:92:fa:4f:62:
37:72:59:dc:fa:96:93:29:27:bf:e3:6c:da:cb:12:de:20:00:
8f:b3:85:f4:82:4e:db:09:7c:ae:30:43:82:70:30:79:91:79:
af:07:2a:99:22:61:d1:db:dd:f1:a2:ce:1f:3d:27:42:cd:70:
82:74:db:d6:f1:3d:df:32:53:84:86:06:13:84:2f:89:ef:d9:
4b:68:45:97:0e:02:51:42:30:9f:c6:b7:d4:84:79:4b:76:3c:
13:97:62:b1:55:72:d7:2e:71:33:42:e0:f8:e0:7d:21:5d:9b:
a3:f7:c9:35:c7:29:48:60:5e:23:01:ea:39:30:03:a7:5f:b0:
a6:f1:8a:76:6b:e9:00:b5:9e:96:f0:0c:1e:d0:9c:f7:12:3d:
bc:eb:d7:fb:6a:7d:77:d7:34:47:94:9c:7b:b9:2c:6a:18:22:
df:69:ee:1a:7c:de:ee:2a:e3:5b:70:5e:5f:e9:77:94:7c:e9:
f7:e1:f6:d8:f3:ed:82:fd:59:91:56:21:00:ff:c7:8c:a5:1b:
bb:2d:f6:53
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfUPbJ9hI6ByogT1ZpOAq1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwNzA0MDcwMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FlOWUzMjI3MDhlNzdmOWE3MTU1YWRlM2I5MWQ3YjIzZmExNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AZg/was9dvzL33UqMmybmrFuAOA
GeX2toed6ryabAyYhDwdOH1/ylb7eva7SnnX90/gw+Ey5OH7jwbN9JfyXW+ojqCi
9jH3/PKy3TNRM9Lyl0qhzdxeRwpOpUFr6M709r5qWlKbgPFX1QZCuubFDbi90ZK/
xPTeXmz6GlUqraLq/Y3inEexfmNnyz53Be8BYY2Tg6xxn1XQQo1sLU58xuGKKVXG
oJYFQda5dhigmHygI9EBZt5a9yBzWDverE3ld8yO2Y/mv9ZRdhPDyORW1M5pN44G
D8yXK4m/mF+F39XOPvcMwEpTcoccEfuTs6wm6nszuvhO+9pF+a5txM4YlQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBeunjInCOd/mnFVreO5HXsj+haiMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvRjY2ZU1pY0k1My1hY1ZXdDQ3a2RleVA2RnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUEfnAwQA
UEfpMAwDBABQR+sDBABQR+wwDQYJKoZIhvcNAQELBQADggEBAFpdTXgizFCSMkkC
KS6DnUsGKQdaMVXS0YztK9D3iaUyUomviyAgHKaIWBO+XIqp/b86kvpPYjdyWdz6
lpMpJ7/jbNrLEt4gAI+zhfSCTtsJfK4wQ4JwMHmRea8HKpkiYdHb3fGizh89J0LN
cIJ029bxPd8yU4SGBhOEL4nv2UtoRZcOAlFCMJ/Gt9SEeUt2PBOXYrFVctcucTNC
4PjgfSFdm6P3yTXHKUhgXiMB6jkwA6dfsKbxinZr6QC1npbwDB7QnPcSPbzr1/tq
fXfXNEeUnHu5LGoYIt9p7hp83u4q41twXl/pd5R86ffh9tjz7YL9WZFWIQD/x4yl
G7st9lM=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:05:36 2025 by rpki-client