Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_5GCLkFhK13sjcnhkYKzJRpbdDs.roa
File: _5GCLkFhK13sjcnhkYKzJRpbdDs.roa (raw, json)
Hash identifier: JVrk8+HOPCU6oXElKL5VihQd05Yle6mLsi+a5o1Uizo=
Subject key identifier: FF:91:82:2E:41:61:2B:5D:EC:8D:C9:E1:91:82:B3:25:1A:5B:74:3B
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0197E8A702B207143A0E7A99FABC35F63B65
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_5GCLkFhK13sjcnhkYKzJRpbdDs.roa
Signing time: Tue 08 Jul 2025 06:09:08 +0000
ROA not before: Tue 08 Jul 2025 06:09:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 80.71.233.0/24 maxlen: 24
80.71.235.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:a7:02:b2:07:14:3a:0e:7a:99:fa:bc:35:f6:3b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jul 8 06:09:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff91822e41612b5dec8dc9e19182b3251a5b743b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:31:ec:e8:fa:63:b2:de:70:7f:8a:12:fd:03:
03:c2:09:cf:c1:2b:69:61:64:40:1a:14:e5:e4:3e:
47:5a:73:b2:38:a3:03:24:8f:e0:7d:22:cd:ef:a4:
e2:08:6e:fd:fd:a5:7d:ad:cb:87:00:d1:5d:ba:fe:
3c:4f:d2:a4:bd:16:42:bb:2b:78:72:5a:68:a4:b1:
f5:3d:19:f5:d4:95:44:20:94:89:29:0f:79:c5:b0:
43:4d:f4:f5:85:14:51:7f:13:c3:eb:94:a2:c1:77:
3f:2e:9d:70:c8:26:f2:ef:95:e6:9e:73:07:41:07:
8e:47:33:e4:f2:87:89:38:30:fd:d2:ae:c6:ed:b4:
3b:bb:f2:eb:ee:85:1c:af:4b:2e:3f:36:5e:b2:3a:
84:f7:16:6e:44:0f:37:25:9e:be:5e:d6:f8:04:47:
fc:11:c2:a3:6d:5d:a2:0d:c7:0d:b0:1c:ec:03:9b:
e5:2a:e2:54:fb:7a:7e:09:7b:1b:7e:5b:f7:8c:b1:
88:ce:9f:73:e0:55:8d:5d:f8:22:2b:e5:ff:29:c9:
c4:7d:64:e1:be:43:fd:e2:df:78:c2:23:14:86:92:
2f:b8:e7:b3:4e:77:35:81:78:8c:30:6c:55:64:24:
20:af:c6:c2:d6:00:72:25:fd:29:ba:80:06:45:58:
54:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:91:82:2E:41:61:2B:5D:EC:8D:C9:E1:91:82:B3:25:1A:5B:74:3B
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/_5GCLkFhK13sjcnhkYKzJRpbdDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.233.0/24
80.71.235.0-80.71.236.255
80.71.238.0/24
Signature Algorithm: sha256WithRSAEncryption
46:4b:ac:17:a5:8f:62:58:10:23:f2:7f:62:28:b3:d6:f5:cf:
e0:00:cf:1f:e4:5f:a5:6a:7c:bb:3e:60:aa:af:ac:63:bc:69:
a7:a9:09:4d:3d:d3:26:9b:71:a0:1f:f4:bc:73:85:2e:8d:a3:
18:c0:00:40:3f:e3:e4:c7:05:b7:88:9c:6e:9d:81:78:cb:55:
88:b3:14:e1:1a:97:3e:2b:3e:e7:d6:bc:99:db:ef:6d:1a:21:
09:4f:2b:84:71:d2:d8:aa:bc:84:14:27:1b:20:33:93:c1:d8:
86:e2:24:b7:01:13:99:03:f0:5b:9e:c0:db:9a:b6:d1:5d:e4:
bd:60:88:f8:cf:da:a7:ae:c6:b0:60:71:e7:f8:d9:b2:7c:13:
11:3c:70:3f:81:aa:93:1c:cc:b2:bd:fb:a8:17:f5:08:4f:be:
52:d4:7f:a5:98:22:8b:fd:20:8e:44:2b:39:70:d5:7c:f4:76:
5f:7b:91:67:29:8a:9c:51:4f:dd:f5:82:95:88:59:db:69:2d:
83:f4:d0:0a:85:bd:27:78:0a:50:cf:2e:71:63:d2:19:4e:2a:
17:b2:3d:6c:bf:4d:c9:23:f2:19:5b:8f:3f:f0:c3:d3:c0:da:
6b:63:78:68:dd:11:85:d2:3c:1d:a8:ab:06:b9:b6:f8:02:64:
8e:4b:7d:21
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfopwKyBxQ6DnqZ+rw19jtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwNzA4MDYwOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkxODIyZTQxNjEyYjVkZWM4ZGM5ZTE5MTgyYjMyNTFhNWI3NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDHs6Ppjst5wf4oS/QMDwgnPwStp
YWRAGhTl5D5HWnOyOKMDJI/gfSLN76TiCG79/aV9rcuHANFduv48T9KkvRZCuyt4
clpopLH1PRn11JVEIJSJKQ95xbBDTfT1hRRRfxPD65SiwXc/Lp1wyCby75XmnnMH
QQeORzPk8oeJODD90q7G7bQ7u/Lr7oUcr0suPzZesjqE9xZuRA83JZ6+Xtb4BEf8
EcKjbV2iDccNsBzsA5vlKuJU+3p+CXsbflv3jLGIzp9z4FWNXfgiK+X/KcnEfWTh
vkP94t94wiMUhpIvuOezTnc1gXiMMGxVZCQgr8bC1gByJf0puoAGRVhUnQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP+Rgi5BYStd7I3J4ZGCsyUaW3Q7MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvXzVHQ0xrRmhLMTNzamNuaGtZS3pKUnBiZERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUEfpMAwD
BABQR+sDBABQR+wDBABQR+4wDQYJKoZIhvcNAQELBQADggEBAEZLrBelj2JYECPy
f2Ios9b1z+AAzx/kX6VqfLs+YKqvrGO8aaepCU090yabcaAf9LxzhS6NoxjAAEA/
4+THBbeInG6dgXjLVYizFOEalz4rPufWvJnb720aIQlPK4Rx0tiqvIQUJxsgM5PB
2IbiJLcBE5kD8FuewNuattFd5L1giPjP2qeuxrBgcef42bJ8ExE8cD+BqpMczLK9
+6gX9QhPvlLUf6WYIov9II5EKzlw1Xz0dl97kWcpipxRT931gpWIWdtpLYP00AqF
vSd4ClDPLnFj0hlOKheyPWy/Tckj8hlbjz/ww9PA2mtjeGjdEYXSPB2oqwa5tvgC
ZI5LfSE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:21:55 2025 by rpki-client