Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/V_hj8y-76beGCR1-lownbqT1Nes.roa
File: V_hj8y-76beGCR1-lownbqT1Nes.roa (raw, json)
Hash identifier: Sc+9rK42Xr6gCdDcMkWp+4ZY3Eh2eNUg76uJbkjGcDY=
Subject key identifier: 57:F8:63:F3:2F:BB:E9:B7:86:09:1D:7E:96:8C:27:6E:A4:F5:35:EB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0197CA418B664307A1302234AFF82A80E9EC
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/V_hj8y-76beGCR1-lownbqT1Nes.roa
Signing time: Wed 02 Jul 2025 08:29:42 +0000
ROA not before: Wed 02 Jul 2025 08:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.89.232.0/24 maxlen: 24
88.218.192.0/24 maxlen: 24
88.218.194.0/23 maxlen: 24
176.113.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:41:8b:66:43:07:a1:30:22:34:af:f8:2a:80:e9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 2 08:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57f863f32fbbe9b786091d7e968c276ea4f535eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:07:f7:4c:63:d3:1c:23:23:0d:9e:52:9e:96:
41:c2:2e:0f:9f:97:9e:6f:04:3a:6e:ff:74:67:ac:
99:ed:6c:e2:46:aa:a3:1f:9a:40:06:f4:bd:fe:e2:
98:eb:75:fb:dc:87:af:a8:23:a1:87:23:1e:ef:71:
b9:b5:f3:59:34:ae:47:46:1e:c0:06:41:70:7b:93:
9e:0e:d8:c0:0c:0d:51:01:74:e2:86:41:a3:35:e6:
36:5e:a8:6a:eb:71:b0:e7:24:53:b5:8a:5c:35:c4:
18:e8:5f:57:89:e9:ab:db:58:ea:7b:d0:3b:fd:93:
66:c5:e7:4e:c3:b6:ca:2a:60:67:2f:61:af:94:d4:
dc:5c:02:f8:6d:77:2c:45:51:a9:e9:25:60:02:59:
5e:ce:a0:aa:c8:58:03:32:30:b4:a1:52:01:3d:83:
ac:36:fc:ae:de:9a:3e:ae:3c:47:67:81:f7:f8:90:
3a:25:bf:09:06:a7:54:3b:d3:de:91:2a:5b:b2:11:
e8:12:17:5c:2e:d4:18:fa:37:1c:de:39:df:4e:74:
e6:85:97:ac:23:d7:cc:a7:37:4d:5e:b9:b9:0f:13:
4a:e6:fd:fb:ee:9c:6c:33:96:92:df:ee:4c:11:99:
50:4f:4a:65:5d:fd:9e:5d:e5:4d:da:0e:06:15:6f:
cf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F8:63:F3:2F:BB:E9:B7:86:09:1D:7E:96:8C:27:6E:A4:F5:35:EB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/V_hj8y-76beGCR1-lownbqT1Nes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.232.0/24
88.218.192.0/24
88.218.194.0/23
176.113.70.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e5:d4:0e:dc:eb:5f:22:27:f8:dc:a4:f0:80:89:42:7b:87:
9c:00:2a:82:e2:e6:12:68:5f:c8:0b:aa:29:15:89:98:18:91:
f6:2b:04:b5:8d:92:ab:7a:a7:dd:ba:68:d9:aa:52:51:83:75:
4a:dd:80:04:92:31:11:ec:e5:6a:8d:d9:99:36:10:9b:d8:be:
dd:f6:e2:06:b7:01:b6:85:3e:4d:22:44:af:f3:6f:b1:a2:98:
ec:02:7f:d0:2c:81:dd:7e:b4:f6:8d:9e:31:d2:31:89:39:46:
4d:75:a6:7d:d8:07:a1:92:e2:d3:68:ad:e5:e4:ef:2a:e7:3e:
fe:97:6e:b9:1a:6a:da:ab:6e:0a:03:40:ec:ae:dc:0f:d8:f7:
b0:ab:19:9d:96:ba:77:f5:e4:e8:76:c5:45:0a:d1:62:bf:8d:
f4:d9:64:9f:8a:07:ac:4e:97:0e:e0:fc:ed:4a:49:c2:f2:cb:
67:ba:9b:cb:61:54:1e:13:43:8a:8c:7b:c6:2c:ec:8a:21:49:
6a:c0:6b:24:a7:8e:7f:ed:f1:8d:4a:a3:53:b6:d5:e6:7d:d4:
54:60:78:dc:bd:2d:dc:ff:be:77:72:27:4d:11:48:65:16:bc:
02:a9:69:1a:38:0d:74:d1:83:06:45:29:25:1e:b7:a7:94:7e:
07:87:65:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfKQYtmQwehMCI0r/gqgOnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwNzAyMDgyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Y4NjNmMzJmYmJlOWI3ODYwOTFkN2U5NjhjMjc2ZWE0ZjUzNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgf3TGPTHCMjDZ5SnpZBwi4Pn5ee
bwQ6bv90Z6yZ7WziRqqjH5pABvS9/uKY63X73IevqCOhhyMe73G5tfNZNK5HRh7A
BkFwe5OeDtjADA1RAXTihkGjNeY2Xqhq63Gw5yRTtYpcNcQY6F9Xiemr21jqe9A7
/ZNmxedOw7bKKmBnL2GvlNTcXAL4bXcsRVGp6SVgAllezqCqyFgDMjC0oVIBPYOs
Nvyu3po+rjxHZ4H3+JA6Jb8JBqdUO9PekSpbshHoEhdcLtQY+jcc3jnfTnTmhZes
I9fMpzdNXrm5DxNK5v377pxsM5aS3+5MEZlQT0plXf2eXeVN2g4GFW/PgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFf4Y/Mvu+m3hgkdfpaMJ26k9TXrMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVl9oajh5LTc2YmVHQ1IxLWxvd25icVQxTmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVnoAwQA
WNrAAwQBWNrCAwQAsHFGMA0GCSqGSIb3DQEBCwUAA4IBAQBE5dQO3OtfIif43KTw
gIlCe4ecACqC4uYSaF/IC6opFYmYGJH2KwS1jZKreqfdumjZqlJRg3VK3YAEkjER
7OVqjdmZNhCb2L7d9uIGtwG2hT5NIkSv82+xopjsAn/QLIHdfrT2jZ4x0jGJOUZN
daZ92AehkuLTaK3l5O8q5z7+l265Gmraq24KA0DsrtwP2Pewqxmdlrp39eTodsVF
CtFiv4302WSfigesTpcO4PztSknC8stnupvLYVQeE0OKjHvGLOyKIUlqwGskp45/
7fGNSqNTttXmfdRUYHjcvS3c/753cidNEUhlFrwCqWkaOA100YMGRSklHrenlH4H
h2XF
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:56:19 2025 by rpki-client