Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/_7NTRFv5HUTgjZZ4BQRMdPtK9D4.roa
File: _7NTRFv5HUTgjZZ4BQRMdPtK9D4.roa (raw, json)
Hash identifier: priYwEjkXzW9k8/sH0iyLy60fUGN9clR7ahY5eX/WTQ=
Subject key identifier: FF:B3:53:44:5B:F9:1D:44:E0:8D:96:78:05:04:4C:74:FB:4A:F4:3E
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01984CD59F53F89F8280E4E61325C95830EB
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/_7NTRFv5HUTgjZZ4BQRMdPtK9D4.roa
Signing time: Sun 27 Jul 2025 17:02:05 +0000
ROA not before: Sun 27 Jul 2025 17:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 107.161.168.0/24 maxlen: 24
155.254.35.0/24 maxlen: 24
162.217.249.0/24 maxlen: 24
198.105.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4c:d5:9f:53:f8:9f:82:80:e4:e6:13:25:c9:58:30:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 27 17:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffb353445bf91d44e08d967805044c74fb4af43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a6:0d:23:95:75:d4:19:18:b5:a0:9b:4b:f4:
6a:ab:0d:63:3e:0f:66:a7:d8:4e:d0:f3:fe:37:e2:
6e:a1:8e:94:6d:ed:e5:75:b5:98:e8:0c:97:89:c8:
9a:e1:b9:51:3c:8d:7f:82:6f:37:94:18:e7:6a:e5:
90:34:d7:ed:d7:6c:51:2c:cb:3f:70:21:d4:a6:85:
ae:cc:da:e7:58:03:e2:2c:bc:09:9a:60:3c:10:33:
f9:71:d8:67:6f:33:83:f8:0f:bc:ac:7d:23:3a:ea:
d5:c8:4a:44:1a:d6:88:89:bd:b3:e0:78:3e:7f:fb:
40:05:e1:87:3b:ef:a1:19:dc:d5:86:b4:d4:8c:7c:
31:75:14:de:91:68:b0:7f:4d:4e:da:f9:dd:71:27:
88:2b:a7:da:e7:7c:ef:81:62:36:ef:74:4f:5d:e1:
99:24:96:2d:7a:8e:7e:d0:29:cb:81:6c:e4:c7:5c:
2a:b7:a3:5d:fc:d5:a0:1c:60:54:ce:fd:86:bf:69:
b3:d1:78:07:36:67:18:75:5a:b4:e8:fa:66:b1:29:
40:26:2f:56:0c:ff:37:a2:08:15:4b:dc:1a:ac:ff:
0c:c7:f5:c3:a5:7e:9e:82:1b:84:f9:a6:3f:3a:92:
a9:e3:6b:a7:f0:be:dc:50:04:66:eb:86:c5:d8:ba:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B3:53:44:5B:F9:1D:44:E0:8D:96:78:05:04:4C:74:FB:4A:F4:3E
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/_7NTRFv5HUTgjZZ4BQRMdPtK9D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.168.0/24
155.254.35.0/24
162.217.249.0/24
198.105.123.0/24
Signature Algorithm: sha256WithRSAEncryption
74:70:de:82:6e:4c:0b:31:42:e1:79:e2:04:fc:9f:4d:bc:14:
0c:89:2d:c1:4f:76:e6:c2:47:6f:36:f5:7b:91:4f:17:8b:71:
28:4f:a1:80:c8:90:ee:7c:e2:4a:f4:5a:4c:d5:db:8a:a4:33:
d5:0c:86:e0:e3:85:82:bd:32:13:35:c0:ff:a1:73:ea:0c:26:
b9:00:49:84:98:df:d5:19:ce:f8:ac:d5:3f:ce:33:17:c0:08:
c5:b4:39:79:f7:65:b9:15:61:8b:c8:12:f5:d8:03:ec:5a:ce:
f5:4d:b2:00:27:8d:d7:b8:74:be:a8:3d:1c:cb:5f:c9:6f:4a:
bf:82:31:62:6b:6e:02:04:e3:54:ae:3a:36:c0:6b:82:0e:d1:
54:ef:02:93:f4:cd:11:cd:0e:5a:b8:15:ba:ad:dd:cf:c9:5b:
8d:88:f2:1d:ac:1c:b6:3e:27:af:ef:b3:3d:da:2f:cf:91:b2:
4f:21:1c:09:4b:c1:0a:37:12:a8:14:47:1b:65:89:51:03:eb:
44:5e:52:cb:f1:47:ca:30:60:9b:fc:a8:c3:13:c7:80:d6:67:
6e:8b:34:c1:02:94:6a:55:0a:12:3c:82:68:ca:89:47:35:48:
cc:e0:81:d0:5e:db:24:49:0d:3b:78:9e:9f:6e:04:a8:02:99:
99:9b:de:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhM1Z9T+J+CgOTmEyXJWDDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwNzI3MTcwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmIzNTM0NDViZjkxZDQ0ZTA4ZDk2NzgwNTA0NGM3NGZiNGFmNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aYNI5V11BkYtaCbS/Rqqw1jPg9m
p9hO0PP+N+JuoY6Ube3ldbWY6AyXicia4blRPI1/gm83lBjnauWQNNft12xRLMs/
cCHUpoWuzNrnWAPiLLwJmmA8EDP5cdhnbzOD+A+8rH0jOurVyEpEGtaIib2z4Hg+
f/tABeGHO++hGdzVhrTUjHwxdRTekWiwf01O2vndcSeIK6fa53zvgWI273RPXeGZ
JJYteo5+0CnLgWzkx1wqt6Nd/NWgHGBUzv2Gv2mz0XgHNmcYdVq06PpmsSlAJi9W
DP83oggVS9warP8Mx/XDpX6eghuE+aY/OpKp42un8L7cUARm64bF2Lqy0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP+zU0Rb+R1E4I2WeAUETHT7SvQ+MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvXzdOVFJGdjVIVVRnalpaNEJRUk1kUHRLOUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAa6GoAwQA
m/4jAwQAotn5AwQAxml7MA0GCSqGSIb3DQEBCwUAA4IBAQB0cN6CbkwLMULheeIE
/J9NvBQMiS3BT3bmwkdvNvV7kU8Xi3EoT6GAyJDufOJK9FpM1duKpDPVDIbg44WC
vTITNcD/oXPqDCa5AEmEmN/VGc74rNU/zjMXwAjFtDl592W5FWGLyBL12APsWs71
TbIAJ43XuHS+qD0cy1/Jb0q/gjFia24CBONUrjo2wGuCDtFU7wKT9M0RzQ5auBW6
rd3PyVuNiPIdrBy2Piev77M92i/PkbJPIRwJS8EKNxKoFEcbZYlRA+tEXlLL8UfK
MGCb/KjDE8eA1mduizTBApRqVQoSPIJoyolHNUjM4IHQXtskSQ07eJ6fbgSoApmZ
m94Z
-----END CERTIFICATE-----
Generated at Tue Jul 29 23:19:26 2025 by rpki-client