Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cEDMaPiMki_EMNcIwfncBr1pRXE.roa
File: cEDMaPiMki_EMNcIwfncBr1pRXE.roa (raw, json)
Hash identifier: T2qmCc9eP/0vM8OKU+IgGruaclI52vRlHFxUw3bxaT4=
Subject key identifier: 70:40:CC:68:F8:8C:92:2F:C4:30:D7:08:C1:F9:DC:06:BD:69:45:71
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0197C5480C4FA3DDB3BF78B9AC1F820F112C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cEDMaPiMki_EMNcIwfncBr1pRXE.roa
Signing time: Tue 01 Jul 2025 09:18:42 +0000
ROA not before: Tue 01 Jul 2025 09:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56619
IP address blocks: 79.98.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:48:0c:4f:a3:dd:b3:bf:78:b9:ac:1f:82:0f:11:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jul 1 09:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7040cc68f88c922fc430d708c1f9dc06bd694571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:10:dd:cb:4b:cc:6b:b9:71:b3:da:a2:fc:
a1:ea:0b:a1:db:4c:1d:f3:ff:16:c2:3b:b9:cf:79:
af:ff:a9:2f:ad:bf:3c:96:ce:c7:04:32:d9:43:52:
3c:6e:b9:53:d0:66:af:44:c4:33:72:6b:12:e1:64:
90:7d:bd:19:cc:e6:e9:c8:98:76:39:79:e5:23:e9:
56:1c:51:63:ef:a9:3d:51:0e:a9:01:c6:3a:47:e4:
71:32:70:a6:20:58:91:86:79:e6:f8:37:1f:03:94:
9b:ea:cc:26:89:96:6b:62:f8:28:71:27:d7:07:73:
a4:18:91:46:01:c7:c5:d7:62:ef:da:9f:55:52:4b:
ee:3e:ed:67:d3:a9:65:de:fc:15:51:f1:05:98:86:
d6:6d:b0:4c:fa:f4:a5:6d:d6:9f:84:46:12:1a:84:
34:79:54:13:81:e6:6d:4a:55:d7:e1:45:fd:e2:6b:
55:ce:0b:3b:94:6a:df:d1:ad:46:dc:50:46:01:7e:
7e:72:51:28:5b:a4:1d:e4:b2:c3:9b:8e:34:3a:d1:
d2:a2:1e:e8:bb:98:af:12:79:8d:e5:0d:dd:86:ce:
ad:31:1b:f8:a9:25:f6:15:ff:37:63:0d:d0:54:52:
2d:eb:c3:d7:85:81:3d:44:6b:65:19:19:c7:2d:4a:
6e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:40:CC:68:F8:8C:92:2F:C4:30:D7:08:C1:F9:DC:06:BD:69:45:71
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cEDMaPiMki_EMNcIwfncBr1pRXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.249.0/24
Signature Algorithm: sha256WithRSAEncryption
21:71:5d:f9:bd:fd:4c:f9:46:02:35:59:8a:5d:b9:10:b6:8f:
65:01:d4:5b:bd:f4:86:e8:9a:10:9a:4f:43:d8:32:d9:02:a2:
27:2c:22:05:d3:f8:4a:12:cd:d7:09:df:55:ec:28:ca:38:b9:
72:e9:6c:d3:88:d1:d6:93:97:2a:87:fa:6f:e6:d6:83:7a:bc:
25:70:07:32:4f:64:82:8b:3a:a5:94:20:90:e0:65:e3:57:e0:
02:7a:16:2c:f8:1a:51:5b:40:45:f1:1e:b6:60:ae:22:14:dd:
45:8f:22:ac:b4:ad:2b:ad:d5:d8:f4:f2:e1:fb:eb:0a:34:7c:
98:f8:1a:44:a8:e2:ed:fc:9d:66:2f:20:92:99:ec:24:1c:a6:
6d:3d:56:d9:2b:3a:23:7f:4e:14:0b:ab:0f:d9:d3:44:b4:1e:
d4:bc:41:ed:de:86:cb:81:7d:6e:55:5a:c9:c3:c4:bb:fe:b9:
15:99:a9:ae:72:04:70:01:42:bd:f2:64:41:31:d8:82:3c:6c:
0d:17:5f:13:04:03:d9:61:5b:4d:45:34:c4:fb:91:49:a4:9b:
d8:86:ed:f3:e7:7d:87:47:47:6b:33:e8:01:5f:80:16:3e:88:
ce:a4:f2:39:9a:a7:a8:ab:66:6c:50:1b:af:80:b9:95:c5:37:
7b:b3:88:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfFSAxPo92zv3i5rB+CDxEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNzAxMDkxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQwY2M2OGY4OGM5MjJmYzQzMGQ3MDhjMWY5ZGMwNmJkNjk0NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHUQ3ctLzGu5cbPaovyh6guh20wd
8/8Wwju5z3mv/6kvrb88ls7HBDLZQ1I8brlT0GavRMQzcmsS4WSQfb0ZzObpyJh2
OXnlI+lWHFFj76k9UQ6pAcY6R+RxMnCmIFiRhnnm+DcfA5Sb6swmiZZrYvgocSfX
B3OkGJFGAcfF12Lv2p9VUkvuPu1n06ll3vwVUfEFmIbWbbBM+vSlbdafhEYSGoQ0
eVQTgeZtSlXX4UX94mtVzgs7lGrf0a1G3FBGAX5+clEoW6Qd5LLDm440OtHSoh7o
u5ivEnmN5Q3dhs6tMRv4qSX2Ff83Yw3QVFIt68PXhYE9RGtlGRnHLUpuWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBAzGj4jJIvxDDXCMH53Aa9aUVxMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvY0VETWFQaU1raV9FTU5jSXdmbmNCcjFwUlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT2L5MA0G
CSqGSIb3DQEBCwUAA4IBAQAhcV35vf1M+UYCNVmKXbkQto9lAdRbvfSG6JoQmk9D
2DLZAqInLCIF0/hKEs3XCd9V7CjKOLly6WzTiNHWk5cqh/pv5taDerwlcAcyT2SC
izqllCCQ4GXjV+ACehYs+BpRW0BF8R62YK4iFN1FjyKstK0rrdXY9PLh++sKNHyY
+BpEqOLt/J1mLyCSmewkHKZtPVbZKzojf04UC6sP2dNEtB7UvEHt3obLgX1uVVrJ
w8S7/rkVmamucgRwAUK98mRBMdiCPGwNF18TBAPZYVtNRTTE+5FJpJvYhu3z532H
R0drM+gBX4AWPojOpPI5mqeoq2ZsUBuvgLmVxTd7s4he
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:09:25 2025 by rpki-client