Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7fUfkwixUM5b-MO-Mmkv7AHGuMI.roa
File: 7fUfkwixUM5b-MO-Mmkv7AHGuMI.roa (raw, json)
Hash identifier: RvMLzv5sqUVAjyJnXZkyUtv6EpeId3rWf7h9XtSBRTU=
Subject key identifier: ED:F5:1F:93:08:B1:50:CE:5B:F8:C3:BE:32:69:2F:EC:01:C6:B8:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0198A76A29AF5316B8309B21598B16F9F718
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7fUfkwixUM5b-MO-Mmkv7AHGuMI.roa
Signing time: Thu 14 Aug 2025 07:10:09 +0000
ROA not before: Thu 14 Aug 2025 07:10:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 87.121.70.0/23 maxlen: 24
94.156.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 23:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:6a:29:af:53:16:b8:30:9b:21:59:8b:16:f9:f7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 14 07:10:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edf51f9308b150ce5bf8c3be32692fec01c6b8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:10:b8:08:d1:32:a4:ae:11:b9:51:5a:a9:
47:fa:77:cd:7f:57:ef:4c:55:40:5c:a0:e9:40:43:
e2:a0:42:91:e8:fd:ac:cc:e1:7e:e6:0e:da:30:5b:
80:05:27:cd:0e:45:14:f8:69:be:0d:c5:f7:93:88:
83:ed:a5:ac:51:fc:9a:ee:aa:fd:eb:be:05:05:9a:
16:b6:e1:42:b9:48:c7:ad:66:4f:b9:78:ce:de:f8:
b1:bd:cc:84:84:91:98:18:3e:38:ed:b2:a7:2f:bd:
ae:ab:0e:0c:38:80:15:bf:e3:b8:11:c9:17:e7:43:
af:6a:5e:a4:84:07:db:2f:7a:c0:c8:7e:56:a8:94:
d8:4e:fe:2b:65:da:cc:63:52:84:46:91:89:12:b4:
22:ff:d3:52:17:a2:67:f3:1e:10:f4:33:d8:84:78:
e8:37:08:10:f9:fb:e5:9d:a8:88:cf:46:09:2d:68:
c9:d6:e9:c1:cd:ba:15:d1:9c:b6:69:82:46:1f:8f:
b8:ff:b0:9a:34:f8:4e:c7:75:2c:09:fc:24:e4:76:
44:93:a8:26:57:0e:66:f6:8c:f3:13:3c:c4:f6:84:
9c:33:9c:10:0f:23:3d:a9:25:fd:f5:0a:a8:b3:60:
70:b7:39:95:25:87:bf:cd:6e:c0:1e:2c:cf:ca:c3:
51:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F5:1F:93:08:B1:50:CE:5B:F8:C3:BE:32:69:2F:EC:01:C6:B8:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7fUfkwixUM5b-MO-Mmkv7AHGuMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.70.0/23
94.156.162.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:38:b3:91:d1:e8:cb:65:d8:10:1d:df:88:fa:ad:35:a1:a0:
14:60:8e:47:26:9c:41:44:c2:cf:cc:8a:3c:51:64:9a:4e:36:
c5:77:a5:2f:ea:dc:38:3a:89:ac:7e:2a:b6:7a:06:c9:f3:f0:
b5:63:bb:24:92:e7:35:6b:17:f5:12:fc:1f:dd:2b:df:82:41:
18:74:3d:7d:79:f9:0c:5f:8b:9c:22:6c:1b:d4:e1:36:cc:5b:
96:d5:4b:53:bf:3f:fc:a6:47:16:5b:d4:12:9b:d6:5e:58:23:
2a:b4:15:2d:01:4d:93:28:ba:e0:20:14:26:70:79:e9:01:3e:
66:7d:c8:41:8c:f3:3f:1a:96:ed:55:f7:c4:a4:c5:40:a4:5f:
9a:1e:54:91:b5:4b:4b:c5:48:2b:40:64:18:1c:5a:e5:ee:e8:
01:96:ce:92:8b:ac:f1:d3:f5:d4:85:22:44:13:46:3e:bb:3f:
a5:bb:9d:24:27:a3:57:a4:93:21:fe:a2:87:0d:68:39:2f:cc:
f7:1e:3d:55:f1:8b:e8:4e:7e:db:43:7b:4c:4c:d8:86:8b:fc:
5a:99:c9:80:d8:1b:88:05:d1:5a:c3:1b:e3:bb:a5:42:9e:ab:
ca:86:b3:5a:1c:9c:57:d6:27:e7:3f:f0:45:1c:fd:a9:a2:06:
0b:00:9c:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZinaimvUxa4MJshWYsW+fcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwODE0MDcxMDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY1MWY5MzA4YjE1MGNlNWJmOGMzYmUzMjY5MmZlYzAxYzZiOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluYQuAjRMqSuEblRWqlH+nfNf1fv
TFVAXKDpQEPioEKR6P2szOF+5g7aMFuABSfNDkUU+Gm+DcX3k4iD7aWsUfya7qr9
674FBZoWtuFCuUjHrWZPuXjO3vixvcyEhJGYGD447bKnL72uqw4MOIAVv+O4EckX
50Oval6khAfbL3rAyH5WqJTYTv4rZdrMY1KERpGJErQi/9NSF6Jn8x4Q9DPYhHjo
NwgQ+fvlnaiIz0YJLWjJ1unBzboV0Zy2aYJGH4+4/7CaNPhOx3UsCfwk5HZEk6gm
Vw5m9ozzEzzE9oScM5wQDyM9qSX99Qqos2BwtzmVJYe/zW7AHizPysNRNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO31H5MIsVDOW/jDvjJpL+wBxrjCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN2ZVZmt3aXhVTTViLU1PLU1ta3Y3QUhHdU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3lGAwQB
XpyiMA0GCSqGSIb3DQEBCwUAA4IBAQAKOLOR0ejLZdgQHd+I+q01oaAUYI5HJpxB
RMLPzIo8UWSaTjbFd6Uv6tw4Oomsfiq2egbJ8/C1Y7skkuc1axf1Evwf3SvfgkEY
dD19efkMX4ucImwb1OE2zFuW1UtTvz/8pkcWW9QSm9ZeWCMqtBUtAU2TKLrgIBQm
cHnpAT5mfchBjPM/GpbtVffEpMVApF+aHlSRtUtLxUgrQGQYHFrl7ugBls6Si6zx
0/XUhSJEE0Y+uz+lu50kJ6NXpJMh/qKHDWg5L8z3Hj1V8YvoTn7bQ3tMTNiGi/xa
mcmA2BuIBdFawxvju6VCnqvKhrNaHJxX1ifnP/BFHP2pogYLAJxB
-----END CERTIFICATE-----
Generated at Wed Aug 20 08:47:10 2025 by rpki-client