Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m-ssKXAQcu0PBI4GgL4BjDi9U4o.roa
File: m-ssKXAQcu0PBI4GgL4BjDi9U4o.roa (raw, json)
Hash identifier: VKxr2wUmRs1EiSSAc0iCfGf4NgOT2kPXzhv6oEpmMKs=
Subject key identifier: 9B:EB:2C:29:70:10:72:ED:0F:04:8E:06:80:BE:01:8C:38:BD:53:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197C9D0F229CC4ED9D7D912B397F36527F3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m-ssKXAQcu0PBI4GgL4BjDi9U4o.roa
Signing time: Wed 02 Jul 2025 06:26:43 +0000
ROA not before: Wed 02 Jul 2025 06:26:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41782
IP address blocks: 194.59.28.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:d0:f2:29:cc:4e:d9:d7:d9:12:b3:97:f3:65:27:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 2 06:26:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9beb2c29701072ed0f048e0680be018c38bd538a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f8:3e:b0:b5:72:9d:03:28:60:39:71:c2:be:
a3:ce:2e:87:ce:62:09:bc:79:f2:10:ec:02:e5:85:
8a:b9:01:a8:74:c5:91:74:50:6d:d2:50:a4:44:cc:
d8:b9:e9:86:e6:10:a0:8d:f6:04:03:ff:92:39:f6:
83:b0:8c:70:b9:e0:5a:a7:91:b0:23:23:7a:69:a7:
6f:10:73:fc:d1:f7:85:58:1c:4a:b5:55:5e:43:95:
f9:b6:87:65:55:11:39:b1:2d:1d:0d:24:67:06:f9:
31:61:28:af:d0:e9:be:0d:95:d2:2c:44:e7:03:1d:
56:90:3f:42:3b:a8:e6:98:93:fc:10:34:de:e9:2c:
6e:74:9b:80:6b:81:56:ea:6d:c3:06:f8:7c:c5:5a:
c6:18:7b:2e:fc:eb:fc:b4:c8:8f:bc:20:e6:c4:db:
3c:4a:2b:41:27:52:dd:a2:61:1c:32:94:55:74:54:
9e:e7:d2:02:2e:5c:d9:86:02:34:d7:80:49:3c:cd:
ef:42:41:2f:cd:28:51:3a:7d:06:44:57:19:71:00:
c0:17:1b:25:06:3c:a2:5e:94:33:5d:3d:3f:16:52:
d8:af:c8:3c:70:9e:d9:00:b9:2c:bc:4c:1d:4d:e4:
52:16:51:6a:76:9e:22:aa:f9:db:dd:dc:39:84:7f:
2a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EB:2C:29:70:10:72:ED:0F:04:8E:06:80:BE:01:8C:38:BD:53:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m-ssKXAQcu0PBI4GgL4BjDi9U4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.28.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:fa:4c:56:6f:88:80:dc:a3:05:57:63:ca:d0:77:aa:e2:2d:
20:0d:e8:6c:61:35:0d:33:8c:1f:4f:0a:3e:bb:da:63:ab:8a:
0a:f2:d6:71:cf:b1:3f:57:47:ba:0f:e0:5a:bf:87:bf:a2:4f:
54:33:ad:0c:f4:58:80:cc:07:60:c9:11:66:72:92:ef:31:35:
1b:de:4a:ee:74:d7:35:03:a6:54:3d:fd:14:0c:08:4a:46:f8:
40:c1:97:db:83:a7:d1:89:b3:6d:69:1d:3b:93:07:3d:bf:1c:
e2:05:c3:f6:83:4b:96:99:7f:a9:91:29:eb:2f:2a:0d:80:40:
d8:9d:ed:e6:d2:8c:8a:4e:8e:c7:02:81:e2:5c:ce:07:77:9a:
78:b7:d1:b0:58:75:a7:6b:1c:8c:7d:d0:ef:72:67:74:39:84:
43:10:af:57:6a:df:6c:df:57:20:14:6f:0b:ed:89:af:bc:05:
1a:ae:76:df:7c:10:e4:3b:19:3c:87:d5:70:db:31:ad:b6:e8:
80:c3:f2:15:05:14:86:b7:60:ff:d2:94:32:4a:72:90:90:cb:
d8:49:d7:cc:08:e5:95:17:15:dd:61:86:ea:d7:eb:19:86:38:
0b:1e:c2:22:1c:94:e7:38:d2:26:b9:7d:f5:1d:53:6b:fd:7b:
c3:54:8d:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfJ0PIpzE7Z19kSs5fzZSfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzAyMDYyNjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmViMmMyOTcwMTA3MmVkMGYwNDhlMDY4MGJlMDE4YzM4YmQ1MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/g+sLVynQMoYDlxwr6jzi6HzmIJ
vHnyEOwC5YWKuQGodMWRdFBt0lCkRMzYuemG5hCgjfYEA/+SOfaDsIxwueBap5Gw
IyN6aadvEHP80feFWBxKtVVeQ5X5todlVRE5sS0dDSRnBvkxYSiv0Om+DZXSLETn
Ax1WkD9CO6jmmJP8EDTe6SxudJuAa4FW6m3DBvh8xVrGGHsu/Ov8tMiPvCDmxNs8
SitBJ1LdomEcMpRVdFSe59ICLlzZhgI014BJPM3vQkEvzShROn0GRFcZcQDAFxsl
BjyiXpQzXT0/FlLYr8g8cJ7ZALksvEwdTeRSFlFqdp4iqvnb3dw5hH8qkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJvrLClwEHLtDwSOBoC+AYw4vVOKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbS1zc0tYQVFjdTBQQkk0R2dMNEJqRGk5VTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjscMA0G
CSqGSIb3DQEBCwUAA4IBAQBv+kxWb4iA3KMFV2PK0Heq4i0gDehsYTUNM4wfTwo+
u9pjq4oK8tZxz7E/V0e6D+Bav4e/ok9UM60M9FiAzAdgyRFmcpLvMTUb3krudNc1
A6ZUPf0UDAhKRvhAwZfbg6fRibNtaR07kwc9vxziBcP2g0uWmX+pkSnrLyoNgEDY
ne3m0oyKTo7HAoHiXM4Hd5p4t9GwWHWnaxyMfdDvcmd0OYRDEK9Xat9s31cgFG8L
7YmvvAUarnbffBDkOxk8h9Vw2zGttuiAw/IVBRSGt2D/0pQySnKQkMvYSdfMCOWV
FxXdYYbq1+sZhjgLHsIiHJTnONImuX31HVNr/XvDVI0j
-----END CERTIFICATE-----
Generated at Sun Jul 6 00:07:01 2025 by rpki-client