Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/udLjQFDd9GrhrxwoxkbPJX3fBtU.roa
File: udLjQFDd9GrhrxwoxkbPJX3fBtU.roa (raw, json)
Hash identifier: 79a+ON6zCk0gJVeGJku3aPrCD80HhkzSEq7ZipqcJxk=
Subject key identifier: B9:D2:E3:40:50:DD:F4:6A:E1:AF:1C:28:C6:46:CF:25:7D:DF:06:D5
Certificate issuer: /CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Certificate serial: 01970647BF9D6A462131324D9D72FF37659C
Authority key identifier: A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/udLjQFDd9GrhrxwoxkbPJX3fBtU.roa
Signing time: Sun 25 May 2025 07:10:54 +0000
ROA not before: Sun 25 May 2025 07:10:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12628
IP address blocks: 192.100.143.0/24 maxlen: 24
194.153.117.0/24 maxlen: 24
2001:67c:2738::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/pPEx4-FQWNk__dtgrHCDvvidLoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/pPEx4-FQWNk__dtgrHCDvvidLoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:47:bf:9d:6a:46:21:31:32:4d:9d:72:ff:37:65:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f131e3e15058d93ffddb60ac7083bef89d2e86
Validity
Not Before: May 25 07:10:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d2e34050ddf46ae1af1c28c646cf257ddf06d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:d3:a7:c3:c2:8c:fa:dc:2e:19:17:d2:55:
53:1e:36:2c:c6:fe:40:9b:39:b8:c4:bc:57:70:18:
08:42:f0:00:52:ef:82:7d:ef:d9:41:84:80:96:7c:
90:36:8c:15:f1:89:09:75:00:71:bf:e2:71:88:6d:
b8:fe:8c:ab:46:94:f2:eb:7c:b2:78:ac:c0:2a:77:
fc:f9:d6:a5:98:dc:02:fe:cd:ae:29:be:2c:93:a0:
47:32:af:9f:4a:4f:99:56:6d:48:b3:7c:2f:50:a8:
e3:3f:33:b1:b1:90:e8:e2:ea:c3:9a:29:68:ff:fc:
39:99:04:ed:21:d4:9c:af:1d:a7:fe:c9:28:8c:20:
ce:c7:3d:5a:d6:da:08:f6:ea:c9:0c:54:a9:68:35:
92:69:b1:78:9e:0d:ec:3d:d8:c7:46:0a:4a:6c:2f:
27:27:95:62:36:9e:95:fb:a7:67:f1:c4:7d:db:08:
06:4e:7f:8d:32:d9:7a:74:36:2e:db:d1:45:24:f4:
49:d6:c0:e5:bf:16:d1:56:fd:40:e9:5b:2e:9a:09:
e4:d9:da:0b:13:52:d2:be:59:20:0a:ea:9e:b0:09:
41:9a:6c:aa:f0:79:20:e1:99:b7:37:a5:6e:de:9d:
eb:95:15:9e:a0:ba:6f:91:37:1d:4f:51:e1:92:dd:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D2:E3:40:50:DD:F4:6A:E1:AF:1C:28:C6:46:CF:25:7D:DF:06:D5
X509v3 Authority Key Identifier:
keyid:A4:F1:31:E3:E1:50:58:D9:3F:FD:DB:60:AC:70:83:BE:F8:9D:2E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPEx4-FQWNk__dtgrHCDvvidLoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/udLjQFDd9GrhrxwoxkbPJX3fBtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/842e7f-0350-4b02-a994-f71a49eba48a/1/pPEx4-FQWNk__dtgrHCDvvidLoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.100.143.0/24
194.153.117.0/24
IPv6:
2001:67c:2738::/48
Signature Algorithm: sha256WithRSAEncryption
3c:05:39:bd:0b:4a:28:6f:60:02:b9:7e:49:53:52:3f:d3:f6:
35:27:fc:58:d2:72:49:36:5d:52:28:46:47:d5:5f:68:33:ec:
de:87:68:b6:21:9a:d4:93:ed:86:bf:5a:76:ad:4e:ac:44:e5:
c7:41:5e:bf:93:bb:97:92:32:b8:c8:56:6f:e7:94:fb:dd:e7:
d1:b2:2e:f7:d5:52:a8:5b:32:77:c4:6e:d4:9c:b3:c9:61:4e:
bd:15:3c:b7:0c:a1:3a:87:d3:23:0e:11:25:a8:b8:67:a4:a4:
bd:4f:c2:7f:29:4c:3d:cf:10:b6:78:4b:f5:2e:93:87:b9:91:
8c:69:20:ea:50:ca:70:0d:c7:1d:9a:29:7b:5e:b0:ec:84:fe:
f4:a4:7f:0e:46:80:2c:50:78:1d:43:fc:75:71:6b:15:a0:82:
b2:81:38:d4:21:93:f8:2c:08:f5:6b:0e:2c:33:29:db:e3:f2:
39:09:91:50:a3:7b:c5:04:7b:52:55:da:38:45:de:73:2b:36:
93:22:9d:dd:a4:b2:57:db:b1:e5:69:ef:5b:2c:29:28:b9:88:
a8:96:e8:87:88:0e:38:88:5a:92:b0:c8:e3:df:0b:a3:bb:36:
db:bc:c4:00:b8:2a:f4:f5:35:43:0b:17:0e:15:07:c4:5d:a0:
54:c4:c4:74
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZcGR7+dakYhMTJNnXL/N2WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjEzMWUzZTE1MDU4ZDkzZmZkZGI2MGFjNzA4M2JlZjg5
ZDJlODYwHhcNMjUwNTI1MDcxMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQyZTM0MDUwZGRmNDZhZTFhZjFjMjhjNjQ2Y2YyNTdkZGYwNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN3Tp8PCjPrcLhkX0lVTHjYsxv5A
mzm4xLxXcBgIQvAAUu+Cfe/ZQYSAlnyQNowV8YkJdQBxv+JxiG24/oyrRpTy63yy
eKzAKnf8+dalmNwC/s2uKb4sk6BHMq+fSk+ZVm1Is3wvUKjjPzOxsZDo4urDmilo
//w5mQTtIdScrx2n/skojCDOxz1a1toI9urJDFSpaDWSabF4ng3sPdjHRgpKbC8n
J5ViNp6V+6dn8cR92wgGTn+NMtl6dDYu29FFJPRJ1sDlvxbRVv1A6Vsumgnk2doL
E1LSvlkgCuqesAlBmmyq8Hkg4Zm3N6Vu3p3rlRWeoLpvkTcdT1Hhkt0vAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLnS40BQ3fRq4a8cKMZGzyV93wbVMB8GA1UdIwQY
MBaAFKTxMePhUFjZP/3bYKxwg774nS6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQt
ZjcxYTQ5ZWJhNDhhLzEvdWRMalFGRGQ5R3Jocnh3b3hrYlBKWDNmQnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84NDJlN2YtMDM1MC00YjAyLWE5OTQtZjcxYTQ5ZWJhNDhh
LzEvcFBFeDQtRlFXTmtfX2R0Z3JIQ0R2dmlkTG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwGSPAwQA
wpl1MA8EAgACMAkDBwAgAQZ8JzgwDQYJKoZIhvcNAQELBQADggEBADwFOb0LSihv
YAK5fklTUj/T9jUn/FjSckk2XVIoRkfVX2gz7N6HaLYhmtST7Ya/WnatTqxE5cdB
Xr+Tu5eSMrjIVm/nlPvd59GyLvfVUqhbMnfEbtScs8lhTr0VPLcMoTqH0yMOESWo
uGekpL1Pwn8pTD3PELZ4S/Uuk4e5kYxpIOpQynANxx2aKXtesOyE/vSkfw5GgCxQ
eB1D/HVxaxWggrKBONQhk/gsCPVrDiwzKdvj8jkJkVCje8UEe1JV2jhF3nMrNpMi
nd2kslfbseVp71ssKSi5iKiW6IeIDjiIWpKwyOPfC6O7Ntu8xAC4KvT1NUMLFw4V
B8RdoFTExHQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:54:11 2025 by rpki-client