Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/t7DPKEolx6fEAiIIgNcKmVwaTcs.roa
File: t7DPKEolx6fEAiIIgNcKmVwaTcs.roa (raw, json)
Hash identifier: kO/ly0SuOdQ1rzJzfbzhXI+n7PU9WWx2+0d7IyAAZD8=
Subject key identifier: B7:B0:CF:28:4A:25:C7:A7:C4:02:22:08:80:D7:0A:99:5C:1A:4D:CB
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019906D797386B45423B4FDE9E4F95F07E1B
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/t7DPKEolx6fEAiIIgNcKmVwaTcs.roa
Signing time: Mon 01 Sep 2025 19:53:36 +0000
ROA not before: Mon 01 Sep 2025 19:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 5.39.249.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.144.176.0/24 maxlen: 24
5.144.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:d7:97:38:6b:45:42:3b:4f:de:9e:4f:95:f0:7e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Sep 1 19:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7b0cf284a25c7a7c402220880d70a995c1a4dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:79:68:ec:63:e5:18:4f:63:08:9c:f8:8e:
6d:40:98:3d:f1:19:2b:95:d3:cb:e6:16:ba:9c:c9:
18:9f:08:e2:89:65:9d:cf:0b:f6:d9:95:a5:7c:73:
86:28:c3:92:0a:75:81:a1:23:06:32:f2:cb:1d:50:
e9:e3:4e:45:0e:8d:6d:11:b5:72:eb:f2:7e:14:17:
cb:94:3e:bc:bb:8e:8e:d4:39:84:c3:e8:d7:7d:2e:
d5:fa:1f:45:03:9a:ce:67:e6:0d:f8:d9:61:9a:d6:
05:01:81:3d:af:ea:69:fc:3d:4d:b7:9b:3a:c5:d8:
f4:ab:f7:67:a1:4c:5b:70:24:3a:85:0f:40:00:2a:
f0:b0:1f:27:43:4e:3e:07:16:08:63:7f:40:09:a3:
43:57:24:f5:f4:9c:c4:75:1f:ce:3d:83:c7:f8:26:
cc:cb:96:25:b8:fd:bf:48:80:64:dd:6b:b4:27:87:
ad:50:b1:31:d2:87:33:cf:8c:c9:9e:2f:1c:49:88:
82:d8:37:72:b5:29:a9:3e:07:5b:7b:c7:fa:6d:b1:
28:65:7e:25:5d:7c:75:8b:94:85:8e:71:62:93:5d:
0f:0d:93:fd:d2:4b:d8:cb:78:a6:c5:5c:25:5a:01:
c9:f5:bc:4d:2f:c0:69:0d:82:88:c6:12:1e:c8:43:
b3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B0:CF:28:4A:25:C7:A7:C4:02:22:08:80:D7:0A:99:5C:1A:4D:CB
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/t7DPKEolx6fEAiIIgNcKmVwaTcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.249.0-5.39.250.255
5.144.176.0/24
5.144.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6a:68:fe:57:bd:71:da:d2:91:db:c5:a0:93:55:4c:68:83:
ed:f8:33:db:38:14:a1:f5:52:c7:41:fc:85:28:7a:5f:5a:05:
7d:c2:e1:db:8d:3f:10:54:5b:cb:77:2e:38:af:e8:0f:e0:98:
31:dd:bf:5c:02:5a:60:50:01:02:85:7f:39:5f:14:76:3f:71:
ee:0d:d1:f5:c7:21:d2:cb:4f:fb:23:fd:c8:f2:a7:6b:e7:3c:
aa:c0:ec:b6:35:9b:2a:11:f3:2c:37:56:66:bd:a2:af:f9:80:
4b:a2:65:e7:be:fb:fb:17:e8:54:54:0f:8d:f7:29:c1:47:91:
fc:77:09:5c:6c:a4:56:e0:b6:e6:79:12:2b:5c:70:20:93:8f:
b7:f3:d7:e4:2c:46:83:3b:81:bc:8f:d7:43:1d:ed:7d:ed:c8:
bc:ee:bd:d8:73:93:e0:97:38:79:14:78:73:e7:88:d0:72:a0:
e4:58:bc:f8:da:1a:e4:9e:24:73:8b:28:6c:8c:a7:e9:a4:bb:
61:4d:ae:f1:4b:e8:54:a1:0d:b1:c8:63:fc:a4:b0:59:9d:36:
bb:87:2a:73:4a:fa:af:dc:d2:78:50:eb:fc:78:c4:f8:a3:c2:
00:df:d1:bc:93:2b:a9:38:f5:80:bd:53:eb:5d:87:54:d9:77:
b7:2d:3c:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZkG15c4a0VCO0/enk+V8H4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwOTAxMTk1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IwY2YyODRhMjVjN2E3YzQwMjIyMDg4MGQ3MGE5OTVjMWE0ZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvx5aOxj5RhPYwic+I5tQJg98Rkr
ldPL5ha6nMkYnwjiiWWdzwv22ZWlfHOGKMOSCnWBoSMGMvLLHVDp405FDo1tEbVy
6/J+FBfLlD68u46O1DmEw+jXfS7V+h9FA5rOZ+YN+NlhmtYFAYE9r+pp/D1Nt5s6
xdj0q/dnoUxbcCQ6hQ9AACrwsB8nQ04+BxYIY39ACaNDVyT19JzEdR/OPYPH+CbM
y5YluP2/SIBk3Wu0J4etULEx0oczz4zJni8cSYiC2DdytSmpPgdbe8f6bbEoZX4l
XXx1i5SFjnFik10PDZP90kvYy3imxVwlWgHJ9bxNL8BpDYKIxhIeyEOzRQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLewzyhKJcenxAIiCIDXCplcGk3LMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvdDdEUEtFb2x4NmZFQWlJSWdOY0ttVndhVGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFJ/kD
BAAFJ/oDBAAFkLADBAAFkLUwDQYJKoZIhvcNAQELBQADggEBAD1qaP5XvXHa0pHb
xaCTVUxog+34M9s4FKH1UsdB/IUoel9aBX3C4duNPxBUW8t3Ljiv6A/gmDHdv1wC
WmBQAQKFfzlfFHY/ce4N0fXHIdLLT/sj/cjyp2vnPKrA7LY1myoR8yw3Vma9oq/5
gEuiZee++/sX6FRUD433KcFHkfx3CVxspFbgtuZ5EitccCCTj7fz1+QsRoM7gbyP
10Md7X3tyLzuvdhzk+CXOHkUeHPniNByoORYvPjaGuSeJHOLKGyMp+mku2FNrvFL
6FShDbHIY/yksFmdNruHKnNK+q/c0nhQ6/x4xPijwgDf0byTK6k49YC9U+tdh1TZ
d7ctPII=
-----END CERTIFICATE-----
Generated at Sat Sep 6 12:32:19 2025 by rpki-client