Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-70epdjb5eKryRVWiHKXxuHtD7Y.roa
File: 1-70epdjb5eKryRVWiHKXxuHtD7Y.roa (raw, json)
Hash identifier: 7z/3TV6YwLvBxxFUMQZOE+1sP9h22oXRrzIN8+oHf1o=
Subject key identifier: FB:BD:1E:A5:D8:DB:E5:E2:AB:C9:15:56:88:72:97:C6:E1:ED:0F:B6
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019905B7358FF73BACB18B7B26DF8A379A22
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-70epdjb5eKryRVWiHKXxuHtD7Y.roa
Signing time: Mon 01 Sep 2025 14:38:36 +0000
ROA not before: Mon 01 Sep 2025 14:38:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26141
IP address blocks: 87.229.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:b7:35:8f:f7:3b:ac:b1:8b:7b:26:df:8a:37:9a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Sep 1 14:38:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbbd1ea5d8dbe5e2abc91556887297c6e1ed0fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d1:5c:9e:9a:79:69:8e:22:c9:56:28:d3:9f:
11:a8:e4:5a:48:59:23:2d:7d:7d:f4:f0:22:93:f9:
7e:e1:79:01:c2:da:a9:a0:bc:f7:23:06:d9:37:0c:
eb:43:64:c1:73:6f:81:2f:44:0c:a1:1a:57:c2:8c:
a6:d8:33:97:ba:e0:7d:9e:4a:ec:0a:38:de:7f:b4:
0b:18:9e:38:4b:e6:f2:38:bb:8e:d7:25:06:ec:44:
04:02:27:ca:a8:6d:b2:bf:fc:09:cd:02:08:11:95:
ef:74:7b:28:e5:fe:31:36:cc:22:92:fc:89:4f:99:
68:65:4d:02:29:cb:59:35:db:80:81:a1:68:ad:f8:
ce:a7:ad:fc:90:de:c2:06:bb:4e:a1:43:75:2f:fc:
78:65:1f:99:89:df:ef:d5:39:fe:43:05:1f:35:0f:
3f:35:4d:b3:83:84:fb:be:cc:81:c4:e4:60:9b:cc:
8d:dc:98:33:82:0d:dc:f6:00:d5:4f:5a:47:b6:f1:
0d:2a:7f:47:96:a0:d1:40:88:87:7c:c4:05:40:30:
e6:37:b7:09:92:43:73:ac:e4:2d:a4:25:f2:fb:d8:
89:f8:bd:c9:c3:9b:3f:d5:85:d6:41:38:64:67:92:
f8:b2:9e:95:1b:fa:29:30:b7:94:92:29:9e:ca:f2:
e5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:1E:A5:D8:DB:E5:E2:AB:C9:15:56:88:72:97:C6:E1:ED:0F:B6
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/1-70epdjb5eKryRVWiHKXxuHtD7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.82.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:f9:1a:55:aa:0a:ed:15:4b:51:d2:35:03:c5:bc:6c:68:91:
30:28:97:89:d0:3c:b7:6c:e6:c4:53:62:d8:e2:4a:a6:6e:d9:
62:2a:b1:59:2c:4a:f0:ca:90:04:86:fe:a4:cf:15:80:6f:5f:
80:1f:20:4c:74:6d:37:79:b0:68:31:88:b6:ed:13:98:7a:1d:
24:a7:90:80:9c:b2:e6:88:9f:43:16:72:47:54:1d:e9:28:b6:
39:d9:02:a6:b7:1e:f5:96:c6:1d:e3:3b:ea:3f:10:3b:b4:ea:
bb:85:85:6a:61:c1:8b:ed:9b:1b:53:07:79:4a:45:d3:f1:a1:
bf:e8:5c:b0:7e:d8:e2:10:33:cc:c0:f3:18:e7:86:71:38:fe:
f9:28:62:3d:9c:64:c4:17:7b:46:89:52:bf:ea:13:46:9f:68:
f2:41:10:30:f2:62:2f:2d:2b:31:77:3c:10:f4:56:fa:ea:7e:
9c:44:b5:0e:3c:f6:6f:64:d6:4f:ea:fb:ed:6f:c4:48:e4:ef:
ec:55:18:79:6e:c1:7b:ee:14:b6:fd:16:51:5e:d8:66:77:80:
0a:25:7a:e7:f9:17:03:5e:5c:9f:0b:ad:45:2a:8b:b2:ad:9c:
da:50:35:fe:56:3d:e4:e6:4f:eb:16:94:19:1e:61:35:ee:1f:
61:2e:58:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZkFtzWP9zussYt7Jt+KN5oiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwOTAxMTQzODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkMWVhNWQ4ZGJlNWUyYWJjOTE1NTY4ODcyOTdjNmUxZWQwZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9Fcnpp5aY4iyVYo058RqORaSFkj
LX199PAik/l+4XkBwtqpoLz3IwbZNwzrQ2TBc2+BL0QMoRpXwoym2DOXuuB9nkrs
Cjjef7QLGJ44S+byOLuO1yUG7EQEAifKqG2yv/wJzQIIEZXvdHso5f4xNswikvyJ
T5loZU0CKctZNduAgaForfjOp638kN7CBrtOoUN1L/x4ZR+Zid/v1Tn+QwUfNQ8/
NU2zg4T7vsyBxORgm8yN3Jgzgg3c9gDVT1pHtvENKn9HlqDRQIiHfMQFQDDmN7cJ
kkNzrOQtpCXy+9iJ+L3Jw5s/1YXWQThkZ5L4sp6VG/opMLeUkimeyvLlEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPu9HqXY2+Xiq8kVVohyl8bh7Q+2MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvMS03MGVwZGpiNWVLcnlSVldpSEtYeHVIdEQ3WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvMjY3MjhlLWRkYzctNGIwZi05ZDFlLTk1OTNhNDg4YWZj
Yy8xL2UxNDM5dU81dlJ6emFFdWNBOEE2MGNwa0pKYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFflUjAN
BgkqhkiG9w0BAQsFAAOCAQEATPkaVaoK7RVLUdI1A8W8bGiRMCiXidA8t2zmxFNi
2OJKpm7ZYiqxWSxK8MqQBIb+pM8VgG9fgB8gTHRtN3mwaDGItu0TmHodJKeQgJyy
5oifQxZyR1Qd6Si2OdkCprce9ZbGHeM76j8QO7Tqu4WFamHBi+2bG1MHeUpF0/Gh
v+hcsH7Y4hAzzMDzGOeGcTj++ShiPZxkxBd7RolSv+oTRp9o8kEQMPJiLy0rMXc8
EPRW+up+nES1Djz2b2TWT+r77W/ESOTv7FUYeW7Be+4Utv0WUV7YZneACiV65/kX
A15cnwutRSqLsq2c2lA1/lY95OZP6xaUGR5hNe4fYS5YeQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 10:40:01 2025 by rpki-client