Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/LD6VRL2XeN-U0RoWVUrlXaot1kc.roa
File: LD6VRL2XeN-U0RoWVUrlXaot1kc.roa (raw, json)
Hash identifier: KlQSdw9/p4zWdxiUL1wfKhho84eij9Hta9B39hn976o=
Subject key identifier: 2C:3E:95:44:BD:97:78:DF:94:D1:1A:16:55:4A:E5:5D:AA:2D:D6:47
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019753D465D28964E951D53DD562A3175E64
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/LD6VRL2XeN-U0RoWVUrlXaot1kc.roa
Signing time: Mon 09 Jun 2025 08:35:18 +0000
ROA not before: Mon 09 Jun 2025 08:35:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 87.229.80.0/23 maxlen: 24
87.229.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:d4:65:d2:89:64:e9:51:d5:3d:d5:62:a3:17:5e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 9 08:35:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c3e9544bd9778df94d11a16554ae55daa2dd647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:de:45:a4:0a:77:a7:17:1f:39:17:09:fa:
15:15:b6:59:5e:d8:bf:4a:30:04:7f:5a:86:70:7b:
aa:a5:2d:0c:13:3c:17:7e:6b:fd:38:3f:41:a8:51:
a8:fc:63:24:2e:ad:69:81:ab:c3:a3:44:55:31:c9:
6d:a5:04:c1:b7:b7:fd:cf:6e:89:08:2b:9f:3c:71:
0b:22:68:75:e9:99:ac:56:85:96:e1:c6:c6:5c:4a:
24:13:47:fa:6b:ca:a9:83:01:78:05:38:59:6c:ee:
ed:a8:b6:0f:4f:43:1c:a0:8d:16:1d:52:3d:94:af:
85:a8:07:69:16:c5:ae:35:92:56:69:06:96:97:a3:
9e:1b:ab:cf:7d:80:16:16:17:74:ad:ef:6c:70:81:
74:3d:aa:a0:84:5b:65:18:99:4a:e7:59:f3:3f:3d:
03:3e:c6:4f:0c:bf:e5:14:79:f8:d4:d0:42:17:43:
16:e3:2f:69:0c:a9:3a:48:43:7e:5b:75:1e:6d:45:
c4:14:63:a3:44:a5:c4:9c:f6:c2:7e:61:8e:c0:2d:
6f:62:d3:02:d6:e3:3a:d7:a5:b7:ee:7d:d2:3d:62:
8d:34:49:c2:b3:b0:29:9a:fe:48:60:95:74:cd:91:
e2:a0:39:45:78:27:f9:33:99:d6:32:af:c0:ef:29:
b0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3E:95:44:BD:97:78:DF:94:D1:1A:16:55:4A:E5:5D:AA:2D:D6:47
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/LD6VRL2XeN-U0RoWVUrlXaot1kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.80.0/23
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:2d:ae:7e:3f:d6:0b:82:d0:20:60:a2:cf:9f:7c:9b:04:98:
2c:74:6b:45:4e:22:67:f4:4a:c2:98:2b:d1:0e:b6:89:56:16:
a9:69:57:56:74:78:5e:aa:50:b6:05:8a:a0:0f:b6:f9:0c:8d:
f2:1f:5d:1c:b6:a8:8b:e3:8f:cf:46:86:17:9d:12:ce:71:44:
3c:89:b2:af:32:8c:81:d6:92:88:45:8c:57:7e:71:2c:9e:bd:
f0:31:60:e3:79:e6:96:9e:e9:3a:f9:96:0b:7e:fd:d7:48:6f:
7e:49:dd:ad:3d:f5:77:d2:38:c5:d1:ee:4d:12:48:e4:70:cd:
ac:22:c9:26:27:b5:2c:17:5f:08:6a:f1:db:4e:03:68:ac:53:
17:f8:70:87:d5:4e:af:d0:24:e1:ea:7a:8e:49:ea:ed:69:08:
38:7f:86:6a:14:82:de:d3:dc:bc:7b:55:f9:7b:ff:99:ee:b9:
c8:23:39:a3:7f:99:9d:b3:3e:4b:5a:84:e3:1c:a6:dd:f3:72:
9e:77:45:6f:d3:88:be:75:fd:9c:11:f5:8c:c7:26:72:b5:52:
67:38:a5:03:51:fa:d0:39:b2:db:77:e6:63:60:2a:97:10:44:
63:99:0d:34:4f:d5:11:2b:e3:6f:58:7a:ae:10:5f:be:91:f8:
2b:6a:ec:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdT1GXSiWTpUdU91WKjF15kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjA5MDgzNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNlOTU0NGJkOTc3OGRmOTRkMTFhMTY1NTRhZTU1ZGFhMmRkNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GveRaQKd6cXHzkXCfoVFbZZXti/
SjAEf1qGcHuqpS0MEzwXfmv9OD9BqFGo/GMkLq1pgavDo0RVMcltpQTBt7f9z26J
CCufPHELImh16ZmsVoWW4cbGXEokE0f6a8qpgwF4BThZbO7tqLYPT0McoI0WHVI9
lK+FqAdpFsWuNZJWaQaWl6OeG6vPfYAWFhd0re9scIF0PaqghFtlGJlK51nzPz0D
PsZPDL/lFHn41NBCF0MW4y9pDKk6SEN+W3UebUXEFGOjRKXEnPbCfmGOwC1vYtMC
1uM616W37n3SPWKNNEnCs7Apmv5IYJV0zZHioDlFeCf5M5nWMq/A7ymwgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCw+lUS9l3jflNEaFlVK5V2qLdZHMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvTEQ2VlJMMlhlTi1VMFJvV1ZVcmxYYW90MWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV+VQAwQB
V+V8MA0GCSqGSIb3DQEBCwUAA4IBAQBbLa5+P9YLgtAgYKLPn3ybBJgsdGtFTiJn
9ErCmCvRDraJVhapaVdWdHheqlC2BYqgD7b5DI3yH10ctqiL44/PRoYXnRLOcUQ8
ibKvMoyB1pKIRYxXfnEsnr3wMWDjeeaWnuk6+ZYLfv3XSG9+Sd2tPfV30jjF0e5N
EkjkcM2sIskmJ7UsF18IavHbTgNorFMX+HCH1U6v0CTh6nqOSertaQg4f4ZqFILe
09y8e1X5e/+Z7rnIIzmjf5mdsz5LWoTjHKbd83Ked0Vv04i+df2cEfWMxyZytVJn
OKUDUfrQObLbd+ZjYCqXEERjmQ00T9URK+NvWHquEF++kfgrauwF
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:22:07 2025 by rpki-client