Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X_nWSjFLCFjdPoULwlVASCLoers.roa
File: X_nWSjFLCFjdPoULwlVASCLoers.roa (raw, json)
Hash identifier: NbTTstAwY2bOKTBgiUwpRvc4FybzINZsMW/1v/whjQc=
Subject key identifier: 5F:F9:D6:4A:31:4B:08:58:DD:3E:85:0B:C2:55:40:48:22:E8:7A:BB
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0197356BAA2CFAA09718FFB45D299D630D3D
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X_nWSjFLCFjdPoULwlVASCLoers.roa
Signing time: Tue 03 Jun 2025 10:52:17 +0000
ROA not before: Tue 03 Jun 2025 10:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.193.0/24 maxlen: 24
79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.34.0/24 maxlen: 24
87.229.79.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.124.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:6b:aa:2c:fa:a0:97:18:ff:b4:5d:29:9d:63:0d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 3 10:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ff9d64a314b0858dd3e850bc255404822e87abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9a:f5:0a:f9:67:07:14:46:4a:85:66:0a:64:
12:32:79:74:9d:ae:bf:8c:2c:50:5c:e2:80:1b:21:
60:cf:ae:24:2c:b8:67:79:88:00:dd:2b:6e:49:b0:
ca:e9:0d:42:57:ad:1b:c8:93:c7:43:9d:25:b2:0e:
82:c2:a3:da:b6:34:ef:3a:d5:fc:2a:63:b7:6d:77:
6e:93:5b:b6:a2:24:c2:e1:21:4d:c8:d3:5b:cf:74:
d9:03:cc:55:0d:ea:71:db:40:1b:1d:38:84:a9:aa:
a8:eb:6a:aa:dc:69:8a:46:95:c9:26:ae:cb:44:81:
cb:92:a2:8d:42:06:40:f8:54:9f:b6:f5:bd:67:2f:
38:5b:55:d0:ec:e1:ff:79:44:8d:9b:2e:e4:2e:9c:
bd:04:1c:f0:52:a4:3c:95:73:8b:ee:05:25:02:a1:
e2:1c:f0:f2:a9:d1:c6:a7:4a:50:11:26:d4:fd:a5:
91:22:2a:f8:64:dc:79:d1:15:c1:18:8d:e3:58:e2:
ea:0b:7a:43:fc:91:ab:bb:f9:a8:5c:e1:ff:fd:e8:
5b:f9:23:50:45:e5:de:25:e2:5b:6f:a6:0f:34:04:
1d:d5:6f:ce:e5:0d:12:9d:62:4e:11:60:e6:2f:28:
62:9f:fb:4c:76:4f:52:09:12:ea:85:0c:8e:8e:8b:
93:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F9:D6:4A:31:4B:08:58:DD:3E:85:0B:C2:55:40:48:22:E8:7A:BB
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/X_nWSjFLCFjdPoULwlVASCLoers.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.193.0/24
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.34.0/24
87.229.79.0-87.229.81.255
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
39:ee:fb:4f:45:b8:61:32:6e:94:e1:23:0b:c9:c7:e3:d6:ec:
e8:1b:89:84:7f:a7:79:c6:9b:33:bd:0c:a9:2c:9b:c4:57:b7:
b2:f9:d0:b8:af:90:b1:54:a3:33:07:63:21:78:0c:ea:18:2d:
e1:4b:31:90:4e:16:c7:81:0d:21:15:18:73:25:1f:ed:77:23:
22:4f:02:2b:de:f9:11:34:82:eb:0b:21:2a:50:e2:95:5c:2f:
11:9d:8f:63:43:a5:05:5d:f0:ed:c3:ec:c5:42:b6:33:48:e3:
ce:c4:fc:27:46:e7:2a:59:fa:25:1c:a8:a6:e7:6b:bf:e4:ee:
fe:be:bd:92:41:cc:36:1e:45:0b:d8:13:57:7f:9e:44:54:84:
8b:8e:d3:be:10:0d:30:cb:12:6c:e6:5c:8e:e7:7c:40:50:d9:
c5:57:88:13:6a:c0:31:e4:cf:b5:e9:24:b8:31:a2:32:f5:9e:
27:24:82:58:a2:94:c3:eb:8c:13:6a:ba:b9:88:02:09:f8:01:
eb:43:82:9d:16:9d:92:dd:b8:e8:3e:b2:92:cd:03:90:0a:62:
9b:e3:6d:c7:2e:7f:6a:39:e7:d0:5f:4b:f8:82:52:26:78:7e:
01:19:d3:86:4c:d2:54:4b:25:60:94:a9:5e:80:55:35:20:ac:
00:8c:a0:89
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZc1a6os+qCXGP+0XSmdYw09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjAzMTA1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY5ZDY0YTMxNGIwODU4ZGQzZTg1MGJjMjU1NDA0ODIyZTg3YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5r1CvlnBxRGSoVmCmQSMnl0na6/
jCxQXOKAGyFgz64kLLhneYgA3StuSbDK6Q1CV60byJPHQ50lsg6CwqPatjTvOtX8
KmO3bXduk1u2oiTC4SFNyNNbz3TZA8xVDepx20AbHTiEqaqo62qq3GmKRpXJJq7L
RIHLkqKNQgZA+FSftvW9Zy84W1XQ7OH/eUSNmy7kLpy9BBzwUqQ8lXOL7gUlAqHi
HPDyqdHGp0pQESbU/aWRIir4ZNx50RXBGI3jWOLqC3pD/JGru/moXOH//ehb+SNQ
ReXeJeJbb6YPNAQd1W/O5Q0SnWJOEWDmLyhin/tMdk9SCRLqhQyOjouTiQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFF/51koxSwhY3T6FC8JVQEgi6Hq7MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWF9uV1NqRkxDRmpkUG9VTHdsVkFTQ0xvZXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAT6zBAwQA
T6zQAwQAT6zkAwQCV+UIAwQAV+UiMAwDBABX5U8DBAFX5VADBAFX5XwwDQYJKoZI
hvcNAQELBQADggEBADnu+09FuGEybpThIwvJx+PW7OgbiYR/p3nGmzO9DKksm8RX
t7L50LivkLFUozMHYyF4DOoYLeFLMZBOFseBDSEVGHMlH+13IyJPAive+RE0gusL
ISpQ4pVcLxGdj2NDpQVd8O3D7MVCtjNI487E/CdG5ypZ+iUcqKbna7/k7v6+vZJB
zDYeRQvYE1d/nkRUhIuO074QDTDLEmzmXI7nfEBQ2cVXiBNqwDHkz7XpJLgxojL1
nickgliilMPrjBNqurmIAgn4AetDgp0WnZLduOg+spLNA5AKYpvjbccuf2o559Bf
S/iCUiZ4fgEZ04ZM0lRLJWCUqV6AVTUgrACMoIk=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:16:48 2025 by rpki-client