Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/7pl-SuA3Gp3HIl0-4oO-hbqh1VI.roa
File: 7pl-SuA3Gp3HIl0-4oO-hbqh1VI.roa (raw, json)
Hash identifier: 1NAj5UfDOdJhzCucpweNiw3LcFLBqoVu4h4q4LN/d2E=
Subject key identifier: EE:99:7E:4A:E0:37:1A:9D:C7:22:5D:3E:E2:83:BE:85:BA:A1:D5:52
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0196CD2DC30C4D9A42B087FA688DB5F5EEB6
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/7pl-SuA3Gp3HIl0-4oO-hbqh1VI.roa
Signing time: Wed 14 May 2025 05:04:10 +0000
ROA not before: Wed 14 May 2025 05:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210618
IP address blocks: 85.153.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:2d:c3:0c:4d:9a:42:b0:87:fa:68:8d:b5:f5:ee:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: May 14 05:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee997e4ae0371a9dc7225d3ee283be85baa1d552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:83:7b:5f:0e:36:ac:d7:36:c1:50:87:17:63:
e7:14:50:93:da:89:c6:0e:79:13:ec:e5:4c:fe:c1:
19:2a:2e:fa:da:c9:3f:7d:80:90:7a:f3:b1:06:85:
27:54:69:c2:94:75:86:ba:6c:c3:01:87:15:1d:5f:
62:ea:e7:e3:30:4c:fa:95:d6:dd:cc:35:97:cb:b6:
bd:1b:de:dd:18:3b:a2:2f:a4:cd:b4:06:2e:f2:1d:
95:c7:5d:0a:1c:65:dc:28:9c:51:f0:2d:02:07:5b:
ed:10:07:33:75:6b:47:03:89:2f:2c:bc:90:8a:d4:
bf:76:9e:ba:eb:1d:d7:b8:d2:aa:bc:85:ca:f4:69:
a3:2f:86:1a:67:7b:e5:36:b1:8f:6c:d4:77:e7:06:
62:9f:65:9a:45:f9:5b:8d:34:a4:ad:02:60:3a:84:
a8:8f:e4:5f:0b:8e:49:2a:79:1d:fc:ce:4a:96:b0:
8d:a6:ed:c9:6a:24:52:17:d7:eb:d6:7e:d1:4c:3a:
a4:38:3f:04:a2:ff:eb:ce:3e:89:e7:9e:31:a9:e5:
3a:cb:90:b4:a3:dc:b1:9e:a2:0c:e9:8e:c9:6f:a8:
94:66:7f:32:83:e5:04:e3:ca:9d:52:92:41:30:bf:
c6:7a:a2:77:ee:a8:be:30:87:6e:69:cd:ed:dc:a4:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:99:7E:4A:E0:37:1A:9D:C7:22:5D:3E:E2:83:BE:85:BA:A1:D5:52
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/7pl-SuA3Gp3HIl0-4oO-hbqh1VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.208.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:0e:46:78:c0:87:8c:26:e3:f3:ed:87:26:99:09:e3:34:fa:
2d:00:ac:6e:ff:cd:f6:20:f3:4b:17:a5:04:89:d2:50:25:a5:
db:66:4d:cb:82:a8:db:c3:b3:ec:17:08:64:c8:d6:0d:61:e9:
e2:fe:09:46:8d:ff:b0:b6:98:a3:03:77:15:a2:ab:6f:96:2b:
5c:0a:73:6f:6c:e9:ca:2a:1d:7b:7a:e6:29:89:92:2b:63:9d:
75:75:db:a4:dd:dc:80:56:f2:79:53:0f:a6:b5:ea:35:d2:d5:
f3:97:28:06:40:98:35:6f:6a:ef:a5:c7:24:ec:2c:90:81:48:
82:46:5e:4d:40:cb:c7:43:42:f6:5b:39:76:32:34:13:0c:ef:
4a:1d:35:0b:15:67:1a:1c:54:4b:37:89:91:bf:8f:0a:1e:6f:
62:02:2d:8d:b2:4d:35:ed:c2:c0:7c:12:a1:8a:c6:14:5e:06:
eb:c8:65:ea:49:39:af:f1:0e:19:d7:37:6a:d7:26:0b:aa:4d:
d8:ff:bd:1d:c5:35:05:84:d2:70:de:67:21:da:88:31:5c:59:
be:ef:39:c2:07:c5:1d:21:c9:bf:0d:49:a0:d9:50:00:e4:99:
d3:e7:e0:a3:1c:cd:87:9b:1b:56:1e:29:d9:a7:b1:b9:c9:8f:
60:30:ed:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbNLcMMTZpCsIf6aI219e62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwNTE0MDUwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTk5N2U0YWUwMzcxYTlkYzcyMjVkM2VlMjgzYmU4NWJhYTFkNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8oN7Xw42rNc2wVCHF2PnFFCT2onG
DnkT7OVM/sEZKi762sk/fYCQevOxBoUnVGnClHWGumzDAYcVHV9i6ufjMEz6ldbd
zDWXy7a9G97dGDuiL6TNtAYu8h2Vx10KHGXcKJxR8C0CB1vtEAczdWtHA4kvLLyQ
itS/dp666x3XuNKqvIXK9GmjL4YaZ3vlNrGPbNR35wZin2WaRflbjTSkrQJgOoSo
j+RfC45JKnkd/M5KlrCNpu3JaiRSF9fr1n7RTDqkOD8Eov/rzj6J554xqeU6y5C0
o9yxnqIM6Y7Jb6iUZn8yg+UE48qdUpJBML/GeqJ37qi+MIduac3t3KQJZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6ZfkrgNxqdxyJdPuKDvoW6odVSMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvN3BsLVN1QTNHcDNISWwwLTRvTy1oYnFoMVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZnQMA0G
CSqGSIb3DQEBCwUAA4IBAQCLDkZ4wIeMJuPz7YcmmQnjNPotAKxu/832IPNLF6UE
idJQJaXbZk3Lgqjbw7PsFwhkyNYNYeni/glGjf+wtpijA3cVoqtvlitcCnNvbOnK
Kh17euYpiZIrY511dduk3dyAVvJ5Uw+mteo10tXzlygGQJg1b2rvpcck7CyQgUiC
Rl5NQMvHQ0L2Wzl2MjQTDO9KHTULFWcaHFRLN4mRv48KHm9iAi2Nsk017cLAfBKh
isYUXgbryGXqSTmv8Q4Z1zdq1yYLqk3Y/70dxTUFhNJw3mch2ogxXFm+7znCB8Ud
Icm/DUmg2VAA5JnT5+CjHM2HmxtWHinZp7G5yY9gMO1c
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:38:46 2025 by rpki-client