Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lxkVaZIbX7I7bmN6ZBzzOQmtNdQ.roa
File: lxkVaZIbX7I7bmN6ZBzzOQmtNdQ.roa (raw, json)
Hash identifier: LfvYFnIRA3jwfBQfIqqFV40UbcQgxtmN1lVv1rOE5/Q=
Subject key identifier: 97:19:15:69:92:1B:5F:B2:3B:6E:63:7A:64:1C:F3:39:09:AD:35:D4
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01973A4434E71D2EBAFE01DAB40BE11D1048
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lxkVaZIbX7I7bmN6ZBzzOQmtNdQ.roa
Signing time: Wed 04 Jun 2025 09:27:17 +0000
ROA not before: Wed 04 Jun 2025 09:27:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 217.177.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:44:34:e7:1d:2e:ba:fe:01:da:b4:0b:e1:1d:10:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jun 4 09:27:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97191569921b5fb23b6e637a641cf33909ad35d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:10:49:30:12:ce:e5:b6:f5:4f:0e:34:17:0b:
bb:50:09:72:19:c0:6a:57:9a:3d:0c:e0:78:bb:ae:
e4:8c:15:a3:4c:3e:4c:bc:da:ee:b1:e0:00:8d:50:
60:f7:99:98:76:67:fe:cb:51:01:3e:8a:a9:e4:74:
90:de:05:d0:57:4d:d4:a7:55:f2:f5:f1:54:48:d6:
28:e2:07:a3:60:21:51:e0:72:55:01:15:da:c1:aa:
90:65:39:7c:ab:99:5d:6e:97:c4:ec:71:00:28:80:
ae:27:d6:d8:28:69:87:ee:fe:81:79:19:fc:a6:49:
a5:5a:05:1e:80:6f:25:7e:8e:1b:c5:bf:c3:3a:77:
2b:82:0f:0f:b6:ea:45:ba:11:53:7b:30:5f:01:e8:
27:68:98:96:a0:bd:3e:5a:c3:5c:e8:e5:ba:50:ef:
8e:2e:ba:b2:c0:3a:e4:6c:69:c6:c1:8a:d6:3f:73:
29:a4:7c:e2:16:63:fd:16:8d:a9:e8:a7:02:8d:da:
ad:0c:fb:4a:98:fb:82:c5:ab:11:1e:d7:03:0d:8b:
16:04:91:35:a1:8d:c7:2c:20:f3:2b:cc:4e:6a:05:
38:a4:ae:f6:8c:be:ad:75:d2:75:aa:8a:44:6e:b2:
60:ee:75:99:78:98:1c:39:16:4a:2f:d7:68:e1:f9:
4a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:19:15:69:92:1B:5F:B2:3B:6E:63:7A:64:1C:F3:39:09:AD:35:D4
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/lxkVaZIbX7I7bmN6ZBzzOQmtNdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.33.0/24
Signature Algorithm: sha256WithRSAEncryption
67:be:40:b0:41:64:ad:1b:39:d5:3b:7a:e0:17:c5:52:f2:fb:
66:ef:fe:2b:be:be:ee:f4:bb:f9:0b:1e:c2:9f:54:df:a3:3b:
09:be:8e:03:90:82:53:cc:8f:bd:22:21:55:dd:4e:d0:d7:7f:
69:fa:84:f1:52:ed:78:d4:bd:e7:a3:3b:bb:62:0d:cb:c2:42:
e2:b3:b7:eb:e9:ef:c1:b9:89:62:15:c2:bf:69:a2:6b:dd:11:
96:79:8d:0a:c7:c7:75:98:8f:ef:b2:6b:6e:e8:31:b0:f1:6f:
7a:87:34:c6:b2:8e:0c:d1:78:8b:17:c9:57:5d:4b:f5:49:25:
6c:48:da:26:fc:12:3b:57:c6:05:bb:9d:f8:85:08:55:21:52:
6f:ff:62:19:08:5a:94:7a:3e:cc:a9:1e:a9:d9:5c:15:2a:24:
52:91:d0:80:77:99:85:4c:41:ac:1e:ad:99:19:17:72:61:aa:
3a:91:ca:47:36:ae:4c:15:a0:1f:0f:d1:f3:9c:e2:e6:77:3e:
f6:5a:e2:71:bc:2a:9c:97:50:24:32:46:d4:f9:6e:e7:6f:08:
56:d2:8b:95:44:f2:2b:cf:d2:1f:43:e5:fe:54:90:ab:b4:e5:
ca:7c:74:ee:7d:1d:4a:34:bc:39:78:21:89:a3:50:a8:64:fc:
c9:95:13:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc6RDTnHS66/gHatAvhHRBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNjA0MDkyNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE5MTU2OTkyMWI1ZmIyM2I2ZTYzN2E2NDFjZjMzOTA5YWQzNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRBJMBLO5bb1Tw40Fwu7UAlyGcBq
V5o9DOB4u67kjBWjTD5MvNruseAAjVBg95mYdmf+y1EBPoqp5HSQ3gXQV03Up1Xy
9fFUSNYo4gejYCFR4HJVARXawaqQZTl8q5ldbpfE7HEAKICuJ9bYKGmH7v6BeRn8
pkmlWgUegG8lfo4bxb/DOncrgg8PtupFuhFTezBfAegnaJiWoL0+WsNc6OW6UO+O
LrqywDrkbGnGwYrWP3MppHziFmP9Fo2p6KcCjdqtDPtKmPuCxasRHtcDDYsWBJE1
oY3HLCDzK8xOagU4pK72jL6tddJ1qopEbrJg7nWZeJgcORZKL9do4flKvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcZFWmSG1+yO25jemQc8zkJrTXUMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvbHhrVmFaSWJYN0k3Ym1ONlpCenpPUW10TmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2bEhMA0G
CSqGSIb3DQEBCwUAA4IBAQBnvkCwQWStGznVO3rgF8VS8vtm7/4rvr7u9Lv5Cx7C
n1TfozsJvo4DkIJTzI+9IiFV3U7Q139p+oTxUu141L3nozu7Yg3LwkLis7fr6e/B
uYliFcK/aaJr3RGWeY0Kx8d1mI/vsmtu6DGw8W96hzTGso4M0XiLF8lXXUv1SSVs
SNom/BI7V8YFu534hQhVIVJv/2IZCFqUej7MqR6p2VwVKiRSkdCAd5mFTEGsHq2Z
GRdyYao6kcpHNq5MFaAfD9HznOLmdz72WuJxvCqcl1AkMkbU+W7nbwhW0ouVRPIr
z9IfQ+X+VJCrtOXKfHTufR1KNLw5eCGJo1CoZPzJlRPW
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:34:36 2025 by rpki-client