Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/7a4UPx06lYNEEu_8hOujHiCjI3I.roa
File: 7a4UPx06lYNEEu_8hOujHiCjI3I.roa (raw, json)
Hash identifier: KGEycmI2h25GEHvIQbSwQGJ1oU96GoNn5z0Fg/wO3lQ=
Subject key identifier: ED:AE:14:3F:1D:3A:95:83:44:12:EF:FC:84:EB:A3:1E:20:A3:23:72
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 0196E765DEC8C3F79A4BF8A16F2801CC91E8
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/7a4UPx06lYNEEu_8hOujHiCjI3I.roa
Signing time: Mon 19 May 2025 07:15:35 +0000
ROA not before: Mon 19 May 2025 07:15:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 94.127.58.0/24 maxlen: 24
94.127.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:65:de:c8:c3:f7:9a:4b:f8:a1:6f:28:01:cc:91:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: May 19 07:15:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edae143f1d3a95834412effc84eba31e20a32372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:73:a0:7f:8d:51:52:e2:24:ef:ee:f5:cc:03:
a6:ae:cb:40:20:14:ef:9f:cc:af:54:7d:32:44:8d:
c3:a0:93:82:e1:aa:b7:01:44:f5:e0:86:d8:5b:a6:
7e:e7:52:9b:39:67:97:bd:91:04:c4:cd:2e:2c:47:
19:dd:fd:a2:a0:c4:00:41:88:e8:1a:9a:11:29:8d:
0e:f1:b5:ff:97:3a:ef:2e:67:23:09:e8:09:df:2e:
ef:a4:23:25:59:b3:a8:dc:fd:0f:13:25:ea:37:2c:
3b:de:76:db:df:b5:26:42:39:fe:12:c7:eb:d3:82:
12:17:4e:68:82:b1:78:20:bd:24:96:ac:3c:cf:36:
40:61:5b:1d:88:f9:75:6b:fd:1d:d5:53:cf:0e:2b:
e9:45:0f:ea:8a:4f:44:ba:54:31:dd:23:c8:c0:ee:
a1:7c:14:21:e0:a0:b1:09:04:b3:74:c3:f1:f6:2c:
ab:cc:58:a1:f0:79:26:b6:a4:7d:83:86:8b:06:dc:
3b:9d:79:53:7d:94:fa:97:5b:db:75:1b:5f:bc:e4:
7b:2f:0d:6e:60:39:e9:60:72:cc:47:22:9d:7e:04:
9a:1b:a9:35:30:22:a1:68:73:4d:27:18:7c:3a:75:
c9:98:cd:26:60:8c:30:db:75:99:cf:61:77:40:af:
bb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AE:14:3F:1D:3A:95:83:44:12:EF:FC:84:EB:A3:1E:20:A3:23:72
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/7a4UPx06lYNEEu_8hOujHiCjI3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.58.0/23
Signature Algorithm: sha256WithRSAEncryption
48:79:8a:5c:93:0b:a7:70:85:52:c5:2e:56:1c:88:95:f1:68:
d1:2d:43:4d:65:70:73:aa:bb:22:2e:59:7d:e2:8a:13:7e:6c:
08:22:bf:17:5e:a8:99:3c:8b:50:b8:ba:28:7d:64:64:7e:78:
1f:d9:07:73:f4:bc:b9:e5:41:af:34:66:fc:e9:ad:56:78:c2:
b0:d9:e1:7c:6a:e0:b8:28:8c:21:c6:21:ac:3c:94:53:f1:52:
c7:5e:67:2a:29:4b:44:9b:0d:0b:06:e1:ee:bc:80:33:62:08:
8f:39:c2:db:4b:b2:83:48:36:07:5d:df:e7:21:88:4e:1c:12:
66:15:ce:85:27:0e:36:ae:fc:4e:70:c0:69:43:0e:d8:0b:f6:
51:bb:84:5e:46:44:34:2a:87:8c:36:69:e8:00:de:40:b4:fc:
fe:cc:62:dc:93:f6:38:dd:ae:47:17:47:4e:cd:88:35:c9:f2:
5b:66:33:3f:69:fa:23:2c:d3:82:e2:35:ef:a1:3a:15:b1:86:
b7:5c:45:be:97:47:82:22:84:6f:8f:e5:79:c7:36:08:0d:5b:
bb:3f:19:e9:17:31:12:1d:4c:6b:d9:0b:4a:84:d3:d2:a6:1f:
fd:1a:27:72:9c:d9:56:1c:61:e3:e0:e3:a3:b9:9e:a6:44:a3:
e3:a4:72:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbnZd7Iw/eaS/ihbygBzJHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmUyMTJhMmYxYTExOWVmNjRhYjYyZTFhOTZkNzExNTI0
YzhiYzcwHhcNMjUwNTE5MDcxNTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGFlMTQzZjFkM2E5NTgzNDQxMmVmZmM4NGViYTMxZTIwYTMyMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3Ogf41RUuIk7+71zAOmrstAIBTv
n8yvVH0yRI3DoJOC4aq3AUT14IbYW6Z+51KbOWeXvZEExM0uLEcZ3f2ioMQAQYjo
GpoRKY0O8bX/lzrvLmcjCegJ3y7vpCMlWbOo3P0PEyXqNyw73nbb37UmQjn+Esfr
04ISF05ogrF4IL0klqw8zzZAYVsdiPl1a/0d1VPPDivpRQ/qik9EulQx3SPIwO6h
fBQh4KCxCQSzdMPx9iyrzFih8HkmtqR9g4aLBtw7nXlTfZT6l1vbdRtfvOR7Lw1u
YDnpYHLMRyKdfgSaG6k1MCKhaHNNJxh8OnXJmM0mYIww23WZz2F3QK+7FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2uFD8dOpWDRBLv/ITrox4goyNyMB8GA1UdIwQY
MBaAFKy+ISovGhGe9kq2LhqW1xFSTIvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYt
MjNjMzM4NjgwNzcxLzEvN2E0VVB4MDZsWU5FRXVfOGhPdWpIaUNqSTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYtMjNjMzM4NjgwNzcx
LzEvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXn86MA0G
CSqGSIb3DQEBCwUAA4IBAQBIeYpckwuncIVSxS5WHIiV8WjRLUNNZXBzqrsiLll9
4ooTfmwIIr8XXqiZPItQuLoofWRkfngf2Qdz9Ly55UGvNGb86a1WeMKw2eF8auC4
KIwhxiGsPJRT8VLHXmcqKUtEmw0LBuHuvIAzYgiPOcLbS7KDSDYHXd/nIYhOHBJm
Fc6FJw42rvxOcMBpQw7YC/ZRu4ReRkQ0KoeMNmnoAN5AtPz+zGLck/Y43a5HF0dO
zYg1yfJbZjM/afojLNOC4jXvoToVsYa3XEW+l0eCIoRvj+V5xzYIDVu7PxnpFzES
HUxr2QtKhNPSph/9GidynNlWHGHj4OOjuZ6mRKPjpHIK
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:32:58 2025 by rpki-client