
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/F7JL5bHYyLaweW8pONIwm4V1Ta8.roa
File: F7JL5bHYyLaweW8pONIwm4V1Ta8.roa (raw, json)
Hash identifier: 9Al0+nQsmlduPmazSDY0bBkTJLPuHl1nJV+djdoKlfw=
Subject key identifier: 17:B2:4B:E5:B1:D8:C8:B6:B0:79:6F:29:38:D2:30:9B:85:75:4D:AF
Certificate issuer: /CN=9681fc8c7337c6a1d20b84800df862a27e5fdbd7
Certificate serial: 019715EA6FB0053718E9BF1C34EEB4395035
Authority key identifier: 96:81:FC:8C:73:37:C6:A1:D2:0B:84:80:0D:F8:62:A2:7E:5F:DB:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/loH8jHM3xqHSC4SADfhion5f29c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/F7JL5bHYyLaweW8pONIwm4V1Ta8.roa
Signing time: Wed 28 May 2025 08:02:54 +0000
ROA not before: Wed 28 May 2025 08:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215138
IP address blocks: 195.8.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/loH8jHM3xqHSC4SADfhion5f29c.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/loH8jHM3xqHSC4SADfhion5f29c.mft
rsync://rpki.ripe.net/repository/DEFAULT/loH8jHM3xqHSC4SADfhion5f29c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:15:ea:6f:b0:05:37:18:e9:bf:1c:34:ee:b4:39:50:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9681fc8c7337c6a1d20b84800df862a27e5fdbd7
Validity
Not Before: May 28 08:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b24be5b1d8c8b6b0796f2938d2309b85754daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:48:38:ed:f8:63:48:c0:28:aa:bd:a7:d1:
5e:f1:e6:97:ae:2c:52:24:48:b8:47:9f:8a:9b:79:
4c:a4:35:5b:cb:2f:a8:bd:ed:9b:e5:83:fe:eb:8e:
b5:17:0f:77:ef:93:68:f5:eb:1d:c5:68:7d:4d:5e:
d5:66:f4:4c:ee:97:b9:12:3f:51:52:92:c6:b3:9e:
29:59:81:8e:68:39:e4:eb:04:83:98:64:05:47:26:
c4:e4:26:2a:3a:14:62:73:04:77:ba:bc:7b:07:90:
2d:d5:dd:8e:b7:ae:71:cd:7d:cd:e3:c7:2c:db:b3:
bc:7d:be:47:4b:cf:55:b0:d1:58:81:27:ab:73:a3:
e2:73:b6:df:53:ab:e3:d3:39:87:fc:a3:15:ba:a3:
f6:5c:c4:0d:54:81:16:71:8b:42:88:78:a6:6a:fa:
02:b6:1f:82:f5:b4:35:64:02:d7:cf:ed:9f:c2:77:
17:a6:53:b5:a5:92:48:f1:05:9d:ec:4e:55:84:ed:
68:2c:43:9d:dd:75:ab:47:91:30:9f:1f:e4:48:ca:
e5:d4:85:ce:30:49:d4:8a:91:4b:e6:d2:9f:c5:bb:
76:21:29:2d:c1:27:88:72:98:5d:f6:f6:48:23:cb:
43:8e:e8:bd:4b:b7:6b:76:09:59:b5:e0:0d:7b:d7:
d2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B2:4B:E5:B1:D8:C8:B6:B0:79:6F:29:38:D2:30:9B:85:75:4D:AF
X509v3 Authority Key Identifier:
keyid:96:81:FC:8C:73:37:C6:A1:D2:0B:84:80:0D:F8:62:A2:7E:5F:DB:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/loH8jHM3xqHSC4SADfhion5f29c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/F7JL5bHYyLaweW8pONIwm4V1Ta8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/40e5d5-ed41-4dd3-9332-53d96099d7b1/1/loH8jHM3xqHSC4SADfhion5f29c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.98.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:0e:22:ba:86:5d:cf:76:8e:07:c7:19:0d:52:30:9e:94:38:
f1:53:40:74:e4:4e:80:0f:5e:60:8c:8d:2f:89:e9:ec:28:1c:
69:56:45:62:9e:e5:72:de:26:8c:66:7a:d8:2c:30:56:50:89:
f2:43:31:9a:60:1c:75:24:f5:6b:9e:3c:12:e4:d7:d6:08:1b:
b7:cc:17:30:a0:f4:49:33:09:64:5f:60:9c:f4:42:0a:d9:cf:
11:3c:8e:3f:fb:6b:77:16:2d:29:83:a9:f7:64:80:85:8a:35:
d3:cb:7c:59:a2:4b:59:d6:63:a0:04:a1:70:33:2d:ed:1e:09:
52:e7:7a:4f:6c:ae:4a:c5:e9:29:09:35:b4:e8:a7:3d:32:28:
d6:58:2a:19:05:ae:dc:e1:cd:97:1e:95:17:96:53:6e:43:d1:
7e:e9:4d:01:7e:fd:5a:57:94:2f:0f:01:e3:d6:ac:cb:ec:8b:
50:66:d5:e4:6a:84:3b:77:ea:50:7a:6e:d9:6d:24:3a:17:b0:
60:3d:a0:d2:04:94:5a:22:61:40:66:ab:ae:93:5f:0c:d4:dc:
85:ef:c5:1d:79:1e:95:00:ea:e6:c4:77:89:7f:6e:fb:bd:d1:
27:8f:a6:64:45:7b:fa:bd:42:ab:6d:24:3d:f6:62:11:a3:cc:
7d:41:a2:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcV6m+wBTcY6b8cNO60OVA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ODFmYzhjNzMzN2M2YTFkMjBiODQ4MDBkZjg2MmEyN2U1
ZmRiZDcwHhcNMjUwNTI4MDgwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IyNGJlNWIxZDhjOGI2YjA3OTZmMjkzOGQyMzA5Yjg1NzU0ZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu1IOO34Y0jAKKq9p9Fe8eaXrixS
JEi4R5+Km3lMpDVbyy+ove2b5YP+6461Fw9375No9esdxWh9TV7VZvRM7pe5Ej9R
UpLGs54pWYGOaDnk6wSDmGQFRybE5CYqOhRicwR3urx7B5At1d2Ot65xzX3N48cs
27O8fb5HS89VsNFYgSerc6Pic7bfU6vj0zmH/KMVuqP2XMQNVIEWcYtCiHimavoC
th+C9bQ1ZALXz+2fwncXplO1pZJI8QWd7E5VhO1oLEOd3XWrR5Ewnx/kSMrl1IXO
MEnUipFL5tKfxbt2ISktwSeIcphd9vZII8tDjui9S7drdglZteANe9fSxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBeyS+Wx2Mi2sHlvKTjSMJuFdU2vMB8GA1UdIwQY
MBaAFJaB/IxzN8ah0guEgA34YqJ+X9vXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG9IOGpITTN4cUhTQzRTQURmaGlvbjVmMjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80MGU1ZDUtZWQ0MS00ZGQzLTkzMzIt
NTNkOTYwOTlkN2IxLzEvRjdKTDViSFl5TGF3ZVc4cE9OSXdtNFYxVGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80MGU1ZDUtZWQ0MS00ZGQzLTkzMzItNTNkOTYwOTlkN2Ix
LzEvbG9IOGpITTN4cUhTQzRTQURmaGlvbjVmMjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwhiMA0G
CSqGSIb3DQEBCwUAA4IBAQAPDiK6hl3Pdo4HxxkNUjCelDjxU0B05E6AD15gjI0v
iensKBxpVkVinuVy3iaMZnrYLDBWUInyQzGaYBx1JPVrnjwS5NfWCBu3zBcwoPRJ
MwlkX2Cc9EIK2c8RPI4/+2t3Fi0pg6n3ZICFijXTy3xZoktZ1mOgBKFwMy3tHglS
53pPbK5KxekpCTW06Kc9MijWWCoZBa7c4c2XHpUXllNuQ9F+6U0Bfv1aV5QvDwHj
1qzL7ItQZtXkaoQ7d+pQem7ZbSQ6F7BgPaDSBJRaImFAZquuk18M1NyF78UdeR6V
AOrmxHeJf277vdEnj6ZkRXv6vUKrbSQ99mIRo8x9QaK7
-----END CERTIFICATE-----
Generated at Thu Jun 12 08:35:00 2025 by rpki-client