Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/1-XjcgxPBlCdT6xkSyh2YSHlHr8c.roa
File: 1-XjcgxPBlCdT6xkSyh2YSHlHr8c.roa (raw, json)
Hash identifier: TMzItRD9NOGFOwDM/LKIt7JF4ab7923oNjQ2Ls9AlQw=
Subject key identifier: F9:78:DC:83:13:C1:94:27:53:EB:19:12:CA:1D:98:48:79:47:AF:C7
Certificate issuer: /CN=d04b6ea628179ca3a0e41bffaeea2d33a55461de
Certificate serial: 0196F7A0D53566969A13080AA7B3792C1DD2
Authority key identifier: D0:4B:6E:A6:28:17:9C:A3:A0:E4:1B:FF:AE:EA:2D:33:A5:54:61:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EtupigXnKOg5Bv_ruotM6VUYd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/1-XjcgxPBlCdT6xkSyh2YSHlHr8c.roa
Signing time: Thu 22 May 2025 10:53:54 +0000
ROA not before: Thu 22 May 2025 10:53:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50301
IP address blocks: 109.233.64.0/21 maxlen: 21
193.84.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/0EtupigXnKOg5Bv_ruotM6VUYd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/0EtupigXnKOg5Bv_ruotM6VUYd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EtupigXnKOg5Bv_ruotM6VUYd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:a0:d5:35:66:96:9a:13:08:0a:a7:b3:79:2c:1d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04b6ea628179ca3a0e41bffaeea2d33a55461de
Validity
Not Before: May 22 10:53:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f978dc8313c1942753eb1912ca1d98487947afc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0d:ed:7c:f5:45:1c:cb:d1:f8:b2:cc:c4:70:
c4:d8:86:fc:90:0e:5b:5f:0f:52:60:25:84:6c:9f:
d6:aa:3d:74:f9:26:2c:0a:d8:99:72:da:c9:bf:9c:
f8:f3:af:5b:d0:1d:b5:66:08:8e:4a:de:13:6c:fe:
1a:1b:42:12:9e:32:76:b8:f2:40:7a:ed:76:8c:6e:
13:e1:e1:ed:1f:12:e1:cd:d4:b0:30:81:eb:05:85:
10:c2:a7:9b:35:28:1d:37:5e:54:60:7c:6f:82:bf:
08:dd:d2:8c:96:a6:bf:dd:31:58:4a:dd:1a:40:51:
48:42:ff:55:63:31:2e:44:d3:48:30:0f:ff:2d:92:
05:c7:cb:bf:4c:ae:49:e4:1e:44:c4:9f:bd:07:89:
81:ed:6a:37:fa:d1:b7:21:86:98:e6:93:b3:47:af:
19:f9:e4:ee:ed:12:d8:63:49:52:46:be:49:82:ad:
77:71:19:2f:0e:ff:8e:fe:95:2a:13:06:2c:2b:98:
7a:b5:b5:5d:18:d0:23:8e:ed:a7:75:73:6c:17:a1:
7b:c6:7e:cc:1c:48:01:da:97:a8:ee:b8:cf:fd:71:
7c:70:16:7b:de:8c:33:ad:58:91:04:4f:40:88:0a:
92:92:cc:e2:7d:8e:2a:ba:28:70:aa:b7:57:b2:6f:
f1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:78:DC:83:13:C1:94:27:53:EB:19:12:CA:1D:98:48:79:47:AF:C7
X509v3 Authority Key Identifier:
keyid:D0:4B:6E:A6:28:17:9C:A3:A0:E4:1B:FF:AE:EA:2D:33:A5:54:61:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EtupigXnKOg5Bv_ruotM6VUYd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/1-XjcgxPBlCdT6xkSyh2YSHlHr8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e1e6b3-930a-4022-a8c7-ecc722f9d7ff/1/0EtupigXnKOg5Bv_ruotM6VUYd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.64.0/21
193.84.186.0/24
Signature Algorithm: sha256WithRSAEncryption
19:3f:16:7c:3d:49:91:02:c3:7e:75:8c:4a:2d:ac:41:90:ca:
2c:77:4d:66:0a:f0:ce:5d:d5:13:ff:2d:08:49:ed:40:1e:e7:
81:83:e0:9b:a0:d5:c8:65:71:01:40:be:46:ad:28:0e:6f:6f:
cf:19:d2:bb:01:dc:a7:f8:9e:ce:01:f9:ad:45:76:6e:3b:c9:
73:72:77:2d:4b:61:67:31:b3:35:8a:2d:ab:ed:3c:5e:06:20:
5f:39:36:a7:04:d7:26:f9:2b:2b:2d:b0:d8:96:a3:c0:63:61:
ea:18:6b:52:84:b5:f5:91:f9:34:b1:b2:a2:9f:33:ac:a5:04:
8f:09:75:1d:98:2f:5f:62:ad:a5:25:15:c0:37:a7:25:70:04:
9b:78:6a:d9:22:7a:44:e1:03:4b:19:49:0f:b9:3f:49:9d:f9:
70:8e:1b:d0:e3:64:cb:54:fd:2d:e8:e1:d8:e8:27:68:a4:73:
46:bb:72:a6:3d:fe:a7:db:8a:42:fc:28:3d:ef:0f:46:71:ad:
4d:6a:fb:18:9e:7f:fe:9b:02:7d:a7:ad:4a:fd:2f:81:d2:2b:
25:6a:e1:b3:79:0b:65:ca:a5:95:9e:6a:37:68:19:dc:43:5d:
e0:0b:fc:51:cc:1e:aa:d0:d8:56:fc:6e:25:70:1a:9c:b2:5a:
3c:06:e5:1a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZb3oNU1ZpaaEwgKp7N5LB3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNGI2ZWE2MjgxNzljYTNhMGU0MWJmZmFlZWEyZDMzYTU1
NDYxZGUwHhcNMjUwNTIyMTA1MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTc4ZGM4MzEzYzE5NDI3NTNlYjE5MTJjYTFkOTg0ODc5NDdhZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ3tfPVFHMvR+LLMxHDE2Ib8kA5b
Xw9SYCWEbJ/Wqj10+SYsCtiZctrJv5z4869b0B21ZgiOSt4TbP4aG0ISnjJ2uPJA
eu12jG4T4eHtHxLhzdSwMIHrBYUQwqebNSgdN15UYHxvgr8I3dKMlqa/3TFYSt0a
QFFIQv9VYzEuRNNIMA//LZIFx8u/TK5J5B5ExJ+9B4mB7Wo3+tG3IYaY5pOzR68Z
+eTu7RLYY0lSRr5Jgq13cRkvDv+O/pUqEwYsK5h6tbVdGNAjju2ndXNsF6F7xn7M
HEgB2peo7rjP/XF8cBZ73owzrViRBE9AiAqSkszifY4quihwqrdXsm/xcQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPl43IMTwZQnU+sZEsodmEh5R6/HMB8GA1UdIwQY
MBaAFNBLbqYoF5yjoOQb/67qLTOlVGHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEV0dXBpZ1huS09nNUJ2X3J1b3RNNlZVWWQ0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9lMWU2YjMtOTMwYS00MDIyLWE4Yzct
ZWNjNzIyZjlkN2ZmLzEvMS1YamNneFBCbENkVDZ4a1N5aDJZU0hsSHI4Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWUvZTFlNmIzLTkzMGEtNDAyMi1hOGM3LWVjYzcyMmY5ZDdm
Zi8xLzBFdHVwaWdYbktPZzVCdl9ydW90TTZWVVlkNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA23pQAME
AMFUujANBgkqhkiG9w0BAQsFAAOCAQEAGT8WfD1JkQLDfnWMSi2sQZDKLHdNZgrw
zl3VE/8tCEntQB7ngYPgm6DVyGVxAUC+Rq0oDm9vzxnSuwHcp/iezgH5rUV2bjvJ
c3J3LUthZzGzNYotq+08XgYgXzk2pwTXJvkrKy2w2JajwGNh6hhrUoS19ZH5NLGy
op8zrKUEjwl1HZgvX2KtpSUVwDenJXAEm3hq2SJ6ROEDSxlJD7k/SZ35cI4b0ONk
y1T9Lejh2OgnaKRzRrtypj3+p9uKQvwoPe8PRnGtTWr7GJ5//psCfaetSv0vgdIr
JWrhs3kLZcqllZ5qN2gZ3ENd4Av8UcweqtDYVvxuJXAanLJaPAblGg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:36:22 2025 by rpki-client