Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/d0esey8AL3oqWdpXKQi0WyV7ktQ.roa
File: d0esey8AL3oqWdpXKQi0WyV7ktQ.roa (raw, json)
Hash identifier: J4cOoBAYf62aaAeG5Hi7u+/pYelZ41GqNxwzMAQ75xY=
Subject key identifier: 77:47:AC:7B:2F:00:2F:7A:2A:59:DA:57:29:08:B4:5B:25:7B:92:D4
Certificate issuer: /CN=5fdd1e8c2394d18e876c2d57016e7ed89805a667
Certificate serial: 01971B03F991AF76C1E63E3757F5221C1B5D
Authority key identifier: 5F:DD:1E:8C:23:94:D1:8E:87:6C:2D:57:01:6E:7E:D8:98:05:A6:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/d0esey8AL3oqWdpXKQi0WyV7ktQ.roa
Signing time: Thu 29 May 2025 07:48:54 +0000
ROA not before: Thu 29 May 2025 07:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205295
IP address blocks: 91.196.208.0/22 maxlen: 22
91.196.208.0/23 maxlen: 23
91.196.210.0/23 maxlen: 23
185.219.24.0/22 maxlen: 22
185.219.24.0/23 maxlen: 23
185.219.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:03:f9:91:af:76:c1:e6:3e:37:57:f5:22:1c:1b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdd1e8c2394d18e876c2d57016e7ed89805a667
Validity
Not Before: May 29 07:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7747ac7b2f002f7a2a59da572908b45b257b92d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:02:c1:a8:30:bd:d3:7e:10:14:c1:d2:46:
12:10:ce:9c:e2:42:ef:3c:f0:19:74:68:04:eb:9c:
fb:77:67:8c:6f:46:61:81:10:87:00:dd:de:14:4c:
6b:ce:11:f0:d5:75:f7:dd:1a:5b:ab:c2:25:67:d2:
2e:dc:5a:58:97:d2:f8:85:20:b5:bd:2c:d6:25:d9:
7a:85:f9:18:09:00:42:e5:20:2d:b7:30:d7:82:9d:
8c:0e:f4:ea:b4:1b:1a:91:0b:b6:85:98:3e:05:9a:
e3:1d:f2:30:48:d4:fe:c1:00:35:ba:6f:44:90:a4:
56:3b:a7:20:27:ac:9d:00:92:81:84:51:b5:4b:92:
c8:9a:75:44:88:c5:5e:32:86:cf:8f:39:aa:e4:d5:
d2:42:f3:51:d3:2c:7d:71:9d:c6:4e:cd:f6:2a:29:
22:c2:6b:55:aa:1a:b9:fa:30:b7:0e:85:67:29:b7:
ad:1e:d5:3b:87:d5:28:2b:94:1d:47:05:b6:80:7e:
42:fe:f6:a5:26:1f:ee:4d:eb:dc:17:18:18:30:cf:
79:c9:b4:e9:5e:3a:95:da:4e:94:9b:d4:5f:f1:47:
c5:32:17:c1:a6:b9:24:fa:65:ed:cb:d5:e5:25:b8:
59:af:23:e0:c8:d0:bd:f3:ab:de:de:62:c8:1c:a0:
27:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:47:AC:7B:2F:00:2F:7A:2A:59:DA:57:29:08:B4:5B:25:7B:92:D4
X509v3 Authority Key Identifier:
keyid:5F:DD:1E:8C:23:94:D1:8E:87:6C:2D:57:01:6E:7E:D8:98:05:A6:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X90ejCOU0Y6HbC1XAW5-2JgFpmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/d0esey8AL3oqWdpXKQi0WyV7ktQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/a6d42c-cfd7-4ed5-9f83-5ae93ec8fb11/1/X90ejCOU0Y6HbC1XAW5-2JgFpmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.208.0/22
185.219.24.0/22
Signature Algorithm: sha256WithRSAEncryption
80:2b:45:b9:5e:b5:90:ee:5a:8d:71:9d:1e:e7:c4:9c:94:13:
b0:09:a6:95:44:1a:51:bf:2e:c3:51:4f:36:30:de:78:b8:ab:
d0:ba:be:45:d3:3b:fe:0e:c5:43:f9:4a:af:67:03:7b:88:6a:
46:59:05:cb:ff:8b:46:37:a7:16:d5:51:9e:c5:2b:2d:a4:6c:
ed:62:15:bb:dd:7c:64:d6:b5:33:95:4a:7b:43:0a:7d:68:23:
3b:9a:ff:9c:2d:31:3f:4c:48:ec:e2:a5:ec:9d:39:66:f4:e7:
1f:0c:7b:84:6b:9d:49:fd:74:3a:61:1f:c8:ef:45:d7:89:ee:
c3:c6:a7:2e:bc:91:c5:9a:ee:e9:d1:53:92:ff:a2:ad:3d:45:
dd:f5:e5:13:3a:e1:c0:2e:42:14:82:5b:58:b8:6e:90:1b:8b:
54:03:02:95:a3:16:6d:1f:b4:d7:0c:a6:4d:19:79:8c:48:c1:
11:ec:d8:bf:fe:33:eb:13:17:7b:e7:76:10:5b:3f:dc:e7:f3:
60:ae:6b:9c:5b:45:80:d1:3b:d1:34:7f:e8:4e:4a:31:78:f3:
fe:c6:7c:34:3b:47:f1:6d:b5:2a:9d:bf:c2:21:ba:b9:2f:8e:
ce:b1:ab:08:93:0e:28:7c:d9:3e:5e:2b:a3:54:00:92:3e:25:
d6:36:b9:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcbA/mRr3bB5j43V/UiHBtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGQxZThjMjM5NGQxOGU4NzZjMmQ1NzAxNmU3ZWQ4OTgw
NWE2NjcwHhcNMjUwNTI5MDc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ3YWM3YjJmMDAyZjdhMmE1OWRhNTcyOTA4YjQ1YjI1N2I5MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNkCwagwvdN+EBTB0kYSEM6c4kLv
PPAZdGgE65z7d2eMb0ZhgRCHAN3eFExrzhHw1XX33Rpbq8IlZ9Iu3FpYl9L4hSC1
vSzWJdl6hfkYCQBC5SAttzDXgp2MDvTqtBsakQu2hZg+BZrjHfIwSNT+wQA1um9E
kKRWO6cgJ6ydAJKBhFG1S5LImnVEiMVeMobPjzmq5NXSQvNR0yx9cZ3GTs32Kiki
wmtVqhq5+jC3DoVnKbetHtU7h9UoK5QdRwW2gH5C/valJh/uTevcFxgYMM95ybTp
XjqV2k6Um9Rf8UfFMhfBprkk+mXty9XlJbhZryPgyNC986ve3mLIHKAnbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdHrHsvAC96KlnaVykItFsle5LUMB8GA1UdIwQY
MBaAFF/dHowjlNGOh2wtVwFuftiYBaZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDkwZWpDT1UwWTZIYkMxWEFXNS0ySmdGcG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9hNmQ0MmMtY2ZkNy00ZWQ1LTlmODMt
NWFlOTNlYzhmYjExLzEvZDBlc2V5OEFMM29xV2RwWEtRaTBXeVY3a3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9hNmQ0MmMtY2ZkNy00ZWQ1LTlmODMtNWFlOTNlYzhmYjEx
LzEvWDkwZWpDT1UwWTZIYkMxWEFXNS0ySmdGcG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8TQAwQC
udsYMA0GCSqGSIb3DQEBCwUAA4IBAQCAK0W5XrWQ7lqNcZ0e58SclBOwCaaVRBpR
vy7DUU82MN54uKvQur5F0zv+DsVD+UqvZwN7iGpGWQXL/4tGN6cW1VGexSstpGzt
YhW73Xxk1rUzlUp7Qwp9aCM7mv+cLTE/TEjs4qXsnTlm9OcfDHuEa51J/XQ6YR/I
70XXie7DxqcuvJHFmu7p0VOS/6KtPUXd9eUTOuHALkIUgltYuG6QG4tUAwKVoxZt
H7TXDKZNGXmMSMER7Ni//jPrExd753YQWz/c5/NgrmucW0WA0TvRNH/oTkoxePP+
xnw0O0fxbbUqnb/CIbq5L47OsasIkw4ofNk+XiujVACSPiXWNrnG
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:42:00 2025 by rpki-client