Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/t1rSqZMHwUULq3wM5aR5KwjFWZs.roa
File: t1rSqZMHwUULq3wM5aR5KwjFWZs.roa (raw, json)
Hash identifier: 6VKs9nWx8WcxkqsK971nWLpcVPvBhOxvWj0zA50lsSI=
Subject key identifier: B7:5A:D2:A9:93:07:C1:45:0B:AB:7C:0C:E5:A4:79:2B:08:C5:59:9B
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 01980B1699164F767A632A39E0D762AEB40E
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/t1rSqZMHwUULq3wM5aR5KwjFWZs.roa
Signing time: Mon 14 Jul 2025 22:38:06 +0000
ROA not before: Mon 14 Jul 2025 22:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43298
IP address blocks: 185.121.243.0/24 maxlen: 24
2a06:a180:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0b:16:99:16:4f:76:7a:63:2a:39:e0:d7:62:ae:b4:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Jul 14 22:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b75ad2a99307c1450bab7c0ce5a4792b08c5599b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:9f:f5:40:f5:6e:51:95:a7:46:22:eb:9c:
e0:12:04:fa:5e:67:5e:51:f0:0c:4d:00:c6:d8:ba:
48:e3:ee:ed:6f:ee:29:2e:bb:c5:08:f6:f1:97:e4:
82:31:ef:60:de:f8:44:6d:9f:90:9e:44:0a:50:9d:
6a:83:43:9c:17:c0:d1:c4:db:b8:4e:1b:97:a6:25:
b7:0c:22:6c:d7:1d:1d:0e:9a:d6:bf:d7:c5:3f:33:
77:7b:38:66:90:33:1c:b2:06:8a:39:91:32:50:5e:
aa:70:8c:68:6b:77:a0:a3:46:2a:50:25:d4:cb:47:
93:01:2b:e0:3f:0d:51:1e:f5:d3:b8:71:24:f2:2b:
ed:3c:bc:0d:94:e8:9d:56:da:35:eb:6c:72:b9:12:
73:be:44:d7:ca:75:86:3a:3e:be:60:87:98:c7:1a:
bf:fb:9a:e0:eb:27:10:05:e2:55:60:5b:2c:18:ed:
83:ff:ee:e8:49:c6:9f:64:9e:17:b1:64:2c:90:4f:
3e:aa:f8:89:6a:be:be:1c:cb:43:74:6f:c8:f9:9f:
c1:6c:f2:a2:e2:97:a8:95:6f:3b:44:57:f8:51:13:
2d:85:c9:78:72:3b:a4:bc:92:6e:f0:94:3c:db:54:
ab:e0:f4:c0:ac:38:4e:61:71:bc:6b:3d:08:fc:0c:
5d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5A:D2:A9:93:07:C1:45:0B:AB:7C:0C:E5:A4:79:2B:08:C5:59:9B
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/t1rSqZMHwUULq3wM5aR5KwjFWZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.243.0/24
IPv6:
2a06:a180:20::/48
Signature Algorithm: sha256WithRSAEncryption
4f:52:9b:65:de:b1:a5:f2:09:02:be:ee:94:e7:76:04:15:bf:
a4:da:3e:dc:9d:63:6a:78:6d:2b:d3:5a:09:54:08:90:25:d6:
e2:c5:5f:60:ae:26:17:a2:2f:3f:f3:d5:e8:da:ff:3c:a9:01:
a7:5f:ae:87:0e:cf:2e:31:18:39:f7:c0:a9:d6:5b:10:c4:76:
87:48:04:76:28:50:c6:e5:92:fd:a5:8e:40:f0:dc:3d:12:51:
56:b0:d4:dc:bd:b4:07:cc:cc:9e:b2:9c:ac:3c:79:a8:ca:a1:
e6:15:47:3f:e9:10:e8:b0:28:b9:53:40:20:1a:bb:7d:b6:81:
6f:72:59:4e:fe:cc:45:0b:72:9b:13:a3:83:07:e2:af:eb:06:
62:d0:ed:e4:37:ae:a0:ec:a0:58:5a:c2:8e:03:78:a3:6b:ca:
01:5b:ae:c6:a4:6c:36:ea:aa:55:ae:66:d6:3e:0a:cd:fa:7b:
ab:a0:d2:b1:38:f1:75:bc:9b:4b:d4:52:35:3d:71:05:ad:51:
af:9a:cb:16:b5:40:be:f2:9b:77:f8:61:df:bf:10:b2:1e:fe:
64:31:0d:96:b7:57:d0:90:54:cc:e2:2c:fd:55:dc:13:7e:c2:
12:a8:9a:ce:58:00:f5:4a:cb:8d:3e:c5:4e:a6:0d:49:ea:73:
e9:63:8e:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZgLFpkWT3Z6Yyo54NdirrQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjUwNzE0MjIzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzVhZDJhOTkzMDdjMTQ1MGJhYjdjMGNlNWE0NzkyYjA4YzU1OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Wf9UD1blGVp0Yi65zgEgT6Xmde
UfAMTQDG2LpI4+7tb+4pLrvFCPbxl+SCMe9g3vhEbZ+QnkQKUJ1qg0OcF8DRxNu4
ThuXpiW3DCJs1x0dDprWv9fFPzN3ezhmkDMcsgaKOZEyUF6qcIxoa3ego0YqUCXU
y0eTASvgPw1RHvXTuHEk8ivtPLwNlOidVto162xyuRJzvkTXynWGOj6+YIeYxxq/
+5rg6ycQBeJVYFssGO2D/+7oScafZJ4XsWQskE8+qviJar6+HMtDdG/I+Z/BbPKi
4peolW87RFf4URMthcl4cjukvJJu8JQ821Sr4PTArDhOYXG8az0I/AxdMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLda0qmTB8FFC6t8DOWkeSsIxVmbMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvdDFyU3FaTUh3VVVMcTN3TTVhUjVLd2pGV1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXnzMA8E
AgACMAkDBwAqBqGAACAwDQYJKoZIhvcNAQELBQADggEBAE9Sm2XesaXyCQK+7pTn
dgQVv6TaPtydY2p4bSvTWglUCJAl1uLFX2CuJheiLz/z1eja/zypAadfrocOzy4x
GDn3wKnWWxDEdodIBHYoUMblkv2ljkDw3D0SUVaw1Ny9tAfMzJ6ynKw8eajKoeYV
Rz/pEOiwKLlTQCAau322gW9yWU7+zEULcpsTo4MH4q/rBmLQ7eQ3rqDsoFhawo4D
eKNrygFbrsakbDbqqlWuZtY+Cs36e6ug0rE48XW8m0vUUjU9cQWtUa+ayxa1QL7y
m3f4Yd+/ELIe/mQxDZa3V9CQVMziLP1V3BN+whKoms5YAPVKy40+xU6mDUnqc+lj
jlc=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:06:36 2025 by rpki-client