Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/DppKxT5ljLij19Y9kuFKbXPtInE.roa
File: DppKxT5ljLij19Y9kuFKbXPtInE.roa (raw, json)
Hash identifier: dBb9XFhPZs/yEDFIrNxXoE0ofTm7AGuxUXTTkIoqD0w=
Subject key identifier: 0E:9A:4A:C5:3E:65:8C:B8:A3:D7:D6:3D:92:E1:4A:6D:73:ED:22:71
Certificate issuer: /CN=4eeb86abd5374e553098209075b9afecabef333a
Certificate serial: 0196C54846FBD2A0260857482F905F4AB7F0
Authority key identifier: 4E:EB:86:AB:D5:37:4E:55:30:98:20:90:75:B9:AF:EC:AB:EF:33:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuuGq9U3TlUwmCCQdbmv7KvvMzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/DppKxT5ljLij19Y9kuFKbXPtInE.roa
Signing time: Mon 12 May 2025 16:16:10 +0000
ROA not before: Mon 12 May 2025 16:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46562
IP address blocks: 78.40.59.0/24 maxlen: 24
185.230.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/TuuGq9U3TlUwmCCQdbmv7KvvMzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/TuuGq9U3TlUwmCCQdbmv7KvvMzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuuGq9U3TlUwmCCQdbmv7KvvMzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:48:46:fb:d2:a0:26:08:57:48:2f:90:5f:4a:b7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eeb86abd5374e553098209075b9afecabef333a
Validity
Not Before: May 12 16:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e9a4ac53e658cb8a3d7d63d92e14a6d73ed2271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:48:ab:77:3d:72:3d:46:2a:38:5d:ed:ca:e6:
93:ee:53:36:53:7b:21:3b:67:31:b2:d9:67:02:e2:
e1:2b:e1:11:b4:db:31:9c:9d:64:cf:25:5a:ef:a6:
31:d0:54:f3:91:be:11:dd:8a:4c:f8:e7:95:a6:00:
9a:9a:c9:ca:68:f9:74:1e:0b:e5:82:7b:6f:4e:44:
89:4f:3f:90:62:0a:c4:35:32:98:32:90:32:a3:7b:
3e:f8:78:94:38:80:1b:a9:46:d2:ef:d5:93:2c:66:
d3:b2:49:75:b3:91:2f:40:28:32:19:4b:93:cb:ef:
ae:40:9e:26:f1:b4:40:57:98:09:cf:f9:62:ee:41:
6d:dc:e0:96:e2:83:b9:7f:b4:76:17:36:d8:d2:35:
2f:8d:67:53:e8:95:83:0c:a6:21:da:56:3b:15:da:
6b:fe:5d:f2:eb:31:5c:6b:bc:ad:68:aa:a7:59:71:
65:93:c9:88:a6:d9:0c:99:94:ec:83:d2:97:10:10:
47:cf:a7:7c:5b:99:fc:78:1e:91:cb:b5:19:60:15:
98:ed:6c:dd:81:c4:2f:e0:4a:38:b9:35:77:3e:75:
c6:45:b7:bf:7e:f8:e5:5f:60:26:92:7d:5c:89:1e:
e4:f3:d1:5d:1f:7e:b0:92:02:d5:79:fa:21:33:a2:
e5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:9A:4A:C5:3E:65:8C:B8:A3:D7:D6:3D:92:E1:4A:6D:73:ED:22:71
X509v3 Authority Key Identifier:
keyid:4E:EB:86:AB:D5:37:4E:55:30:98:20:90:75:B9:AF:EC:AB:EF:33:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuuGq9U3TlUwmCCQdbmv7KvvMzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/DppKxT5ljLij19Y9kuFKbXPtInE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3e5c96-7e95-4797-aa6a-a8978e3aae98/1/TuuGq9U3TlUwmCCQdbmv7KvvMzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.59.0/24
185.230.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:53:38:9d:18:01:d2:48:8d:0b:71:49:0f:58:fa:5f:56:5d:
f4:7e:36:dd:f3:7e:b7:71:5d:de:dc:06:23:10:6c:d5:05:87:
53:0c:71:12:19:d3:b1:4f:b8:49:ff:c0:6d:a5:f0:2d:85:19:
5c:43:64:d7:50:79:07:55:3a:f4:0f:1f:14:af:27:f3:12:39:
03:b1:be:20:3e:5b:45:e9:17:d5:31:20:dd:f6:2f:f5:2e:64:
f9:16:e3:df:2c:35:1a:c5:f7:a9:41:05:00:a8:b4:a4:77:0e:
5d:04:11:89:2f:ed:fa:de:2e:d8:23:b3:9f:c4:bf:78:24:93:
69:90:e8:97:a4:6b:77:42:d1:5b:23:05:89:68:5a:59:c9:5c:
4a:8c:92:40:32:9d:95:df:96:69:c0:40:1b:bf:01:25:7f:33:
0f:e8:8d:2f:44:1a:34:c3:24:cf:78:d3:43:25:98:ed:86:7e:
f4:11:1c:2e:b7:0c:37:3e:18:13:76:9a:4b:76:07:6a:89:9d:
f5:33:80:c2:73:6a:3f:97:97:c3:f7:ef:e8:eb:28:d6:21:63:
b4:d7:97:cb:93:92:75:e6:5f:27:c0:4c:05:ef:e1:ff:f7:b4:
0f:2f:f2:36:4f:6c:d7:60:e8:52:b0:9f:e1:6f:f0:5b:82:c8:
e0:4c:d0:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbFSEb70qAmCFdIL5BfSrfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWI4NmFiZDUzNzRlNTUzMDk4MjA5MDc1YjlhZmVjYWJl
ZjMzM2EwHhcNMjUwNTEyMTYxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTlhNGFjNTNlNjU4Y2I4YTNkN2Q2M2Q5MmUxNGE2ZDczZWQyMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kirdz1yPUYqOF3tyuaT7lM2U3sh
O2cxstlnAuLhK+ERtNsxnJ1kzyVa76Yx0FTzkb4R3YpM+OeVpgCamsnKaPl0Hgvl
gntvTkSJTz+QYgrENTKYMpAyo3s++HiUOIAbqUbS79WTLGbTskl1s5EvQCgyGUuT
y++uQJ4m8bRAV5gJz/li7kFt3OCW4oO5f7R2FzbY0jUvjWdT6JWDDKYh2lY7Fdpr
/l3y6zFca7ytaKqnWXFlk8mIptkMmZTsg9KXEBBHz6d8W5n8eB6Ry7UZYBWY7Wzd
gcQv4Eo4uTV3PnXGRbe/fvjlX2Amkn1ciR7k89FdH36wkgLVefohM6LlEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6aSsU+ZYy4o9fWPZLhSm1z7SJxMB8GA1UdIwQY
MBaAFE7rhqvVN05VMJggkHW5r+yr7zM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV1R3E5VTNUbFV3bUNDUWRibXY3S3Z2TXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zZTVjOTYtN2U5NS00Nzk3LWFhNmEt
YTg5NzhlM2FhZTk4LzEvRHBwS3hUNWxqTGlqMTlZOWt1RktiWFB0SW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zZTVjOTYtN2U5NS00Nzk3LWFhNmEtYTg5NzhlM2FhZTk4
LzEvVHV1R3E5VTNUbFV3bUNDUWRibXY3S3Z2TXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATig7AwQA
uebeMA0GCSqGSIb3DQEBCwUAA4IBAQCPUzidGAHSSI0LcUkPWPpfVl30fjbd8363
cV3e3AYjEGzVBYdTDHESGdOxT7hJ/8BtpfAthRlcQ2TXUHkHVTr0Dx8UryfzEjkD
sb4gPltF6RfVMSDd9i/1LmT5FuPfLDUaxfepQQUAqLSkdw5dBBGJL+363i7YI7Of
xL94JJNpkOiXpGt3QtFbIwWJaFpZyVxKjJJAMp2V35ZpwEAbvwElfzMP6I0vRBo0
wyTPeNNDJZjthn70ERwutww3PhgTdppLdgdqiZ31M4DCc2o/l5fD9+/o6yjWIWO0
15fLk5J15l8nwEwF7+H/97QPL/I2T2zXYOhSsJ/hb/BbgsjgTNBY
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:36:51 2025 by rpki-client