Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/yQ91zssiLccRHA5nLDLCbHVrzwY.roa
File: yQ91zssiLccRHA5nLDLCbHVrzwY.roa (raw, json)
Hash identifier: jHNMPrDscbkXMeLXgNIGaBErBrBnGqdgI+yTuRlxq7Q=
Subject key identifier: C9:0F:75:CE:CB:22:2D:C7:11:1C:0E:67:2C:32:C2:6C:75:6B:CF:06
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0196EDAB90C4D82A3C9435C6229C523F0C0F
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/yQ91zssiLccRHA5nLDLCbHVrzwY.roa
Signing time: Tue 20 May 2025 12:29:26 +0000
ROA not before: Tue 20 May 2025 12:29:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41965
IP address blocks: 77.95.188.0/22 maxlen: 22
91.103.56.0/24 maxlen: 24
91.103.57.0/24 maxlen: 24
91.103.62.0/24 maxlen: 24
91.103.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:ab:90:c4:d8:2a:3c:94:35:c6:22:9c:52:3f:0c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: May 20 12:29:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c90f75cecb222dc7111c0e672c32c26c756bcf06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e5:60:44:7e:47:48:0f:53:83:0d:20:51:13:
bf:a5:95:d1:9c:5f:3e:d2:8d:ec:21:d3:e6:c3:27:
47:6f:a0:0f:c3:64:72:f9:2c:9b:62:f3:7f:4a:c6:
71:99:a4:36:ea:9c:1e:11:08:78:69:78:13:fb:d3:
0a:cc:72:b1:b1:6c:fc:51:05:40:e4:e1:08:c7:ab:
78:d8:52:27:c6:d2:2c:12:45:07:7f:7b:76:60:1f:
e5:4e:0a:4d:80:82:30:7c:de:e6:ac:f6:47:5c:e8:
68:42:b7:5f:d3:89:b9:ca:0e:83:4c:d6:94:59:19:
01:9b:ad:ba:29:e2:30:e4:03:40:50:84:b5:1d:b1:
d2:8d:90:6f:53:64:dc:67:33:31:1a:42:cf:5e:d9:
09:35:6d:ea:70:99:8a:46:fb:66:8b:33:3e:11:64:
3b:50:39:8e:42:80:16:64:2b:36:74:0f:b0:b7:3f:
20:03:79:82:fc:38:5c:e2:f0:15:13:82:9b:02:bc:
8e:ed:19:22:be:1e:a4:e7:f7:50:1c:34:17:0b:39:
7e:a5:49:b6:ea:09:49:00:29:cf:76:f0:ce:71:08:
82:4e:d1:d5:c7:95:d9:e0:e8:f2:ca:dc:f8:d9:ac:
e2:f7:c7:ca:9e:ee:bf:75:58:4d:40:27:83:00:af:
28:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0F:75:CE:CB:22:2D:C7:11:1C:0E:67:2C:32:C2:6C:75:6B:CF:06
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/yQ91zssiLccRHA5nLDLCbHVrzwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.188.0/22
91.103.56.0/23
91.103.62.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:3b:a5:9a:50:ed:b8:d2:de:b8:11:7b:76:7e:9f:43:31:47:
e9:ab:bf:4e:93:d4:8f:bf:a9:51:59:91:2c:f0:34:12:2d:a2:
2b:14:b7:ee:c2:87:b1:2e:5b:ea:e9:de:21:d0:f4:ce:b0:cc:
10:57:ef:1b:e2:57:ae:2f:e2:98:1e:ab:95:8c:64:b1:32:2a:
4e:cb:ee:f8:53:ad:9c:77:db:69:e5:1b:b6:60:32:19:c1:2c:
b5:2c:fd:ae:ac:ae:a8:34:1b:88:30:8f:9a:de:4d:57:40:09:
d9:ca:da:8d:c2:60:33:fd:22:0b:82:f0:2e:aa:57:33:47:35:
7e:ea:f0:f9:52:8b:b7:23:5d:65:b2:ce:3d:4b:40:5c:91:e8:
86:1f:c1:0c:a0:69:94:28:20:b2:25:3b:29:27:1c:d7:01:de:
85:14:3e:28:64:15:97:e5:bb:9d:bf:2e:ce:75:52:3d:3f:1c:
84:5c:95:96:c1:cb:63:81:4e:f1:6d:a4:0e:86:22:e0:a5:a5:
40:9b:d2:19:06:af:f2:f5:d8:f2:73:5b:1e:38:bf:76:b6:05:
43:78:47:61:51:65:48:45:f4:4c:f7:f4:14:cc:3b:cb:3e:c7:
cb:2c:bd:6e:3c:05:9f:1f:8d:25:d5:6f:eb:16:21:73:4f:28:
cd:8e:ce:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbtq5DE2Co8lDXGIpxSPwwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNTIwMTIyOTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBmNzVjZWNiMjIyZGM3MTExYzBlNjcyYzMyYzI2Yzc1NmJjZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuVgRH5HSA9Tgw0gURO/pZXRnF8+
0o3sIdPmwydHb6APw2Ry+SybYvN/SsZxmaQ26pweEQh4aXgT+9MKzHKxsWz8UQVA
5OEIx6t42FInxtIsEkUHf3t2YB/lTgpNgIIwfN7mrPZHXOhoQrdf04m5yg6DTNaU
WRkBm626KeIw5ANAUIS1HbHSjZBvU2TcZzMxGkLPXtkJNW3qcJmKRvtmizM+EWQ7
UDmOQoAWZCs2dA+wtz8gA3mC/Dhc4vAVE4KbAryO7Rkivh6k5/dQHDQXCzl+pUm2
6glJACnPdvDOcQiCTtHVx5XZ4Ojyytz42azi98fKnu6/dVhNQCeDAK8ohwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMkPdc7LIi3HERwOZywywmx1a88GMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEveVE5MXpzc2lMY2NSSEE1bkxETENiSFZyendZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTV+8AwQB
W2c4AwQBW2c+MA0GCSqGSIb3DQEBCwUAA4IBAQB9O6WaUO240t64EXt2fp9DMUfp
q79Ok9SPv6lRWZEs8DQSLaIrFLfuwoexLlvq6d4h0PTOsMwQV+8b4leuL+KYHquV
jGSxMipOy+74U62cd9tp5Ru2YDIZwSy1LP2urK6oNBuIMI+a3k1XQAnZytqNwmAz
/SILgvAuqlczRzV+6vD5Uou3I11lss49S0BckeiGH8EMoGmUKCCyJTspJxzXAd6F
FD4oZBWX5budvy7OdVI9PxyEXJWWwctjgU7xbaQOhiLgpaVAm9IZBq/y9djyc1se
OL92tgVDeEdhUWVIRfRM9/QUzDvLPsfLLL1uPAWfH40l1W/rFiFzTyjNjs47
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:29:40 2025 by rpki-client