Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Kziw5pmdrIU-WAEz_LapAFaxL_o.roa
File: Kziw5pmdrIU-WAEz_LapAFaxL_o.roa (raw, json)
Hash identifier: KOSg0sdg0+OBwjRB+KuWt0LUU2tsuczSun6jBvJKO8A=
Subject key identifier: 2B:38:B0:E6:99:9D:AC:85:3E:58:01:33:FC:B6:A9:00:56:B1:2F:FA
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0197C9496FBEE4D3A0FFFA27BC032B5CCBBA
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Kziw5pmdrIU-WAEz_LapAFaxL_o.roa
Signing time: Wed 02 Jul 2025 03:58:42 +0000
ROA not before: Wed 02 Jul 2025 03:58:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.1.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:49:6f:be:e4:d3:a0:ff:fa:27:bc:03:2b:5c:cb:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jul 2 03:58:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b38b0e6999dac853e580133fcb6a90056b12ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8c:ab:08:ea:f5:4d:f7:cf:40:91:06:22:55:
7f:7d:07:8f:c6:5c:67:16:03:96:e2:10:e0:1f:fb:
72:0c:66:d6:8a:a7:8a:7a:54:55:02:b2:07:1e:30:
d1:74:e9:a7:59:7f:36:e8:4f:61:81:1f:8c:6f:1d:
36:fe:ac:89:ee:b8:48:35:d9:3d:f1:91:b1:09:2e:
e7:a0:61:a1:3e:a5:17:80:bc:62:ef:9b:14:1b:24:
a0:8c:45:b1:f5:0b:56:85:6a:fa:95:e0:b5:97:df:
1c:29:6c:df:39:c7:84:f8:99:91:26:0f:2a:c5:8c:
95:68:39:00:2f:a9:56:20:7a:19:e5:44:64:95:f6:
4e:55:f8:af:b7:5b:50:06:40:59:c6:fc:92:dd:1c:
4d:17:ee:48:6f:83:38:bf:a3:b2:f6:b9:9b:72:f3:
ab:f5:1c:e8:58:88:92:43:a1:3e:8a:18:de:f2:41:
8e:e1:2f:f8:4c:a4:4f:8e:78:79:42:18:40:fd:0c:
b6:82:49:f4:0d:5e:67:56:a8:b6:a8:ab:79:71:8c:
10:52:4f:df:2e:66:05:9b:6e:b9:c3:f5:10:b5:be:
6a:ba:7a:3c:78:3f:e7:20:d9:9b:bc:e5:92:37:e4:
9b:fb:3d:ab:70:75:4b:45:ac:c8:28:24:51:d9:50:
35:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:B0:E6:99:9D:AC:85:3E:58:01:33:FC:B6:A9:00:56:B1:2F:FA
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/Kziw5pmdrIU-WAEz_LapAFaxL_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
Signature Algorithm: sha256WithRSAEncryption
71:53:b8:69:3d:7d:6c:68:fc:be:ef:bd:62:ca:c7:70:cb:f4:
9d:93:93:7c:df:66:ca:b6:4a:ef:b3:0c:8e:4d:50:b0:8e:98:
0d:78:f1:28:d9:d4:b2:bd:73:e9:70:bd:c1:d5:f0:de:6d:7c:
7e:0a:cc:8a:35:21:35:bf:42:7a:4e:e6:07:a0:b2:4b:d6:1d:
72:e0:08:1b:70:5f:08:50:d6:af:e6:3e:37:f9:57:69:2e:24:
40:82:a1:4f:1f:2a:77:9a:6f:08:23:24:74:54:ba:30:89:42:
30:24:b9:a4:bd:7c:4a:b0:d8:ef:86:f0:e0:bd:1b:6c:63:8e:
49:9f:54:ed:a7:f7:e2:55:96:1f:0e:ce:e7:4a:6d:ba:02:fe:
95:1d:01:da:d6:13:3c:27:ea:de:3a:f2:14:b4:2c:7d:fd:74:
67:31:4d:18:02:cd:cb:5a:46:f8:25:11:94:cb:54:08:ca:4e:
f4:03:7a:03:0a:27:e5:7b:a3:1f:1d:e1:71:6b:ca:9b:20:06:
81:d7:5c:68:05:2c:f8:3b:5b:a8:f0:bc:97:e8:0d:4c:01:3c:
a9:f1:07:3b:8e:4f:56:d2:f3:8d:9c:ac:5c:43:a3:26:11:99:
4a:04:42:b3:33:51:dc:9d:c5:8a:3b:99:39:cd:c2:55:0b:41:
ea:07:27:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfJSW++5NOg//onvAMrXMu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNzAyMDM1ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM4YjBlNjk5OWRhYzg1M2U1ODAxMzNmY2I2YTkwMDU2YjEyZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYyrCOr1TffPQJEGIlV/fQePxlxn
FgOW4hDgH/tyDGbWiqeKelRVArIHHjDRdOmnWX826E9hgR+Mbx02/qyJ7rhINdk9
8ZGxCS7noGGhPqUXgLxi75sUGySgjEWx9QtWhWr6leC1l98cKWzfOceE+JmRJg8q
xYyVaDkAL6lWIHoZ5URklfZOVfivt1tQBkBZxvyS3RxNF+5Ib4M4v6Oy9rmbcvOr
9RzoWIiSQ6E+ihje8kGO4S/4TKRPjnh5QhhA/Qy2gkn0DV5nVqi2qKt5cYwQUk/f
LmYFm265w/UQtb5quno8eD/nINmbvOWSN+Sb+z2rcHVLRazIKCRR2VA1mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCs4sOaZnayFPlgBM/y2qQBWsS/6MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvS3ppdzVwbWRySVUtV0FFel9MYXBBRmF4TF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQEoMA0G
CSqGSIb3DQEBCwUAA4IBAQBxU7hpPX1saPy+771iysdwy/Sdk5N832bKtkrvswyO
TVCwjpgNePEo2dSyvXPpcL3B1fDebXx+CsyKNSE1v0J6TuYHoLJL1h1y4AgbcF8I
UNav5j43+VdpLiRAgqFPHyp3mm8IIyR0VLowiUIwJLmkvXxKsNjvhvDgvRtsY45J
n1Ttp/fiVZYfDs7nSm26Av6VHQHa1hM8J+reOvIUtCx9/XRnMU0YAs3LWkb4JRGU
y1QIyk70A3oDCifle6MfHeFxa8qbIAaB11xoBSz4O1uo8LyX6A1MATyp8Qc7jk9W
0vONnKxcQ6MmEZlKBEKzM1HcncWKO5k5zcJVC0HqBycT
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:03:40 2025 by rpki-client