Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/V7lXlsc_KCrBF5PGRWvxEoDs1jE.roa
File: V7lXlsc_KCrBF5PGRWvxEoDs1jE.roa (raw, json)
Hash identifier: 3HSkq2ZQ4Tv+kukR6Ld2lDKWo32adQgvx+S4uGpggoY=
Subject key identifier: 57:B9:57:96:C7:3F:28:2A:C1:17:93:C6:45:6B:F1:12:80:EC:D6:31
Certificate issuer: /CN=92933e013644db9c9ee9b91df72e1338db8e2097
Certificate serial: 0196AF49568F2AFF2D9D1A6B90FDFF0EF406
Authority key identifier: 92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/V7lXlsc_KCrBF5PGRWvxEoDs1jE.roa
Signing time: Thu 08 May 2025 09:45:41 +0000
ROA not before: Thu 08 May 2025 09:45:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205499
IP address blocks: 88.135.78.0/23 maxlen: 24
88.135.78.0/24 maxlen: 24
88.135.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:49:56:8f:2a:ff:2d:9d:1a:6b:90:fd:ff:0e:f4:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92933e013644db9c9ee9b91df72e1338db8e2097
Validity
Not Before: May 8 09:45:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57b95796c73f282ac11793c6456bf11280ecd631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c6:d4:31:af:8f:a7:50:cd:de:30:ba:43:96:
dc:04:8c:5a:6f:10:ca:50:a2:e0:57:1a:88:c8:db:
ae:e5:6e:a0:ed:27:9f:e2:0b:25:36:de:eb:46:95:
70:03:5d:27:a8:76:65:93:b8:71:9e:21:27:df:c7:
8c:fb:bd:28:6e:cc:0d:4d:8f:02:ff:4a:b3:02:42:
7f:aa:29:17:65:ae:c0:ed:07:44:73:18:f9:96:65:
cc:93:ad:bb:b0:6f:09:5f:b9:aa:58:ed:38:7b:a4:
73:d1:ba:28:9e:6d:0b:98:31:e4:98:75:68:70:62:
d6:4b:f5:53:d3:6d:00:72:be:78:b9:08:d7:66:65:
de:00:54:0c:91:72:a9:53:dd:e9:c0:d3:a6:ac:93:
b4:cb:7b:51:c3:e5:e4:77:e7:53:dc:5f:54:16:0e:
23:3d:6f:e4:87:8f:dd:c9:7a:68:75:d1:24:2a:4e:
23:f0:ef:e1:47:f4:a2:bb:d4:60:2f:f9:5a:e5:3e:
99:9b:31:0c:7a:de:1a:be:56:31:b8:80:6d:8c:69:
78:0e:ce:91:ae:9d:37:1d:5c:02:59:c4:8a:c8:4d:
a6:60:00:b8:45:b3:be:5a:3c:9b:aa:76:63:31:be:
e2:81:9d:49:58:10:dc:c4:01:28:fa:43:27:0e:c5:
20:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B9:57:96:C7:3F:28:2A:C1:17:93:C6:45:6B:F1:12:80:EC:D6:31
X509v3 Authority Key Identifier:
keyid:92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/V7lXlsc_KCrBF5PGRWvxEoDs1jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.78.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:bc:33:6d:8e:9b:ad:52:a5:39:25:4e:04:88:25:ad:37:e7:
37:75:6c:05:96:b4:f9:29:37:4a:a9:16:8e:e8:72:e4:06:a5:
14:c2:c5:31:c6:c4:ef:9f:af:88:16:0c:bb:5f:20:89:b3:21:
ac:cd:fe:8d:68:e6:a9:ef:b8:8c:9b:33:f6:27:81:5b:6c:52:
9c:71:b7:df:3d:ad:a1:2b:4d:1e:c4:91:61:fe:c8:16:f8:85:
09:f5:52:ce:be:6a:a3:17:c1:31:19:78:8d:b9:a3:91:f8:9b:
d3:1a:6a:ab:af:eb:67:0f:b4:c4:75:13:00:06:28:cb:08:2f:
f2:29:a7:c4:1c:99:6e:25:da:67:84:92:dc:35:51:e3:01:89:
38:3d:01:73:41:36:cf:4a:2e:59:79:0b:03:8b:ce:f0:6c:60:
59:ab:2f:3e:cf:07:63:3c:51:a2:a5:ec:a3:89:6e:cd:d2:38:
35:d2:c8:95:bb:df:8a:3f:2a:03:e9:b7:a5:d5:99:ee:34:6e:
f0:d0:03:7c:18:52:89:f6:4f:6c:eb:11:32:e0:e0:f5:c3:37:
97:a2:5a:d5:d2:91:d5:3c:bb:48:0d:4b:94:14:f9:a2:1a:b8:
38:86:4c:71:52:ac:cc:90:4a:ff:3b:66:96:cb:4a:65:e6:f9:
3e:42:75:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZavSVaPKv8tnRprkP3/DvQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTMzZTAxMzY0NGRiOWM5ZWU5YjkxZGY3MmUxMzM4ZGI4
ZTIwOTcwHhcNMjUwNTA4MDk0NTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2I5NTc5NmM3M2YyODJhYzExNzkzYzY0NTZiZjExMjgwZWNkNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8bUMa+Pp1DN3jC6Q5bcBIxabxDK
UKLgVxqIyNuu5W6g7Sef4gslNt7rRpVwA10nqHZlk7hxniEn38eM+70obswNTY8C
/0qzAkJ/qikXZa7A7QdEcxj5lmXMk627sG8JX7mqWO04e6Rz0boonm0LmDHkmHVo
cGLWS/VT020Acr54uQjXZmXeAFQMkXKpU93pwNOmrJO0y3tRw+Xkd+dT3F9UFg4j
PW/kh4/dyXpoddEkKk4j8O/hR/Siu9RgL/la5T6ZmzEMet4avlYxuIBtjGl4Ds6R
rp03HVwCWcSKyE2mYAC4RbO+WjybqnZjMb7igZ1JWBDcxAEo+kMnDsUg8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFe5V5bHPygqwReTxkVr8RKA7NYxMB8GA1UdIwQY
MBaAFJKTPgE2RNucnum5HfcuEzjbjiCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTkt
NWNjMmVmMDk5YWVlLzEvVjdsWGxzY19LQ3JCRjVQR1JXdnhFb0RzMWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTktNWNjMmVmMDk5YWVl
LzEva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWIdOMA0G
CSqGSIb3DQEBCwUAA4IBAQAavDNtjputUqU5JU4EiCWtN+c3dWwFlrT5KTdKqRaO
6HLkBqUUwsUxxsTvn6+IFgy7XyCJsyGszf6NaOap77iMmzP2J4FbbFKccbffPa2h
K00exJFh/sgW+IUJ9VLOvmqjF8ExGXiNuaOR+JvTGmqrr+tnD7TEdRMABijLCC/y
KafEHJluJdpnhJLcNVHjAYk4PQFzQTbPSi5ZeQsDi87wbGBZqy8+zwdjPFGipeyj
iW7N0jg10siVu9+KPyoD6bel1ZnuNG7w0AN8GFKJ9k9s6xEy4OD1wzeXolrV0pHV
PLtIDUuUFPmiGrg4hkxxUqzMkEr/O2aWy0pl5vk+QnXf
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:23:56 2025 by rpki-client