Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/a-EnC88GUWKn77zVAW3AGZhegs8.roa
File: a-EnC88GUWKn77zVAW3AGZhegs8.roa (raw, json)
Hash identifier: JLIYrbM+wHbAi9mK0qlem6X9cf53KA+YJn1W82FNUXk=
Subject key identifier: 6B:E1:27:0B:CF:06:51:62:A7:EF:BC:D5:01:6D:C0:19:98:5E:82:CF
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 0196FDBC8E09D528797997519FF6A4939046
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/a-EnC88GUWKn77zVAW3AGZhegs8.roa
Signing time: Fri 23 May 2025 15:21:54 +0000
ROA not before: Fri 23 May 2025 15:21:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
2a14:30c0::/32 maxlen: 48
2a14:30c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 00:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:bc:8e:09:d5:28:79:79:97:51:9f:f6:a4:93:90:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: May 23 15:21:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6be1270bcf065162a7efbcd5016dc019985e82cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:51:c6:f5:8e:eb:d9:7e:51:80:17:38:0d:
47:a5:65:aa:bd:35:fc:2c:fe:77:40:c4:a4:2b:bc:
f3:90:01:e1:df:d2:bd:f6:a3:8b:82:f8:b6:3c:7e:
00:c9:b1:25:a0:12:17:98:fd:3d:b0:b6:97:07:09:
54:14:aa:c7:ae:4e:78:02:33:16:80:39:9c:83:70:
e8:f1:7e:d1:e8:7c:7e:36:eb:14:5d:8a:82:4b:3d:
99:91:f9:57:9d:4d:e7:d6:98:29:f4:78:8e:ef:15:
98:a0:25:3d:d5:10:72:dc:d5:a1:23:47:64:dd:ad:
6b:2d:11:58:c0:76:17:68:76:d0:ec:3f:a3:db:d9:
35:a7:ed:f6:2d:21:e0:10:40:97:82:4e:20:82:77:
85:df:2e:8a:cc:b2:43:f6:3f:d7:ae:81:5c:c2:fb:
2b:35:c9:95:e6:94:49:c5:17:45:43:00:ec:7a:fb:
22:00:41:0d:b7:74:97:b9:c2:68:52:aa:36:1a:af:
ff:0f:e2:7d:38:33:cd:95:33:8a:8a:7f:0d:bd:27:
e7:ac:58:05:89:c3:8b:9d:b1:b9:4e:b8:53:24:91:
a4:b0:d6:e5:f7:f8:82:b6:a3:98:b4:c5:4b:cc:c5:
94:05:be:1c:a6:a5:9d:48:e3:c9:99:73:46:c7:ce:
9e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E1:27:0B:CF:06:51:62:A7:EF:BC:D5:01:6D:C0:19:98:5E:82:CF
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/a-EnC88GUWKn77zVAW3AGZhegs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
2a14:30c0::/31
Signature Algorithm: sha256WithRSAEncryption
5c:a7:47:f8:b3:1d:f2:44:5c:51:c0:43:2b:52:2c:53:24:77:
f5:fc:d7:0e:3a:5b:2e:b8:4e:7d:20:94:ee:16:4c:3d:96:ad:
ed:15:35:75:9f:db:47:56:5e:86:34:d5:8e:d2:90:bf:e4:a1:
ad:57:73:44:3a:e7:ea:a2:83:5b:9f:94:75:19:27:19:e4:a8:
b8:72:08:f5:23:ed:89:39:f5:c0:66:cb:ed:5d:27:61:52:5e:
3e:df:df:8e:22:79:57:7b:0f:ab:de:06:13:ba:da:91:20:cd:
c0:b2:e0:66:2f:3e:37:84:ca:ff:78:71:e1:76:63:c9:34:29:
e8:cf:53:86:3f:1b:8f:0a:d2:a9:87:ef:f0:2a:98:c6:84:d0:
f9:b1:89:53:e3:1e:db:e3:c6:4b:ac:78:e6:54:3e:29:f5:7a:
6d:b5:4a:35:0f:c3:8c:42:dd:78:d6:9b:da:4b:35:0e:60:e2:
0b:99:f5:9b:9a:ae:ab:32:c5:9e:28:54:fa:26:39:dc:6e:c8:
38:da:d4:cc:4f:c3:2a:99:5a:83:3e:03:ba:b3:59:4d:07:d1:
bf:f9:63:e5:1e:ec:f3:96:6d:cb:e1:f4:f7:61:13:43:02:e4:
be:86:e0:96:3f:09:9f:8a:9e:19:2e:ad:4a:7d:6f:72:87:98:
7f:8d:2c:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZb9vI4J1Sh5eZdRn/akk5BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjUwNTIzMTUyMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmUxMjcwYmNmMDY1MTYyYTdlZmJjZDUwMTZkYzAxOTk4NWU4MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmllRxvWO69l+UYAXOA1HpWWqvTX8
LP53QMSkK7zzkAHh39K99qOLgvi2PH4AybEloBIXmP09sLaXBwlUFKrHrk54AjMW
gDmcg3Do8X7R6Hx+NusUXYqCSz2ZkflXnU3n1pgp9HiO7xWYoCU91RBy3NWhI0dk
3a1rLRFYwHYXaHbQ7D+j29k1p+32LSHgEECXgk4ggneF3y6KzLJD9j/XroFcwvsr
NcmV5pRJxRdFQwDsevsiAEENt3SXucJoUqo2Gq//D+J9ODPNlTOKin8NvSfnrFgF
icOLnbG5TrhTJJGksNbl9/iCtqOYtMVLzMWUBb4cpqWdSOPJmXNGx86e8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGvhJwvPBlFip++81QFtwBmYXoLPMB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEvYS1FbkM4OEdVV0tuNzd6VkFXM0FHWmhlZ3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW/KtMBYE
AgACMBADBwAgAQZ8BtgDBQEqFDDAMA0GCSqGSIb3DQEBCwUAA4IBAQBcp0f4sx3y
RFxRwEMrUixTJHf1/NcOOlsuuE59IJTuFkw9lq3tFTV1n9tHVl6GNNWO0pC/5KGt
V3NEOufqooNbn5R1GScZ5Ki4cgj1I+2JOfXAZsvtXSdhUl4+39+OInlXew+r3gYT
utqRIM3AsuBmLz43hMr/eHHhdmPJNCnoz1OGPxuPCtKph+/wKpjGhND5sYlT4x7b
48ZLrHjmVD4p9XpttUo1D8OMQt141pvaSzUOYOILmfWbmq6rMsWeKFT6Jjncbsg4
2tTMT8MqmVqDPgO6s1lNB9G/+WPlHuzzlm3L4fT3YRNDAuS+huCWPwmfip4ZLq1K
fW9yh5h/jSxe
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:22:17 2025 by rpki-client