Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KeajlVbUH8unzlJTw34l2zDniNA.roa
File: KeajlVbUH8unzlJTw34l2zDniNA.roa (raw, json)
Hash identifier: sj6op165F7XGOX0SSrzNBGiHHatDPbleNT20ZWRP3XQ=
Subject key identifier: 29:E6:A3:95:56:D4:1F:CB:A7:CE:52:53:C3:7E:25:DB:30:E7:88:D0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0197911E7B06BB10FA721D32F4C61258AC0B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KeajlVbUH8unzlJTw34l2zDniNA.roa
Signing time: Sat 21 Jun 2025 06:13:03 +0000
ROA not before: Sat 21 Jun 2025 06:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:91:1e:7b:06:bb:10:fa:72:1d:32:f4:c6:12:58:ac:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 21 06:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29e6a39556d41fcba7ce5253c37e25db30e788d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bb:a3:ba:8f:9e:49:0f:a3:4a:8c:b3:a2:e9:
b9:30:cb:ec:6f:2c:d5:60:b6:8f:84:36:e0:8c:36:
7c:eb:50:fc:07:26:58:ec:d5:7c:67:65:83:05:5d:
c3:a8:5e:e8:c6:31:24:8c:d5:fa:3a:65:04:c9:ee:
52:c2:5b:0c:1f:5e:2d:98:29:50:c2:0d:27:af:87:
6a:09:26:ff:57:2d:24:d8:9a:99:ec:97:a3:b6:fb:
7a:34:47:97:8f:fa:59:4b:d5:08:ab:9c:06:c3:0c:
68:a9:54:b4:c6:e9:ed:b9:5c:ca:4d:59:d3:3c:a7:
fb:8f:3a:d2:39:2c:bc:fd:30:ef:85:0c:2c:56:99:
60:97:f2:9f:b9:33:3c:ad:19:5d:2f:44:88:58:7f:
0f:f1:e8:95:65:de:b7:82:90:78:f0:be:b8:2c:f9:
5f:f3:8d:34:d8:14:00:23:fe:be:3f:d0:80:94:3a:
2e:3c:f3:c6:48:9c:18:47:16:70:6c:aa:21:0f:17:
47:8d:4b:35:7c:63:c0:ee:a0:08:44:37:a9:13:d6:
95:af:78:6f:9e:b0:ad:99:1d:da:ae:59:a2:e1:32:
42:98:90:d3:e6:9f:2b:7e:9e:c1:79:22:85:2e:88:
e5:6c:a0:3a:2f:16:84:c1:63:68:0f:7a:93:73:a4:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E6:A3:95:56:D4:1F:CB:A7:CE:52:53:C3:7E:25:DB:30:E7:88:D0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KeajlVbUH8unzlJTw34l2zDniNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.151.59.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:da:a0:47:02:90:58:4b:36:f9:71:ef:1e:f4:e7:95:6c:8e:
14:80:c7:4c:9d:3a:4c:8e:af:03:93:b1:f9:fc:cf:d8:75:e6:
44:37:b6:27:3c:64:19:9d:e1:22:53:98:ad:76:df:cb:55:5a:
de:58:a6:ee:f3:2c:bb:cd:89:dc:5e:a6:b4:cf:69:8b:bf:43:
d3:2d:c7:55:61:7b:e8:e3:d7:fb:e7:20:f9:44:44:8a:f7:2c:
e9:4b:79:09:83:8e:52:46:1a:d7:bc:f5:4f:f3:2b:78:e5:a7:
ee:76:b6:37:18:d2:09:ad:df:e4:31:1b:87:2f:36:76:33:e7:
08:c7:e8:6a:d1:07:4d:85:a3:20:0c:f8:b7:f5:b4:86:16:c4:
14:8b:e8:4e:c2:f2:d9:dd:04:2d:eb:64:01:96:4f:38:3b:65:
da:df:b5:11:17:d5:b9:5d:cd:ab:e3:f4:7b:b3:56:b7:de:b9:
b3:e1:9e:60:1b:75:5f:ff:c4:90:b5:26:ee:f6:08:37:ee:a2:
9b:4f:a7:c4:39:86:8d:72:c8:84:a7:d4:60:45:99:70:05:a4:
99:c3:eb:95:d9:ac:19:83:fd:12:c7:44:f4:d3:16:2d:86:53:
b3:79:b5:73:c1:21:ab:99:db:0e:25:06:03:ac:aa:2f:d5:6b:
0a:ad:a8:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeRHnsGuxD6ch0y9MYSWKwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjIxMDYxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU2YTM5NTU2ZDQxZmNiYTdjZTUyNTNjMzdlMjVkYjMwZTc4OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77ujuo+eSQ+jSoyzoum5MMvsbyzV
YLaPhDbgjDZ861D8ByZY7NV8Z2WDBV3DqF7oxjEkjNX6OmUEye5SwlsMH14tmClQ
wg0nr4dqCSb/Vy0k2JqZ7Jejtvt6NEeXj/pZS9UIq5wGwwxoqVS0xuntuVzKTVnT
PKf7jzrSOSy8/TDvhQwsVplgl/KfuTM8rRldL0SIWH8P8eiVZd63gpB48L64LPlf
84002BQAI/6+P9CAlDouPPPGSJwYRxZwbKohDxdHjUs1fGPA7qAIRDepE9aVr3hv
nrCtmR3arlmi4TJCmJDT5p8rfp7BeSKFLojlbKA6LxaEwWNoD3qTc6QlKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCnmo5VW1B/Lp85SU8N+Jdsw54jQMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvS2VhamxWYlVIOHVuemxKVHczNGwyekRuaU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTfKSAwQB
WJc4AwQAWJc7AwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQC82qBHApBYSzb5ce8e
9OeVbI4UgMdMnTpMjq8Dk7H5/M/YdeZEN7YnPGQZneEiU5itdt/LVVreWKbu8yy7
zYncXqa0z2mLv0PTLcdVYXvo49f75yD5RESK9yzpS3kJg45SRhrXvPVP8yt45afu
drY3GNIJrd/kMRuHLzZ2M+cIx+hq0QdNhaMgDPi39bSGFsQUi+hOwvLZ3QQt62QB
lk84O2Xa37URF9W5Xc2r4/R7s1a33rmz4Z5gG3Vf/8SQtSbu9gg37qKbT6fEOYaN
csiEp9RgRZlwBaSZw+uV2awZg/0Sx0T00xYthlOzebVzwSGrmdsOJQYDrKov1WsK
ragE
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:32:28 2025 by rpki-client