Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/eJ7uPrM8JY33NNPBvoVZtJuwfgo.roa
File: eJ7uPrM8JY33NNPBvoVZtJuwfgo.roa (raw, json)
Hash identifier: 9nSK/KxQ/IGq4AdrWK6p4xTHdEJaVTMR/Qd+c8XyqcA=
Subject key identifier: 78:9E:EE:3E:B3:3C:25:8D:F7:34:D3:C1:BE:85:59:B4:9B:B0:7E:0A
Certificate issuer: /CN=227e9581a69acf8119320e1379857a513bd238db
Certificate serial: 019722D1A8B1BD6CD192EE18550A62AEC38E
Authority key identifier: 22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/eJ7uPrM8JY33NNPBvoVZtJuwfgo.roa
Signing time: Fri 30 May 2025 20:10:54 +0000
ROA not before: Fri 30 May 2025 20:10:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199324
IP address blocks: 80.83.170.0/24 maxlen: 24
185.21.24.0/22 maxlen: 24
185.187.40.0/22 maxlen: 24
2a00:54e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/In6Vgaaaz4EZMg4TeYV6UTvSONs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/In6Vgaaaz4EZMg4TeYV6UTvSONs.mft
rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:d1:a8:b1:bd:6c:d1:92:ee:18:55:0a:62:ae:c3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=227e9581a69acf8119320e1379857a513bd238db
Validity
Not Before: May 30 20:10:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=789eee3eb33c258df734d3c1be8559b49bb07e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0a:46:d3:f9:dc:f9:b1:30:06:b5:d1:f8:9f:
18:57:9f:42:5c:ba:a6:b2:b3:9a:5d:de:6c:b9:79:
71:38:21:b7:20:a4:de:e5:a4:95:31:40:fe:83:36:
16:4e:15:a6:96:8f:95:7e:b1:a7:b5:23:9e:44:0b:
25:57:dd:56:e3:11:35:c7:77:0e:cc:79:88:da:7b:
fb:dd:7b:51:19:81:b4:8d:c6:18:47:db:78:5e:db:
7b:af:c2:b1:35:35:17:48:03:9d:83:9a:0f:92:51:
aa:70:b4:4c:a2:1e:98:76:4f:b2:19:44:00:14:00:
62:c9:9d:bc:6a:f2:c4:c5:60:fe:aa:56:7d:7c:43:
dd:d2:b7:e3:70:48:13:8e:19:db:ea:33:6d:58:6f:
91:1e:91:00:24:76:07:a4:0d:e1:09:4f:f0:b6:1d:
19:b6:83:9c:93:e6:52:7e:1a:fb:93:99:73:35:ba:
75:eb:ed:8e:01:8e:06:47:26:e7:9f:86:cd:50:8d:
fb:9e:45:67:1b:8a:f5:c9:f9:bf:59:75:83:1a:7c:
3d:95:5c:e3:31:ce:f9:b7:dd:32:37:7c:03:32:43:
d3:10:46:d6:df:de:34:57:66:42:8d:87:d5:54:65:
3e:5e:f0:89:b7:21:26:6f:25:df:24:78:5b:03:9a:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9E:EE:3E:B3:3C:25:8D:F7:34:D3:C1:BE:85:59:B4:9B:B0:7E:0A
X509v3 Authority Key Identifier:
keyid:22:7E:95:81:A6:9A:CF:81:19:32:0E:13:79:85:7A:51:3B:D2:38:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/In6Vgaaaz4EZMg4TeYV6UTvSONs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/eJ7uPrM8JY33NNPBvoVZtJuwfgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/2b83a1-748d-4f55-8b3b-d9df45dbbadf/1/In6Vgaaaz4EZMg4TeYV6UTvSONs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.170.0/24
185.21.24.0/22
185.187.40.0/22
IPv6:
2a00:54e0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:95:d5:84:e6:db:f4:1b:ff:d5:5d:ed:f9:ba:ab:6c:59:c2:
ba:64:cd:e6:0f:93:d0:a4:8a:87:07:9c:47:c2:1a:51:c4:52:
d6:1f:6e:61:87:5d:6f:d5:6d:dc:7a:39:41:ed:cc:ee:c5:a6:
50:32:31:cd:37:3e:11:17:a4:fb:3f:ee:6c:b3:da:e0:23:3d:
4d:bc:29:65:bf:c5:6d:50:fa:3a:13:0f:bb:86:a9:f8:c8:02:
60:ce:e9:36:8f:77:f7:ba:80:fb:13:0e:5d:e8:a9:fe:67:1e:
c6:87:e0:97:4d:80:7e:2e:51:ce:ee:02:90:d5:25:c5:62:e6:
6b:0b:7f:81:79:2c:58:ef:27:a9:56:90:ac:84:e1:88:67:1b:
7f:fc:3e:41:5d:c8:f2:17:5b:24:6d:83:ad:10:0a:d6:6b:4e:
c7:00:5f:4d:e6:10:0b:35:c0:4e:6a:69:34:88:4f:6c:23:68:
fc:8b:8e:99:d9:25:e7:09:e6:83:e2:9a:a3:9e:2b:2f:af:e6:
35:da:42:e5:24:d7:76:7d:a6:6f:8d:f7:8e:19:35:99:cc:9b:
fa:45:90:fd:63:9e:bc:f0:2a:97:0a:77:30:67:62:e7:35:28:
9e:c2:3c:70:0b:01:8e:15:e9:75:84:88:c8:19:d7:bf:f3:e8:
b5:76:73:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZci0aixvWzRku4YVQpirsOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyN2U5NTgxYTY5YWNmODExOTMyMGUxMzc5ODU3YTUxM2Jk
MjM4ZGIwHhcNMjUwNTMwMjAxMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODllZWUzZWIzM2MyNThkZjczNGQzYzFiZTg1NTliNDliYjA3ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqApG0/nc+bEwBrXR+J8YV59CXLqm
srOaXd5suXlxOCG3IKTe5aSVMUD+gzYWThWmlo+VfrGntSOeRAslV91W4xE1x3cO
zHmI2nv73XtRGYG0jcYYR9t4Xtt7r8KxNTUXSAOdg5oPklGqcLRMoh6Ydk+yGUQA
FABiyZ28avLExWD+qlZ9fEPd0rfjcEgTjhnb6jNtWG+RHpEAJHYHpA3hCU/wth0Z
toOck+ZSfhr7k5lzNbp16+2OAY4GRybnn4bNUI37nkVnG4r1yfm/WXWDGnw9lVzj
Mc75t90yN3wDMkPTEEbW3940V2ZCjYfVVGU+XvCJtyEmbyXfJHhbA5pPhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHie7j6zPCWN9zTTwb6FWbSbsH4KMB8GA1UdIwQY
MBaAFCJ+lYGmms+BGTIOE3mFelE70jjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2It
ZDlkZjQ1ZGJiYWRmLzEvZUo3dVByTThKWTMzTk5QQnZvVlp0SnV3ZmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yYjgzYTEtNzQ4ZC00ZjU1LThiM2ItZDlkZjQ1ZGJiYWRm
LzEvSW42VmdhYWF6NEVaTWc0VGVZVjZVVHZTT05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUFOqAwQC
uRUYAwQCubsoMA0EAgACMAcDBQAqAFTgMA0GCSqGSIb3DQEBCwUAA4IBAQCgldWE
5tv0G//VXe35uqtsWcK6ZM3mD5PQpIqHB5xHwhpRxFLWH25hh11v1W3cejlB7czu
xaZQMjHNNz4RF6T7P+5ss9rgIz1NvCllv8VtUPo6Ew+7hqn4yAJgzuk2j3f3uoD7
Ew5d6Kn+Zx7Gh+CXTYB+LlHO7gKQ1SXFYuZrC3+BeSxY7yepVpCshOGIZxt//D5B
XcjyF1skbYOtEArWa07HAF9N5hALNcBOamk0iE9sI2j8i46Z2SXnCeaD4pqjnisv
r+Y12kLlJNd2faZvjfeOGTWZzJv6RZD9Y5688CqXCncwZ2LnNSiewjxwCwGOFel1
hIjIGde/8+i1dnMM
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:16:00 2025 by rpki-client