Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/5UCvWlBD6sn2Qv8fz5NTQ4ka1_Y.roa
File: 5UCvWlBD6sn2Qv8fz5NTQ4ka1_Y.roa (raw, json)
Hash identifier: bu4FEXVQMOUhOnyH7tGMeagKtwuVwisoSTQPqiOfZyU=
Subject key identifier: E5:40:AF:5A:50:43:EA:C9:F6:42:FF:1F:CF:93:53:43:89:1A:D7:F6
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01975AB4F4CDD48079762A67C12B28C9206A
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/5UCvWlBD6sn2Qv8fz5NTQ4ka1_Y.roa
Signing time: Tue 10 Jun 2025 16:38:17 +0000
ROA not before: Tue 10 Jun 2025 16:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31715
IP address blocks: 77.111.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5a:b4:f4:cd:d4:80:79:76:2a:67:c1:2b:28:c9:20:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 10 16:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e540af5a5043eac9f642ff1fcf935343891ad7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:fb:e2:9b:08:2e:26:6d:f3:9f:1d:d9:89:
5e:ab:1d:30:31:8c:68:f1:9a:3d:e1:19:39:39:6e:
b4:7f:6d:54:a8:85:80:8f:07:a8:8a:34:b1:1a:9c:
78:c8:f2:5c:e4:fe:93:3d:21:bc:b7:9c:d3:c0:dd:
9c:67:62:d1:6f:2d:0a:c2:3c:c0:34:d0:ad:89:9b:
4e:e1:3e:c3:13:27:29:36:88:a9:0b:24:a4:24:25:
b6:d8:13:6e:fe:d9:a3:07:d3:17:4f:bc:e9:21:eb:
90:a3:e7:ce:84:ab:97:87:74:ba:2d:7b:9f:e2:c4:
ed:e3:90:93:61:3b:bb:bd:84:f3:c4:d6:ba:14:cc:
67:90:84:10:13:fa:87:ce:f3:e9:a8:f3:60:41:b3:
4a:07:fc:22:4f:0d:0f:e2:c7:cc:75:c1:4c:3f:3f:
e5:ec:b1:d9:8f:72:a1:b3:94:ea:12:ca:44:e0:c3:
78:dc:73:ee:59:15:cf:69:ec:a6:12:68:b5:30:62:
0c:59:c6:7c:90:c9:32:44:94:fd:27:a2:9f:1e:0a:
ed:e4:5e:d2:bc:6f:37:e4:cc:37:63:c6:b9:77:72:
c5:d7:55:0f:49:40:94:71:32:58:45:0b:fd:0f:20:
ce:9e:4d:a4:51:39:30:32:a8:ba:88:0e:15:58:da:
85:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:40:AF:5A:50:43:EA:C9:F6:42:FF:1F:CF:93:53:43:89:1A:D7:F6
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/5UCvWlBD6sn2Qv8fz5NTQ4ka1_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a6:2b:02:f2:96:c0:c1:74:cc:4c:80:28:4c:a6:c9:0f:59:
6b:9d:cb:68:64:54:07:80:9e:ac:26:2f:fe:86:51:1e:67:c1:
6b:bc:8f:12:86:55:f1:1e:22:f0:bb:f0:bd:30:81:bb:9a:23:
67:66:d9:da:b4:c6:a5:1b:85:40:07:13:cf:ff:e4:ac:fb:2b:
3f:c5:05:5b:3d:b6:71:94:02:90:c3:bb:f4:3e:d8:9b:b1:8e:
16:04:5a:f1:c0:97:eb:1a:e5:d4:2b:e8:27:a4:67:e9:84:d8:
a5:1f:75:b2:d6:4a:71:e6:e2:de:e1:93:83:3e:b6:a2:28:33:
e3:bf:8e:0e:68:aa:9d:44:36:22:86:77:00:dc:61:5d:a8:c5:
4f:c1:94:d1:aa:01:6e:bd:ad:72:c0:5d:c4:fd:81:59:20:bc:
18:bd:7b:72:a0:a0:5e:1a:c0:45:44:6d:19:ce:2b:8d:8e:dc:
eb:ba:2a:0f:04:d8:00:58:86:05:c5:5a:e6:07:17:6b:f2:ca:
ff:7a:c6:a8:b1:eb:99:09:f0:0e:d3:7a:a1:78:a5:66:fc:7f:
7e:dd:4d:19:24:6c:11:9d:07:96:9f:36:1e:8b:23:c2:d0:c0:
37:e9:da:e0:b8:e0:27:02:bb:97:4d:20:84:ec:1f:cf:f9:07:
bb:54:0e:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdatPTN1IB5dipnwSsoySBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjEwMTYzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQwYWY1YTUwNDNlYWM5ZjY0MmZmMWZjZjkzNTM0Mzg5MWFkN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoan74psILiZt858d2Yleqx0wMYxo
8Zo94Rk5OW60f21UqIWAjweoijSxGpx4yPJc5P6TPSG8t5zTwN2cZ2LRby0KwjzA
NNCtiZtO4T7DEycpNoipCySkJCW22BNu/tmjB9MXT7zpIeuQo+fOhKuXh3S6LXuf
4sTt45CTYTu7vYTzxNa6FMxnkIQQE/qHzvPpqPNgQbNKB/wiTw0P4sfMdcFMPz/l
7LHZj3Khs5TqEspE4MN43HPuWRXPaeymEmi1MGIMWcZ8kMkyRJT9J6KfHgrt5F7S
vG835Mw3Y8a5d3LF11UPSUCUcTJYRQv9DyDOnk2kUTkwMqi6iA4VWNqFfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVAr1pQQ+rJ9kL/H8+TU0OJGtf2MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvNVVDdldsQkQ2c24yUXY4Zno1TlRRNGthMV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9tMA0G
CSqGSIb3DQEBCwUAA4IBAQCfpisC8pbAwXTMTIAoTKbJD1lrnctoZFQHgJ6sJi/+
hlEeZ8FrvI8ShlXxHiLwu/C9MIG7miNnZtnatMalG4VABxPP/+Ss+ys/xQVbPbZx
lAKQw7v0PtibsY4WBFrxwJfrGuXUK+gnpGfphNilH3Wy1kpx5uLe4ZODPraiKDPj
v44OaKqdRDYihncA3GFdqMVPwZTRqgFuva1ywF3E/YFZILwYvXtyoKBeGsBFRG0Z
ziuNjtzruioPBNgAWIYFxVrmBxdr8sr/esaoseuZCfAO03qheKVm/H9+3U0ZJGwR
nQeWnzYeiyPC0MA36drguOAnAruXTSCE7B/P+Qe7VA4p
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:19:17 2025 by rpki-client