Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iuJXDwMVZKZSZIsNN8CfFo2lSnY.roa
File: iuJXDwMVZKZSZIsNN8CfFo2lSnY.roa (raw, json)
Hash identifier: 8jaY1LJgtXUpwn/78O7BDsCHkY9+etji1A5q/eFhVH8=
Subject key identifier: 8A:E2:57:0F:03:15:64:A6:52:64:8B:0D:37:C0:9F:16:8D:A5:4A:76
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019710C29621B739A715ABD160C226FA137D
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iuJXDwMVZKZSZIsNN8CfFo2lSnY.roa
Signing time: Tue 27 May 2025 08:01:17 +0000
ROA not before: Tue 27 May 2025 08:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56619
IP address blocks: 79.98.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 06:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:10:c2:96:21:b7:39:a7:15:ab:d1:60:c2:26:fa:13:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: May 27 08:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ae2570f031564a652648b0d37c09f168da54a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:55:cf:9e:9b:db:d7:b0:da:aa:1b:e9:a5:e8:
23:89:85:2f:30:e8:bc:69:a9:2a:03:1f:86:ea:8b:
7d:c1:fd:48:e1:9f:0e:01:05:15:98:29:18:5c:64:
49:d7:2a:f2:61:7f:5c:db:16:ba:cf:41:5a:65:89:
0b:61:f1:18:d2:ba:03:a9:25:03:2f:3f:d3:9c:6a:
d1:9b:20:f8:ab:d7:7c:92:ef:dc:1f:d0:94:af:3c:
30:65:c1:a1:ce:83:66:02:b5:bb:36:8e:7a:37:b0:
9c:7a:0c:16:ef:02:ca:ce:7b:ea:0a:6c:9e:43:6b:
a8:41:1d:8f:c1:58:0b:99:5f:a8:62:4b:1e:31:9f:
e2:60:2a:6c:13:b7:81:1a:8d:97:af:54:7d:46:c5:
fd:8d:a2:b4:c7:89:92:e7:8a:0b:80:c5:e7:9f:9a:
b0:6a:8d:a5:a8:60:85:b1:d3:5b:4a:2d:de:92:3d:
34:28:dc:10:21:5a:82:67:ef:ba:a6:8a:15:8c:d3:
1d:7f:91:f3:75:20:3d:9b:f9:4b:36:33:70:4a:75:
dd:1c:d0:39:d1:2c:ce:a4:ea:ee:f5:3f:07:cc:0c:
75:f9:98:08:2f:bd:64:db:b3:38:c0:e5:c7:d0:ab:
2b:fb:d2:fc:7e:5c:6f:08:6e:eb:85:83:55:1a:b7:
b3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E2:57:0F:03:15:64:A6:52:64:8B:0D:37:C0:9F:16:8D:A5:4A:76
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/iuJXDwMVZKZSZIsNN8CfFo2lSnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:66:0e:01:a2:d0:9b:e2:26:88:c8:cd:d7:a3:30:f2:35:93:
68:89:9a:ac:55:f7:b4:b2:e6:25:60:b3:11:d7:9c:f0:52:10:
f3:85:9c:38:d4:e0:e5:77:4d:f3:4d:40:bd:6b:0f:31:55:a9:
ff:30:7f:a9:08:11:b1:0b:6d:49:97:64:a2:8c:d0:95:68:01:
a5:f4:c8:3e:7d:c7:db:67:0a:fd:e2:5d:30:b2:53:d3:71:29:
f4:6c:17:0a:be:d5:10:d9:7f:50:28:66:28:f9:7f:46:ff:50:
79:0c:f5:dd:34:4e:0d:9d:bf:d5:cf:8d:3a:62:a7:8f:f1:83:
01:f9:75:ff:20:c9:c9:e1:d3:23:a7:77:e6:eb:dd:6c:bf:62:
81:fd:33:21:fc:81:6d:b4:8c:cd:04:24:8f:22:eb:1c:9e:d1:
86:c3:10:79:6e:81:40:21:f7:3e:3c:57:ab:1f:e5:8b:3b:65:
4e:62:90:53:cb:28:2b:21:27:8d:07:8d:31:03:9a:a1:e9:7d:
13:9f:a8:2c:94:a1:08:9a:60:0f:bf:eb:d0:50:79:04:ea:a2:
4e:bf:ff:66:d4:45:e0:ba:e6:ba:87:27:48:d6:33:6a:df:ed:
f8:97:e4:f1:e6:7c:25:1c:77:91:fd:0b:19:76:91:66:cd:01:
83:20:96:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcQwpYhtzmnFavRYMIm+hN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNTI3MDgwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWUyNTcwZjAzMTU2NGE2NTI2NDhiMGQzN2MwOWYxNjhkYTU0YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlXPnpvb17DaqhvppegjiYUvMOi8
aakqAx+G6ot9wf1I4Z8OAQUVmCkYXGRJ1yryYX9c2xa6z0FaZYkLYfEY0roDqSUD
Lz/TnGrRmyD4q9d8ku/cH9CUrzwwZcGhzoNmArW7No56N7CcegwW7wLKznvqCmye
Q2uoQR2PwVgLmV+oYkseMZ/iYCpsE7eBGo2Xr1R9RsX9jaK0x4mS54oLgMXnn5qw
ao2lqGCFsdNbSi3ekj00KNwQIVqCZ++6pooVjNMdf5HzdSA9m/lLNjNwSnXdHNA5
0SzOpOru9T8HzAx1+ZgIL71k27M4wOXH0Ksr+9L8flxvCG7rhYNVGrezlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIriVw8DFWSmUmSLDTfAnxaNpUp2MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvaXVKWER3TVZaS1pTWklzTk44Q2ZGbzJsU25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT2L5MA0G
CSqGSIb3DQEBCwUAA4IBAQAeZg4BotCb4iaIyM3XozDyNZNoiZqsVfe0suYlYLMR
15zwUhDzhZw41ODld03zTUC9aw8xVan/MH+pCBGxC21Jl2SijNCVaAGl9Mg+fcfb
Zwr94l0wslPTcSn0bBcKvtUQ2X9QKGYo+X9G/1B5DPXdNE4Nnb/Vz406YqeP8YMB
+XX/IMnJ4dMjp3fm691sv2KB/TMh/IFttIzNBCSPIuscntGGwxB5boFAIfc+PFer
H+WLO2VOYpBTyygrISeNB40xA5qh6X0Tn6gslKEImmAPv+vQUHkE6qJOv/9m1EXg
uua6hydI1jNq3+34l+Tx5nwlHHeR/QsZdpFmzQGDIJbq
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:59:29 2025 by rpki-client