Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/esvX4FpX_YSuR7Qe9F0AJ1IfG2c.roa
File: esvX4FpX_YSuR7Qe9F0AJ1IfG2c.roa (raw, json)
Hash identifier: U+vbAGYYKC0jEV3FqzSMiCW0yFvVvYoUB+7bwmmFRkw=
Subject key identifier: 7A:CB:D7:E0:5A:57:FD:84:AE:47:B4:1E:F4:5D:00:27:52:1F:1B:67
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019919D6CF6185FF58A15660E95A600D5526
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/esvX4FpX_YSuR7Qe9F0AJ1IfG2c.roa
Signing time: Fri 05 Sep 2025 12:25:32 +0000
ROA not before: Fri 05 Sep 2025 12:25:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.96.0/24 maxlen: 24
89.23.97.0/24 maxlen: 24
89.23.98.0/24 maxlen: 24
89.23.99.0/24 maxlen: 24
89.23.100.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
185.39.206.0/24 maxlen: 24
212.67.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 17:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:19:d6:cf:61:85:ff:58:a1:56:60:e9:5a:60:0d:55:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 5 12:25:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7acbd7e05a57fd84ae47b41ef45d0027521f1b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6e:f8:b3:30:e7:cc:69:cd:61:33:97:a1:89:
f8:71:d6:e7:92:60:f7:25:a7:99:ce:2c:df:dc:f3:
ea:0f:75:f7:18:bc:d8:b0:67:9e:4b:00:b1:b8:b6:
7e:6c:66:bd:f9:17:ba:b7:82:8c:71:60:76:ca:a8:
15:d3:6e:f8:02:65:32:ff:4b:45:30:1f:9b:02:ad:
24:9a:16:35:b9:87:f1:dc:00:2e:1f:b0:1f:d1:09:
74:52:32:ee:97:5e:49:3b:f6:93:c5:f8:76:5e:f6:
81:0c:6b:28:d4:f5:07:1f:07:84:ea:bc:c0:0c:a2:
90:f0:43:0b:86:c7:12:ee:30:b5:17:4b:05:8d:e6:
2a:b0:6f:7f:c2:e9:91:89:49:3c:59:ad:d3:65:bf:
1c:61:66:02:60:be:cd:e4:98:a7:e4:d6:5c:54:87:
72:1b:16:ad:3d:90:7b:d1:01:e1:28:2d:19:ba:53:
c7:cc:29:22:7f:97:c5:86:30:b4:42:e5:a7:40:81:
09:69:1b:5d:49:d6:47:4d:a0:f1:04:da:50:38:55:
6f:11:b0:e8:c6:3b:14:0a:5f:98:f2:0b:bf:0d:b0:
d8:8c:7a:ea:04:5b:dc:92:22:ee:96:09:20:5b:bc:
f3:8a:83:68:66:d5:a4:f3:a4:ec:43:cc:3f:f9:9b:
c4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CB:D7:E0:5A:57:FD:84:AE:47:B4:1E:F4:5D:00:27:52:1F:1B:67
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/esvX4FpX_YSuR7Qe9F0AJ1IfG2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
89.23.112.0/24
89.23.115.0-89.23.118.255
185.39.206.0/24
212.67.17.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c8:b1:aa:cc:44:62:84:bf:77:46:de:de:bf:c4:72:e2:1f:
9f:40:62:f8:15:a8:c5:27:05:2c:37:48:6b:fe:8f:47:43:02:
e3:4e:9a:79:3b:b3:0c:18:e0:03:c0:ee:64:67:e4:4c:3d:ac:
23:f5:25:26:af:4d:6e:ac:d1:5f:27:29:8c:94:57:c3:bc:bd:
56:d9:8c:e1:ae:2c:a3:9c:38:a7:5c:87:94:4a:0d:b7:c1:75:
e6:64:d2:fd:5f:29:88:28:71:6f:6f:28:f4:33:13:9f:46:c6:
b6:0b:75:da:30:1f:e6:f4:e7:05:fb:3c:02:a1:a5:ab:28:65:
27:8c:1f:c8:e2:e9:2f:a0:4e:08:54:ab:bf:8c:44:76:84:18:
93:10:28:3f:6c:ee:fc:7d:f4:32:58:5b:56:da:7d:93:a7:4f:
56:71:d7:e7:b2:c1:0c:7a:4d:1e:e4:99:9e:2a:a8:9a:e4:0d:
8c:13:78:f1:ff:31:99:da:ce:dd:65:02:3b:23:82:12:16:e7:
48:1a:c4:82:68:f2:b8:91:e1:4c:8a:ee:65:06:5b:23:3d:19:
3a:52:d1:f1:66:45:91:a2:4f:8e:5f:26:0c:c4:61:9c:7f:11:
a9:3e:7b:e1:2a:4b:66:6b:0b:3d:21:d3:e2:2b:31:9f:de:97:
95:ee:ed:0b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZkZ1s9hhf9YoVZg6VpgDVUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTA1MTIyNTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNiZDdlMDVhNTdmZDg0YWU0N2I0MWVmNDVkMDAyNzUyMWYxYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm74szDnzGnNYTOXoYn4cdbnkmD3
JaeZzizf3PPqD3X3GLzYsGeeSwCxuLZ+bGa9+Re6t4KMcWB2yqgV0274AmUy/0tF
MB+bAq0kmhY1uYfx3AAuH7Af0Ql0UjLul15JO/aTxfh2XvaBDGso1PUHHweE6rzA
DKKQ8EMLhscS7jC1F0sFjeYqsG9/wumRiUk8Wa3TZb8cYWYCYL7N5Jin5NZcVIdy
GxatPZB70QHhKC0ZulPHzCkif5fFhjC0QuWnQIEJaRtdSdZHTaDxBNpQOFVvEbDo
xjsUCl+Y8gu/DbDYjHrqBFvckiLulgkgW7zzioNoZtWk86TsQ8w/+ZvEAwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHrL1+BaV/2Erke0HvRdACdSHxtnMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZXN2WDRGcFhfWVN1UjdRZTlGMEFKMUlmRzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAVZF2AD
BABZF2YDBABZF3AwDAMEAFkXcwMEAFkXdgMEALknzgMEANRDETANBgkqhkiG9w0B
AQsFAAOCAQEAV8ixqsxEYoS/d0be3r/EcuIfn0Bi+BWoxScFLDdIa/6PR0MC406a
eTuzDBjgA8DuZGfkTD2sI/UlJq9NbqzRXycpjJRXw7y9VtmM4a4so5w4p1yHlEoN
t8F15mTS/V8piChxb28o9DMTn0bGtgt12jAf5vTnBfs8AqGlqyhlJ4wfyOLpL6BO
CFSrv4xEdoQYkxAoP2zu/H30MlhbVtp9k6dPVnHX57LBDHpNHuSZniqomuQNjBN4
8f8xmdrO3WUCOyOCEhbnSBrEgmjyuJHhTIruZQZbIz0ZOlLR8WZFkaJPjl8mDMRh
nH8RqT574SpLZmsLPSHT4isxn96Xle7tCw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 02:21:38 2025 by rpki-client