Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EsGGI1P8V7qCIrWJmfPudsu7pMI.roa
File: EsGGI1P8V7qCIrWJmfPudsu7pMI.roa (raw, json)
Hash identifier: RgD/iTo2o3seqIZhRljS2dvXiiazUq7PXVkPQR+sYAc=
Subject key identifier: 12:C1:86:23:53:FC:57:BA:82:22:B5:89:99:F3:EE:76:CB:BB:A4:C2
Certificate issuer: /CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Certificate serial: 01978A637582F0ACD1B2D3E9298B097A7F94
Authority key identifier: CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EsGGI1P8V7qCIrWJmfPudsu7pMI.roa
Signing time: Thu 19 Jun 2025 22:51:03 +0000
ROA not before: Thu 19 Jun 2025 22:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214555
IP address blocks: 193.221.121.0/24 maxlen: 24
212.56.56.0/24 maxlen: 24
2a14:7640::/32 maxlen: 32
2a14:7641::/32 maxlen: 32
2a14:7642::/32 maxlen: 32
2a14:7643::/32 maxlen: 32
2a14:7644::/32 maxlen: 32
2a14:7645::/32 maxlen: 32
2a14:7646::/32 maxlen: 32
2a14:7647::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 13:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8a:63:75:82:f0:ac:d1:b2:d3:e9:29:8b:09:7a:7f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Validity
Not Before: Jun 19 22:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12c1862353fc57ba8222b58999f3ee76cbbba4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:10:7a:9a:8a:a3:fd:48:3d:0a:46:bb:4e:
4b:2e:ad:0b:b6:7a:5d:20:87:62:34:19:3f:d5:56:
c3:84:46:a4:4b:e8:76:14:c1:ea:e0:37:6b:02:5f:
e7:a9:98:a7:35:58:f3:ce:b8:5c:4f:bf:10:73:cd:
19:21:a4:fd:c0:1b:0e:f1:36:51:ff:03:55:dd:9d:
fb:71:eb:19:59:d2:40:91:b1:a3:49:4f:f9:ce:b5:
92:4b:1a:35:20:e7:19:fd:ca:1d:c0:8f:b0:2c:5d:
76:2c:97:7a:70:2e:ce:e0:f9:4e:74:3a:e1:26:74:
00:e6:ea:1c:61:10:bb:79:a7:5e:54:cc:ad:f6:1b:
71:3d:80:94:31:83:46:af:c0:64:60:5d:16:6a:c5:
98:12:53:93:eb:a9:ab:33:4a:65:49:af:a1:06:0d:
cd:b2:33:20:36:3f:e0:bb:7e:7e:a5:cf:f1:d1:60:
a7:92:6d:ef:92:cd:54:85:24:34:ae:c0:f0:2e:f0:
b5:d8:0b:ba:91:0b:b1:e3:96:dd:88:04:ea:34:e5:
93:b2:d2:89:e6:6a:06:ff:86:8b:c0:21:0d:38:85:
07:51:0a:99:b9:69:6f:12:22:47:e2:ed:63:52:d9:
2e:03:49:7f:0e:4e:12:e7:26:51:05:80:2f:8d:c3:
90:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C1:86:23:53:FC:57:BA:82:22:B5:89:99:F3:EE:76:CB:BB:A4:C2
X509v3 Authority Key Identifier:
keyid:CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EsGGI1P8V7qCIrWJmfPudsu7pMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.121.0/24
212.56.56.0/24
IPv6:
2a14:7640::/29
Signature Algorithm: sha256WithRSAEncryption
99:9e:f7:a4:d8:2d:af:d2:ba:25:ad:e7:2c:03:1c:9c:8a:1b:
2f:c8:da:b7:49:17:51:36:a3:f6:23:84:38:f0:3d:4b:de:3a:
d6:4f:ac:08:ad:5d:35:0f:78:aa:fa:86:d0:a8:e8:37:e9:5a:
82:d5:6f:48:a1:22:f3:05:c6:a3:0b:65:0b:15:69:f5:85:53:
29:45:29:37:c3:d9:f5:73:8a:d5:b8:34:59:53:13:86:eb:7e:
88:8d:fe:11:89:2f:04:03:54:b7:9f:56:1f:aa:e8:74:04:58:
9e:df:63:ef:1d:75:ed:88:da:74:b1:f3:17:9c:f9:c9:f9:dd:
f2:0e:5b:91:6a:3e:23:be:15:f0:57:79:cb:f5:f5:68:3c:ea:
10:2f:18:58:be:4d:b7:fc:e4:61:78:da:1f:75:d1:f4:7d:30:
5e:d7:26:1d:1d:c7:af:f3:61:52:f4:d2:fa:2c:d1:69:37:43:
7f:33:da:09:ba:89:d9:ef:e9:b5:60:a2:ee:1c:bc:4e:dc:e8:
e4:7f:91:fe:62:fa:b3:40:b0:f1:fd:37:35:b4:a9:b8:cc:fb:
c4:45:30:5d:35:1f:7e:91:2a:84:3f:64:f9:e8:2d:7b:6b:b6:
71:47:7a:0d:7f:dd:b2:3d:96:bc:c7:d1:f4:d7:9a:f1:66:11:
37:e6:e5:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZeKY3WC8KzRstPpKYsJen+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWY3MzM0NTc5NGNlNDgxN2VhOTllOGQ4Y2ZjZWE3MWJk
NzgzNjcwHhcNMjUwNjE5MjI1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmMxODYyMzUzZmM1N2JhODIyMmI1ODk5OWYzZWU3NmNiYmJhNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwsQepqKo/1IPQpGu05LLq0Ltnpd
IIdiNBk/1VbDhEakS+h2FMHq4DdrAl/nqZinNVjzzrhcT78Qc80ZIaT9wBsO8TZR
/wNV3Z37cesZWdJAkbGjSU/5zrWSSxo1IOcZ/codwI+wLF12LJd6cC7O4PlOdDrh
JnQA5uocYRC7eadeVMyt9htxPYCUMYNGr8BkYF0WasWYElOT66mrM0plSa+hBg3N
sjMgNj/gu35+pc/x0WCnkm3vks1UhSQ0rsDwLvC12Au6kQux45bdiATqNOWTstKJ
5moG/4aLwCENOIUHUQqZuWlvEiJH4u1jUtkuA0l/Dk4S5yZRBYAvjcOQxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBLBhiNT/Fe6giK1iZnz7nbLu6TCMB8GA1UdIwQY
MBaAFM0fczRXlM5IF+qZ6NjPzqcb14NnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQt
N2YwZDA3YmE0YWYzLzEvRXNHR0kxUDhWN3FDSXJXSm1mUHVkc3U3cE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQtN2YwZDA3YmE0YWYz
LzEvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwd15AwQA
1Dg4MA0EAgACMAcDBQMqFHZAMA0GCSqGSIb3DQEBCwUAA4IBAQCZnvek2C2v0rol
recsAxycihsvyNq3SRdRNqP2I4Q48D1L3jrWT6wIrV01D3iq+obQqOg36VqC1W9I
oSLzBcajC2ULFWn1hVMpRSk3w9n1c4rVuDRZUxOG636Ijf4RiS8EA1S3n1Yfquh0
BFie32PvHXXtiNp0sfMXnPnJ+d3yDluRaj4jvhXwV3nL9fVoPOoQLxhYvk23/ORh
eNofddH0fTBe1yYdHcev82FS9NL6LNFpN0N/M9oJuonZ7+m1YKLuHLxO3Ojkf5H+
YvqzQLDx/Tc1tKm4zPvERTBdNR9+kSqEP2T56C17a7ZxR3oNf92yPZa8x9H015rx
ZhE35uWj
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:25:58 2025 by rpki-client