Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/mS5T_cqTnts2Ow3HYiSE22YiT8g.roa
File: mS5T_cqTnts2Ow3HYiSE22YiT8g.roa (raw, json)
Hash identifier: sSwxiZE98c89qQIhPm+kPgJf9ui8k5AIvLj+CG+uA/4=
Subject key identifier: 99:2E:53:FD:CA:93:9E:DB:36:3B:0D:C7:62:24:84:DB:66:22:4F:C8
Certificate issuer: /CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Certificate serial: 01979859ADB31918F147933A8E80B1C3F8C0
Authority key identifier: 09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/mS5T_cqTnts2Ow3HYiSE22YiT8g.roa
Signing time: Sun 22 Jun 2025 15:55:03 +0000
ROA not before: Sun 22 Jun 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7
IP address blocks: 192.35.94.0/24 maxlen: 32
192.67.43.0/24 maxlen: 32
194.32.69.0/24 maxlen: 32
194.32.218.0/23 maxlen: 32
194.34.138.0/24 maxlen: 32
194.61.92.0/23 maxlen: 32
2a0b:3b40::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:98:59:ad:b3:19:18:f1:47:93:3a:8e:80:b1:c3:f8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Validity
Not Before: Jun 22 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=992e53fdca939edb363b0dc7622484db66224fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:7d:19:84:1b:38:60:d5:00:e0:05:6b:d6:
21:63:47:10:81:d8:eb:16:aa:3c:bb:78:35:83:f7:
46:a7:16:a1:3c:a2:26:f6:ba:55:2e:dd:3c:fe:ea:
56:68:28:35:0f:fe:c4:7e:d0:97:a6:a5:59:47:b9:
ba:ba:3d:cd:ed:e4:93:9a:43:c8:b2:a7:1b:6c:8d:
20:d1:15:f3:22:09:e5:20:ff:19:d2:23:9f:11:39:
ce:03:10:30:6f:c6:b8:9e:07:7d:78:ba:bc:39:f6:
13:10:48:9f:b2:5b:3f:41:70:91:b1:8c:be:44:82:
71:63:a0:8c:7c:c2:18:18:a8:29:e0:52:be:a7:b1:
d5:5b:c2:15:2a:83:34:82:86:4e:c3:6b:fb:72:b9:
aa:67:df:a2:06:b2:90:ef:f1:0f:3f:64:49:58:51:
47:8b:34:1d:75:83:22:84:c2:38:91:f3:f3:cd:dd:
6f:10:19:4e:0a:b9:c7:12:ae:67:36:db:93:8e:0e:
16:bf:49:c1:b5:5a:1b:cd:79:ce:74:72:a3:f7:10:
e0:44:47:e2:f4:0b:0d:4c:db:3a:64:cb:35:75:40:
f8:4b:95:b1:64:8a:52:03:00:4e:1a:de:70:50:c5:
6f:96:dd:b8:8f:a7:7a:4d:ef:67:e0:c8:55:77:28:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2E:53:FD:CA:93:9E:DB:36:3B:0D:C7:62:24:84:DB:66:22:4F:C8
X509v3 Authority Key Identifier:
keyid:09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/mS5T_cqTnts2Ow3HYiSE22YiT8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.35.94.0/24
192.67.43.0/24
194.32.69.0/24
194.32.218.0/23
194.34.138.0/24
194.61.92.0/23
IPv6:
2a0b:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
a9:8f:01:f5:c2:da:bd:18:c9:11:af:15:59:95:25:81:f0:4a:
ab:ed:82:d0:bf:8a:21:f2:f6:3a:b7:06:c4:8c:48:d0:26:55:
bb:90:e9:cd:9a:c6:ef:ac:ad:48:cc:7f:9f:27:e4:37:3f:38:
fe:85:9c:78:ec:2c:e1:ac:25:e9:0b:ab:79:79:5b:28:e2:aa:
3b:53:68:53:7f:18:26:c9:bd:9b:a5:9b:3c:a5:6c:88:93:fc:
60:1d:1d:9b:d4:35:f7:ab:28:f7:3c:95:bf:9f:09:5f:56:e4:
82:17:48:e2:cc:83:37:02:ed:1d:b6:a9:2d:8f:a7:33:11:27:
72:b6:08:db:56:0d:56:20:70:5d:b0:ef:c2:85:fa:37:09:30:
06:b6:17:de:a9:3d:50:11:30:57:52:f7:4f:72:ca:7d:42:52:
58:28:af:60:87:35:84:b3:3c:57:2e:3c:cd:bb:7f:d3:f2:7e:
1c:3a:b4:2a:15:81:1e:be:7e:af:51:33:88:c5:eb:af:76:ba:
a1:09:72:14:29:c6:13:4d:dc:3d:d8:e4:15:dd:a4:9b:9a:b9:
35:e0:bd:67:0c:06:c1:54:26:3e:66:01:a7:e1:01:bd:70:66:
ec:ed:b2:74:b9:a3:2a:9b:b7:01:e7:51:63:b2:d0:45:00:1e:
f2:fb:61:5d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZeYWa2zGRjxR5M6joCxw/jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmMzZTg2NTRmZTg3YmRhYjQ3MTFkNzc2ZTQ0YjRmMGNk
MWI2NDcwHhcNMjUwNjIyMTU1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlNTNmZGNhOTM5ZWRiMzYzYjBkYzc2MjI0ODRkYjY2MjI0ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/J9GYQbOGDVAOAFa9YhY0cQgdjr
Fqo8u3g1g/dGpxahPKIm9rpVLt08/upWaCg1D/7EftCXpqVZR7m6uj3N7eSTmkPI
sqcbbI0g0RXzIgnlIP8Z0iOfETnOAxAwb8a4ngd9eLq8OfYTEEifsls/QXCRsYy+
RIJxY6CMfMIYGKgp4FK+p7HVW8IVKoM0goZOw2v7crmqZ9+iBrKQ7/EPP2RJWFFH
izQddYMihMI4kfPzzd1vEBlOCrnHEq5nNtuTjg4Wv0nBtVobzXnOdHKj9xDgREfi
9AsNTNs6ZMs1dUD4S5WxZIpSAwBOGt5wUMVvlt24j6d6Te9n4MhVdyh8HwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJkuU/3Kk57bNjsNx2IkhNtmIk/IMB8GA1UdIwQY
MBaAFAlsPoZU/oe9q0cR13bkS08M0bZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEt
NGU3ZDU4NDhkZTAwLzEvbVM1VF9jcVRudHMyT3czSFlpU0UyMllpVDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEtNGU3ZDU4NDhkZTAw
LzEvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAwCNeAwQA
wEMrAwQAwiBFAwQBwiDaAwQAwiKKAwQBwj1cMA0EAgACMAcDBQMqCztAMA0GCSqG
SIb3DQEBCwUAA4IBAQCpjwH1wtq9GMkRrxVZlSWB8Eqr7YLQv4oh8vY6twbEjEjQ
JlW7kOnNmsbvrK1IzH+fJ+Q3Pzj+hZx47CzhrCXpC6t5eVso4qo7U2hTfxgmyb2b
pZs8pWyIk/xgHR2b1DX3qyj3PJW/nwlfVuSCF0jizIM3Au0dtqktj6czESdytgjb
Vg1WIHBdsO/Chfo3CTAGthfeqT1QETBXUvdPcsp9QlJYKK9ghzWEszxXLjzNu3/T
8n4cOrQqFYEevn6vUTOIxeuvdrqhCXIUKcYTTdw92OQV3aSbmrk14L1nDAbBVCY+
ZgGn4QG9cGbs7bJ0uaMqm7cB51FjstBFAB7y+2Fd
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:25:27 2025 by rpki-client