Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/xVoWPteOkysGzMqfxgi3XvQDa0c.roa
File: xVoWPteOkysGzMqfxgi3XvQDa0c.roa (raw, json)
Hash identifier: y5AR4qkIxHvuU7VtfK3TX7mIOGmTaWSa06ypi+bML3M=
Subject key identifier: C5:5A:16:3E:D7:8E:93:2B:06:CC:CA:9F:C6:08:B7:5E:F4:03:6B:47
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 01979BD566FC1200FB29F5C1FC6688A6370F
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/xVoWPteOkysGzMqfxgi3XvQDa0c.roa
Signing time: Mon 23 Jun 2025 08:09:03 +0000
ROA not before: Mon 23 Jun 2025 08:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.42.172.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 20:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:d5:66:fc:12:00:fb:29:f5:c1:fc:66:88:a6:37:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Jun 23 08:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c55a163ed78e932b06ccca9fc608b75ef4036b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:79:49:d6:95:f1:83:17:d3:f6:de:5d:21:
83:33:cd:7a:35:97:74:9e:5a:66:73:23:2d:f4:84:
37:41:ef:9e:f8:50:0c:fe:36:99:2b:84:68:07:f3:
3c:71:83:73:8c:ed:75:99:c9:c4:77:4e:41:b8:37:
9f:e6:49:9a:54:17:a5:00:3c:b7:48:2e:5f:68:7a:
ce:a7:b0:3c:31:2f:90:e5:83:dc:cd:2a:c0:c9:b7:
da:d4:ff:4c:b8:9d:6b:f4:76:68:7c:bd:41:e3:1d:
34:91:69:13:92:cc:3c:50:db:32:03:ee:07:6b:c3:
de:71:1f:32:62:2b:5c:71:67:b1:f7:e5:13:3f:75:
70:23:b9:26:6b:ce:29:ca:98:d8:6a:73:2f:73:cd:
46:87:df:08:45:b0:62:e1:f0:c8:5e:05:bb:2b:d1:
24:48:14:fe:6a:76:19:89:91:c4:aa:f9:00:25:e1:
34:7e:39:45:c8:6e:81:8c:68:de:71:c6:18:e4:b1:
91:79:29:fe:10:b5:ee:33:e1:43:bb:7d:60:ac:4b:
57:28:80:56:64:ac:bb:ff:37:f7:3b:f0:8e:4d:e6:
f6:5c:c1:6c:f9:cd:83:f9:92:5e:a1:34:e5:c6:73:
52:1e:74:d6:44:52:1f:2f:03:16:4a:ed:14:9e:79:
9a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5A:16:3E:D7:8E:93:2B:06:CC:CA:9F:C6:08:B7:5E:F4:03:6B:47
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/xVoWPteOkysGzMqfxgi3XvQDa0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:01:f9:a3:21:51:f5:72:46:f7:25:ce:e5:4d:37:c4:38:cf:
29:be:15:05:bc:00:ac:4e:ca:c6:ff:09:ea:a2:65:3e:4e:f8:
e2:7f:59:8f:a9:10:94:18:fe:ca:93:72:c0:04:e8:05:cd:a2:
3f:97:1c:bc:18:d9:99:c9:60:55:85:08:41:13:d0:68:53:3c:
4d:64:67:24:da:1e:2d:e4:d5:ed:32:52:7b:45:1a:8a:4f:2c:
f7:09:68:d0:46:47:2f:a4:dc:17:a2:2f:6a:5b:47:2e:22:4d:
b8:50:82:28:e9:41:ae:0f:19:48:9c:60:03:d1:f2:b7:37:b7:
1f:43:cf:fb:cd:8d:6a:8d:de:a4:d6:a0:06:5c:61:31:3a:b3:
f5:93:89:d0:73:1f:6a:a5:dc:51:2e:5c:f2:b9:54:5b:66:26:
0f:bb:1a:bd:ca:bd:cf:32:f1:60:83:ad:03:dd:58:0b:91:7d:
24:5d:e8:f6:0d:a2:de:3f:22:fa:cb:1d:d7:d1:b0:d1:32:11:
e9:2c:a0:8e:00:f3:04:9e:f5:3a:5b:85:8e:eb:07:78:9c:f5:
1b:a5:e7:73:2f:fe:f6:26:5e:52:85:e6:ba:79:ae:8e:99:4a:
22:de:73:6d:35:f3:80:32:87:09:5d:79:eb:5a:13:a7:62:0a:
63:e6:0c:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeb1Wb8EgD7KfXB/GaIpjcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjUwNjIzMDgwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVhMTYzZWQ3OGU5MzJiMDZjY2NhOWZjNjA4Yjc1ZWY0MDM2YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusF5SdaV8YMX0/beXSGDM816NZd0
nlpmcyMt9IQ3Qe+e+FAM/jaZK4RoB/M8cYNzjO11mcnEd05BuDef5kmaVBelADy3
SC5faHrOp7A8MS+Q5YPczSrAybfa1P9MuJ1r9HZofL1B4x00kWkTksw8UNsyA+4H
a8PecR8yYitccWex9+UTP3VwI7kma84pypjYanMvc81Gh98IRbBi4fDIXgW7K9Ek
SBT+anYZiZHEqvkAJeE0fjlFyG6BjGjeccYY5LGReSn+ELXuM+FDu31grEtXKIBW
ZKy7/zf3O/COTeb2XMFs+c2D+ZJeoTTlxnNSHnTWRFIfLwMWSu0UnnmamwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVaFj7XjpMrBszKn8YIt170A2tHMB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEveFZvV1B0ZU9reXNHek1xZnhnaTNYdlFEYTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSqsMA0G
CSqGSIb3DQEBCwUAA4IBAQDNAfmjIVH1ckb3Jc7lTTfEOM8pvhUFvACsTsrG/wnq
omU+Tvjif1mPqRCUGP7Kk3LABOgFzaI/lxy8GNmZyWBVhQhBE9BoUzxNZGck2h4t
5NXtMlJ7RRqKTyz3CWjQRkcvpNwXoi9qW0cuIk24UIIo6UGuDxlInGAD0fK3N7cf
Q8/7zY1qjd6k1qAGXGExOrP1k4nQcx9qpdxRLlzyuVRbZiYPuxq9yr3PMvFgg60D
3VgLkX0kXej2DaLePyL6yx3X0bDRMhHpLKCOAPMEnvU6W4WO6wd4nPUbpedzL/72
Jl5Shea6ea6OmUoi3nNtNfOAMocJXXnrWhOnYgpj5gwX
-----END CERTIFICATE-----
Generated at Tue Jul 1 03:48:24 2025 by rpki-client