Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dEipwsI3eN1As0rWuDbWNnqMvTw.roa
File: dEipwsI3eN1As0rWuDbWNnqMvTw.roa (raw, json)
Hash identifier: +biJe511JtIv65zZKrLUqAD9MG0u+pcvdynZY6XvZoc=
Subject key identifier: 74:48:A9:C2:C2:37:78:DD:40:B3:4A:D6:B8:36:D6:36:7A:8C:BD:3C
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0199226BF40C12B21BE2557C00220462DCA8
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dEipwsI3eN1As0rWuDbWNnqMvTw.roa
Signing time: Sun 07 Sep 2025 04:25:24 +0000
ROA not before: Sun 07 Sep 2025 04:25:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63150
IP address blocks: 178.239.121.0/24 maxlen: 24
178.239.122.0/24 maxlen: 24
178.239.123.0/24 maxlen: 24
178.239.124.0/24 maxlen: 24
178.239.125.0/24 maxlen: 24
178.239.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:6b:f4:0c:12:b2:1b:e2:55:7c:00:22:04:62:dc:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 7 04:25:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7448a9c2c23778dd40b34ad6b836d6367a8cbd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:70:1d:4a:e9:24:7e:8f:b2:c4:7d:0b:64:
76:de:86:49:c9:a0:a6:83:3f:c7:44:ba:d1:dd:79:
79:d3:74:08:62:0c:4d:a7:b7:bb:44:d4:f8:05:74:
10:c1:df:61:27:09:fe:0f:c2:51:c0:f4:5b:85:2e:
2f:a9:7a:08:47:db:83:40:3c:60:ab:14:59:c9:b1:
8a:47:f7:55:86:e0:6a:25:d0:26:f7:6d:2e:69:c9:
ac:ab:36:88:6a:bc:ef:f6:51:72:86:c4:cc:30:b1:
5e:90:7d:d0:7a:5b:77:b0:ed:d2:71:78:14:ec:98:
11:22:a0:2b:68:bc:a7:56:e2:94:91:a6:d2:4a:be:
3d:26:f7:c6:bf:61:e0:54:b7:8e:0f:dc:cb:5b:c6:
54:d3:ad:ae:93:ad:78:0f:16:dc:3f:8f:64:e1:c5:
3c:31:88:4e:c8:d7:07:dc:03:99:1a:5b:43:ca:29:
87:f4:94:62:e4:c7:f1:04:1b:36:62:c9:0f:f3:6f:
02:9d:56:ed:18:6a:2c:92:54:48:11:db:7e:4c:36:
d8:75:95:7b:59:4b:7b:f1:9b:98:5f:83:de:ed:35:
6f:c5:00:78:12:51:35:d9:a7:7b:5d:4c:52:d4:17:
b8:c5:fc:ed:18:9a:cb:b4:c4:74:89:9b:64:3d:1c:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:48:A9:C2:C2:37:78:DD:40:B3:4A:D6:B8:36:D6:36:7A:8C:BD:3C
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dEipwsI3eN1As0rWuDbWNnqMvTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.121.0-178.239.126.255
Signature Algorithm: sha256WithRSAEncryption
63:0b:34:96:4d:05:cc:b8:ee:f4:bd:d2:ed:f6:84:d0:98:42:
0a:6c:02:1b:82:d9:81:50:17:34:32:55:86:7b:fe:08:6f:96:
a8:a4:4b:ab:bd:80:b8:d5:3b:de:3e:4d:79:f2:e5:d8:01:ea:
a8:ec:b1:c6:0e:ea:79:6b:27:1a:ed:bd:17:59:46:cf:73:9e:
03:4b:3c:61:cb:a2:a3:1e:d5:3a:0b:7a:33:b4:ef:97:48:2e:
db:11:f2:cd:3a:9f:f7:58:39:16:94:a8:17:70:22:c7:43:cf:
08:de:1a:3f:6d:a6:ef:60:9a:b5:48:20:8d:03:ce:7b:fe:d2:
8b:8b:d4:c1:4b:42:e6:ec:03:d2:24:d6:be:ba:75:d7:73:4f:
3e:4a:44:67:ef:d1:8d:63:d6:ee:93:e8:82:9f:37:79:36:1c:
54:dc:6e:77:e5:c2:51:fa:47:a6:8c:82:7b:95:25:c4:2c:a4:
6d:b3:c2:4b:0e:eb:0a:bf:2c:87:e0:54:b7:2c:cc:3d:c0:37:
67:30:22:0d:38:bc:f2:ca:60:24:6d:3e:45:40:c5:10:91:07:
a2:8e:1d:9e:e8:88:d9:f2:8d:60:32:5a:85:9f:70:e4:ae:aa:
de:a1:31:d1:6d:d9:38:79:f6:fa:0a:73:5f:25:86:79:eb:4f:
97:b3:20:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZkia/QMErIb4lV8ACIEYtyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwOTA3MDQyNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ4YTljMmMyMzc3OGRkNDBiMzRhZDZiODM2ZDYzNjdhOGNiZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7NwHUrpJH6PssR9C2R23oZJyaCm
gz/HRLrR3Xl503QIYgxNp7e7RNT4BXQQwd9hJwn+D8JRwPRbhS4vqXoIR9uDQDxg
qxRZybGKR/dVhuBqJdAm920uacmsqzaIarzv9lFyhsTMMLFekH3Qelt3sO3ScXgU
7JgRIqAraLynVuKUkabSSr49JvfGv2HgVLeOD9zLW8ZU062uk614DxbcP49k4cU8
MYhOyNcH3AOZGltDyimH9JRi5MfxBBs2YskP828CnVbtGGosklRIEdt+TDbYdZV7
WUt78ZuYX4Pe7TVvxQB4ElE12ad7XUxS1Be4xfztGJrLtMR0iZtkPRwczQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHRIqcLCN3jdQLNK1rg21jZ6jL08MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZEVpcHdzSTNlTjFBczByV3VEYldObnFNdlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACy73kD
BACy734wDQYJKoZIhvcNAQELBQADggEBAGMLNJZNBcy47vS90u32hNCYQgpsAhuC
2YFQFzQyVYZ7/ghvlqikS6u9gLjVO94+TXny5dgB6qjsscYO6nlrJxrtvRdZRs9z
ngNLPGHLoqMe1ToLejO075dILtsR8s06n/dYORaUqBdwIsdDzwjeGj9tpu9gmrVI
II0Dznv+0ouL1MFLQubsA9Ik1r66dddzTz5KRGfv0Y1j1u6T6IKfN3k2HFTcbnfl
wlH6R6aMgnuVJcQspG2zwksO6wq/LIfgVLcszD3AN2cwIg04vPLKYCRtPkVAxRCR
B6KOHZ7oiNnyjWAyWoWfcOSuqt6hMdFt2Th59voKc18lhnnrT5ezIG4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:27 2025 by rpki-client