Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/KeM1ORJvG57zJzj1K2DwpMPSMZU.roa
File: KeM1ORJvG57zJzj1K2DwpMPSMZU.roa (raw, json)
Hash identifier: XHsHlY/bthSxdaTkdBh4Cmp1Xjdn7NaEjSx+3/K5zJQ=
Subject key identifier: 29:E3:35:39:12:6F:1B:9E:F3:27:38:F5:2B:60:F0:A4:C3:D2:31:95
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01989FDBE41894696BD7A73C32B59C69D427
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/KeM1ORJvG57zJzj1K2DwpMPSMZU.roa
Signing time: Tue 12 Aug 2025 19:57:24 +0000
ROA not before: Tue 12 Aug 2025 19:57:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 207.244.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9f:db:e4:18:94:69:6b:d7:a7:3c:32:b5:9c:69:d4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Aug 12 19:57:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29e33539126f1b9ef32738f52b60f0a4c3d23195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fb:86:29:d0:32:3b:f7:84:45:18:b8:21:4a:
cb:c1:8f:f0:49:df:98:07:2f:f4:6e:ae:12:1e:e6:
26:2d:d9:20:ba:12:c6:60:53:33:ce:93:3d:e0:f4:
b1:cb:13:59:97:0e:ec:42:11:eb:2f:c8:89:e8:c6:
9d:81:d3:61:1e:b5:a6:88:a7:b4:a3:8b:bd:3d:d4:
ed:23:1c:17:51:88:7f:f6:c2:5e:48:e1:5f:31:bf:
d9:af:3a:5b:6e:09:26:4e:a0:d0:74:df:24:ea:b4:
a0:20:65:52:45:6c:d0:12:2c:66:80:28:fa:92:b3:
92:39:00:1f:86:b4:0d:5a:8b:59:17:37:fa:93:52:
f1:3d:80:bb:6f:84:6c:ff:87:f6:5e:73:60:3c:f5:
ad:18:71:38:aa:05:60:1b:60:7a:4a:13:25:3d:24:
c1:9f:69:cc:d9:ce:d5:36:31:e2:a7:94:c7:31:06:
32:45:a1:13:00:d2:b8:3a:b0:61:cf:90:a9:f3:a8:
9d:a8:8b:76:9a:b6:0c:a4:2b:d9:47:19:90:78:45:
d5:ab:36:6b:7c:2e:f8:80:c7:26:aa:5c:69:a3:f5:
05:09:4d:c6:63:0d:25:90:c8:ee:54:b4:91:fc:4e:
c1:9e:88:f6:00:42:8e:59:66:ba:c2:bc:c8:25:b8:
b9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:35:39:12:6F:1B:9E:F3:27:38:F5:2B:60:F0:A4:C3:D2:31:95
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/KeM1ORJvG57zJzj1K2DwpMPSMZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.209.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:6c:f9:6b:8a:b2:6e:48:c9:e7:03:51:bc:c1:c7:9a:b4:85:
82:0b:a1:20:72:e6:03:dd:ed:de:76:0d:68:e7:c6:31:25:92:
67:55:23:52:62:e0:61:f4:ea:47:6c:40:1b:8c:a7:03:80:a6:
92:94:68:3e:6e:0f:6d:b0:c8:03:a5:0d:ff:7a:ad:51:53:fa:
76:05:a5:b3:47:e5:7c:33:bc:02:41:af:bc:19:33:06:03:ed:
e6:e1:e3:ba:72:b8:4d:3a:3c:29:a8:2c:62:0a:65:6b:ab:c9:
df:3f:16:1b:95:79:4f:49:bb:21:43:24:91:6d:f7:bd:43:10:
fc:ee:30:59:46:d9:9a:bd:60:00:69:15:b3:ee:76:72:0d:2e:
8a:a3:95:69:e2:b5:2d:af:e4:f2:ea:78:67:f0:9f:ca:dd:9e:
b8:28:bf:d7:e2:c5:a7:2e:66:5d:d4:f3:6b:58:30:86:d9:55:
eb:12:f7:fb:59:64:2d:8f:02:f9:50:fe:54:e2:fd:9e:cc:d5:
d0:2f:93:da:ce:8d:8b:ac:ad:cc:7d:93:7e:4e:0c:c9:dd:5b:
78:e5:38:17:6c:a2:0f:c1:61:5d:02:8e:7b:3c:99:e8:f4:17:
30:a4:3f:ac:b3:3b:ff:ac:28:f9:52:95:c0:d7:71:5d:81:85:
f4:bf:db:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZif2+QYlGlr16c8MrWcadQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwODEyMTk1NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUzMzUzOTEyNmYxYjllZjMyNzM4ZjUyYjYwZjBhNGMzZDIzMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfuGKdAyO/eERRi4IUrLwY/wSd+Y
By/0bq4SHuYmLdkguhLGYFMzzpM94PSxyxNZlw7sQhHrL8iJ6MadgdNhHrWmiKe0
o4u9PdTtIxwXUYh/9sJeSOFfMb/ZrzpbbgkmTqDQdN8k6rSgIGVSRWzQEixmgCj6
krOSOQAfhrQNWotZFzf6k1LxPYC7b4Rs/4f2XnNgPPWtGHE4qgVgG2B6ShMlPSTB
n2nM2c7VNjHip5THMQYyRaETANK4OrBhz5Cp86idqIt2mrYMpCvZRxmQeEXVqzZr
fC74gMcmqlxpo/UFCU3GYw0lkMjuVLSR/E7Bnoj2AEKOWWa6wrzIJbi5DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnjNTkSbxue8yc49Stg8KTD0jGVMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvS2VNMU9SSnZHNTd6SnpqMUsyRHdwTVBTTVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz/TRMA0G
CSqGSIb3DQEBCwUAA4IBAQA7bPlrirJuSMnnA1G8wceatIWCC6EgcuYD3e3edg1o
58YxJZJnVSNSYuBh9OpHbEAbjKcDgKaSlGg+bg9tsMgDpQ3/eq1RU/p2BaWzR+V8
M7wCQa+8GTMGA+3m4eO6crhNOjwpqCxiCmVrq8nfPxYblXlPSbshQySRbfe9QxD8
7jBZRtmavWAAaRWz7nZyDS6Ko5Vp4rUtr+Ty6nhn8J/K3Z64KL/X4sWnLmZd1PNr
WDCG2VXrEvf7WWQtjwL5UP5U4v2ezNXQL5Pazo2LrK3MfZN+TgzJ3Vt45TgXbKIP
wWFdAo57PJno9BcwpD+sszv/rCj5UpXA13FdgYX0v9tZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:11:59 2025 by rpki-client