Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7nT7CMWqjPir_XwHKqbnu1ePzNE.roa
File: 7nT7CMWqjPir_XwHKqbnu1ePzNE.roa (raw, json)
Hash identifier: rJwmBaZJEsYi70qVqGwJX3XQ1oE4rtGxixdiQCCrNxY=
Subject key identifier: EE:74:FB:08:C5:AA:8C:F8:AB:FD:7C:07:2A:A6:E7:BB:57:8F:CC:D1
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 01979C9A3E07AB49A92BA4F00BE43B67CE7D
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7nT7CMWqjPir_XwHKqbnu1ePzNE.roa
Signing time: Mon 23 Jun 2025 11:44:03 +0000
ROA not before: Mon 23 Jun 2025 11:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 91.237.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:9a:3e:07:ab:49:a9:2b:a4:f0:0b:e4:3b:67:ce:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Jun 23 11:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee74fb08c5aa8cf8abfd7c072aa6e7bb578fccd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:65:f7:2b:bc:ba:8a:5b:13:57:24:50:6b:
1d:18:65:56:92:b0:d7:c6:49:d1:a5:0f:5e:cd:09:
51:53:b4:b1:68:e5:92:15:47:f4:a2:2e:5d:13:5a:
ae:cf:b4:92:95:6e:03:f8:43:a0:38:9c:bb:64:53:
2b:25:80:fe:a3:df:4c:fd:1c:a1:e3:2c:38:f4:27:
3c:24:ac:7b:ce:45:66:be:91:a1:69:82:9c:ef:03:
85:37:2c:14:57:b1:b7:d6:7f:cb:29:f1:79:3d:a4:
01:45:57:07:dc:fc:96:de:1d:18:b3:e6:8a:6a:33:
2e:21:57:d3:cd:b3:89:13:0c:81:01:e8:76:d3:71:
53:9f:88:f1:56:3e:88:14:1f:26:14:cb:34:9e:43:
14:29:12:3e:d1:ca:09:dc:89:a1:85:e4:ca:2b:a4:
23:f5:9b:10:ed:14:a2:c7:c2:07:28:fc:22:95:24:
88:a5:b6:28:29:12:c9:71:9c:fc:54:07:8e:7a:c2:
72:ca:c3:f6:f5:24:4d:82:ea:b0:b6:89:4e:95:18:
84:7c:87:89:1e:92:c9:1e:ff:28:7a:de:ce:7e:60:
88:55:8f:b7:84:33:c4:5f:d8:12:a5:92:66:49:ed:
58:ab:1a:bf:cb:43:80:66:d3:ff:66:2d:d5:08:e3:
89:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:74:FB:08:C5:AA:8C:F8:AB:FD:7C:07:2A:A6:E7:BB:57:8F:CC:D1
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7nT7CMWqjPir_XwHKqbnu1ePzNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2b:9d:21:73:f4:9c:86:1f:cb:02:53:0a:d0:fa:94:12:14:
f0:ac:c6:f8:ea:0c:4a:bb:03:ff:71:bf:0b:6f:44:4f:91:a0:
b5:5e:20:92:f0:21:d1:c5:9b:0b:ae:0d:f4:89:3c:dd:2b:7a:
ba:f2:7f:ee:83:22:36:c8:f7:d8:3b:77:5e:de:70:f6:61:3d:
18:b8:d8:d2:99:4c:cc:3a:df:cc:69:10:53:f4:a2:dc:69:dc:
9e:41:6e:8a:73:dd:93:4e:37:8a:13:ca:c1:94:29:8c:43:52:
96:01:3d:82:4d:e7:af:24:36:7a:e4:50:1a:2b:94:96:0c:69:
d6:69:d6:46:d9:da:47:65:18:03:41:25:c1:e0:0e:0f:09:09:
ec:94:c5:c0:7d:0b:d1:96:8f:51:8a:72:0d:de:e7:6c:8d:39:
b1:4e:ea:d2:34:00:ad:fa:3d:08:8f:f8:49:b6:c5:91:8f:c8:
e7:48:4b:bf:85:6d:84:05:75:ab:65:c1:4b:96:b2:f2:81:71:
fb:12:a9:c1:a1:7f:71:42:04:1f:d2:05:91:95:08:0c:6b:aa:
54:54:b4:76:e2:ac:8b:11:56:dc:c1:c5:41:65:23:e4:b4:b1:
f1:29:f3:f1:e1:d6:84:90:f1:33:95:ad:fe:f2:71:fa:22:9d:
d2:47:69:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZecmj4Hq0mpK6TwC+Q7Z859MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNjIzMTE0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc0ZmIwOGM1YWE4Y2Y4YWJmZDdjMDcyYWE2ZTdiYjU3OGZjY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD1l9yu8uopbE1ckUGsdGGVWkrDX
xknRpQ9ezQlRU7SxaOWSFUf0oi5dE1quz7SSlW4D+EOgOJy7ZFMrJYD+o99M/Ryh
4yw49Cc8JKx7zkVmvpGhaYKc7wOFNywUV7G31n/LKfF5PaQBRVcH3PyW3h0Ys+aK
ajMuIVfTzbOJEwyBAeh203FTn4jxVj6IFB8mFMs0nkMUKRI+0coJ3ImhheTKK6Qj
9ZsQ7RSix8IHKPwilSSIpbYoKRLJcZz8VAeOesJyysP29SRNguqwtolOlRiEfIeJ
HpLJHv8oet7OfmCIVY+3hDPEX9gSpZJmSe1Yqxq/y0OAZtP/Zi3VCOOJCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO50+wjFqoz4q/18Byqm57tXj8zRMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvN25UN0NNV3FqUGlyX1h3SEtxYm51MWVQek5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+3/MA0G
CSqGSIb3DQEBCwUAA4IBAQAdK50hc/Schh/LAlMK0PqUEhTwrMb46gxKuwP/cb8L
b0RPkaC1XiCS8CHRxZsLrg30iTzdK3q68n/ugyI2yPfYO3de3nD2YT0YuNjSmUzM
Ot/MaRBT9KLcadyeQW6Kc92TTjeKE8rBlCmMQ1KWAT2CTeevJDZ65FAaK5SWDGnW
adZG2dpHZRgDQSXB4A4PCQnslMXAfQvRlo9RinIN3udsjTmxTurSNACt+j0Ij/hJ
tsWRj8jnSEu/hW2EBXWrZcFLlrLygXH7EqnBoX9xQgQf0gWRlQgMa6pUVLR24qyL
EVbcwcVBZSPktLHxKfPx4daEkPEzla3+8nH6Ip3SR2kf
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:44:23 2025 by rpki-client