Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/acXUcm42IS4pl31BFqGLL598V-g.roa
File: acXUcm42IS4pl31BFqGLL598V-g.roa (raw, json)
Hash identifier: tv2sOndhlPwn5kgKUF5qX+dekYD4mLLwcOPc7PK40dI=
Subject key identifier: 69:C5:D4:72:6E:36:21:2E:29:97:7D:41:16:A1:8B:2F:9F:7C:57:E8
Certificate issuer: /CN=0b90e376944d30294dea41f21fb7f1e1ca368a93
Certificate serial: 0197B0655CF674DACCA9B7D717FAC972401B
Authority key identifier: 0B:90:E3:76:94:4D:30:29:4D:EA:41:F2:1F:B7:F1:E1:CA:36:8A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/acXUcm42IS4pl31BFqGLL598V-g.roa
Signing time: Fri 27 Jun 2025 07:58:42 +0000
ROA not before: Fri 27 Jun 2025 07:58:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 93.123.45.0/24 maxlen: 24
2a14:e580::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:65:5c:f6:74:da:cc:a9:b7:d7:17:fa:c9:72:40:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b90e376944d30294dea41f21fb7f1e1ca368a93
Validity
Not Before: Jun 27 07:58:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c5d4726e36212e29977d4116a18b2f9f7c57e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:74:c9:fe:32:d2:a6:0c:7e:da:7d:13:b0:
1b:16:16:a9:77:55:29:e9:a4:b3:72:e7:fb:7d:fe:
d2:3c:fc:bf:83:13:2a:28:81:42:d5:f9:7a:e7:cf:
44:3f:31:16:c7:2d:73:b8:85:26:10:93:41:bf:3e:
e9:6a:30:39:a2:37:35:f3:c6:a6:9c:9f:e0:29:51:
3e:80:dd:06:85:84:79:c4:17:4c:15:77:1d:5d:40:
05:ea:cd:25:10:46:f9:12:6e:b2:62:c8:28:11:91:
01:6b:65:ea:3d:c5:28:c2:bf:1a:ba:b8:3d:c4:6c:
e9:c3:0b:4e:4c:97:f6:c6:35:cc:53:dd:50:84:96:
20:9d:01:be:6a:08:db:7b:8c:4f:c6:83:7b:ad:f2:
80:cf:05:30:9e:91:f6:73:2b:33:11:2b:b1:55:11:
d4:62:77:02:78:f5:64:0b:47:0a:bb:a8:67:0d:87:
e1:17:42:2b:39:14:7e:79:0d:d3:38:b2:d0:1d:84:
c0:3b:6c:bb:3e:71:18:5f:cf:05:32:77:f0:e2:ba:
c9:47:a2:1b:0d:8c:71:96:95:a5:5d:43:ae:28:0b:
d8:7b:36:0d:a1:00:73:6e:07:4a:fc:4f:29:94:9b:
b6:18:3d:ed:c7:8a:b2:10:54:c9:03:1f:22:57:a5:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C5:D4:72:6E:36:21:2E:29:97:7D:41:16:A1:8B:2F:9F:7C:57:E8
X509v3 Authority Key Identifier:
keyid:0B:90:E3:76:94:4D:30:29:4D:EA:41:F2:1F:B7:F1:E1:CA:36:8A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C5DjdpRNMClN6kHyH7fx4co2ipM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/acXUcm42IS4pl31BFqGLL598V-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/820e72-5706-4620-a990-20a3218b98cd/1/C5DjdpRNMClN6kHyH7fx4co2ipM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.45.0/24
IPv6:
2a14:e580::/29
Signature Algorithm: sha256WithRSAEncryption
6f:19:91:47:43:42:bf:11:a0:ca:ab:7d:48:81:38:22:4c:95:
5c:5d:6f:c0:7f:29:a4:74:e0:e9:e2:2b:7f:61:2f:d5:69:15:
bf:ef:e4:b7:63:c6:54:db:01:78:7b:c0:84:48:33:50:91:bc:
46:6e:df:66:a5:a8:67:9a:40:cc:31:48:cb:72:29:26:ec:52:
48:e3:cb:6b:25:92:fa:d5:6e:ff:b5:86:cd:af:0a:82:60:db:
7d:84:c2:00:a8:20:53:eb:ae:a2:ca:60:98:1f:35:69:84:6a:
66:18:01:8a:55:d0:e7:4c:8d:05:4b:54:0d:a6:54:1e:30:76:
04:75:55:aa:ca:b8:fd:18:0c:77:6f:4c:38:d5:7d:dc:ac:9e:
99:42:2b:e8:91:bb:90:fd:31:62:b9:45:ee:2e:a3:67:80:81:
db:0e:b5:53:cd:3e:04:61:5c:31:d2:4c:10:5d:26:da:bd:a9:
e9:9c:9b:de:99:d2:d3:10:57:ba:4f:7d:b6:a9:fd:8b:41:f2:
4c:d2:01:1f:47:0f:41:8c:a1:31:1a:59:1a:b7:fb:19:40:84:
be:08:d1:26:c3:5f:72:d0:47:aa:47:27:a5:05:eb:89:98:0e:
ce:cb:1e:b2:d7:24:3e:30:b4:b2:0b:0c:ca:7f:ba:17:a0:1d:
e7:e4:48:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZewZVz2dNrMqbfXF/rJckAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOTBlMzc2OTQ0ZDMwMjk0ZGVhNDFmMjFmYjdmMWUxY2Ez
NjhhOTMwHhcNMjUwNjI3MDc1ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM1ZDQ3MjZlMzYyMTJlMjk5NzdkNDExNmExOGIyZjlmN2M1N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUF0yf4y0qYMftp9E7AbFhapd1Up
6aSzcuf7ff7SPPy/gxMqKIFC1fl6589EPzEWxy1zuIUmEJNBvz7pajA5ojc188am
nJ/gKVE+gN0GhYR5xBdMFXcdXUAF6s0lEEb5Em6yYsgoEZEBa2XqPcUowr8aurg9
xGzpwwtOTJf2xjXMU91QhJYgnQG+agjbe4xPxoN7rfKAzwUwnpH2cyszESuxVRHU
YncCePVkC0cKu6hnDYfhF0IrORR+eQ3TOLLQHYTAO2y7PnEYX88FMnfw4rrJR6Ib
DYxxlpWlXUOuKAvYezYNoQBzbgdK/E8plJu2GD3tx4qyEFTJAx8iV6Ur4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGnF1HJuNiEuKZd9QRahiy+ffFfoMB8GA1UdIwQY
MBaAFAuQ43aUTTApTepB8h+38eHKNoqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzVEamRwUk5NQ2xONmtIeUg3Zng0Y28yaXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84MjBlNzItNTcwNi00NjIwLWE5OTAt
MjBhMzIxOGI5OGNkLzEvYWNYVWNtNDJJUzRwbDMxQkZxR0xMNTk4Vi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84MjBlNzItNTcwNi00NjIwLWE5OTAtMjBhMzIxOGI5OGNk
LzEvQzVEamRwUk5NQ2xONmtIeUg3Zng0Y28yaXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXXstMA0E
AgACMAcDBQMqFOWAMA0GCSqGSIb3DQEBCwUAA4IBAQBvGZFHQ0K/EaDKq31IgTgi
TJVcXW/AfymkdODp4it/YS/VaRW/7+S3Y8ZU2wF4e8CESDNQkbxGbt9mpahnmkDM
MUjLcikm7FJI48trJZL61W7/tYbNrwqCYNt9hMIAqCBT666iymCYHzVphGpmGAGK
VdDnTI0FS1QNplQeMHYEdVWqyrj9GAx3b0w41X3crJ6ZQivokbuQ/TFiuUXuLqNn
gIHbDrVTzT4EYVwx0kwQXSbavanpnJvemdLTEFe6T322qf2LQfJM0gEfRw9BjKEx
Glkat/sZQIS+CNEmw19y0EeqRyelBeuJmA7Oyx6y1yQ+MLSyCwzKf7oXoB3n5Eiz
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:25:37 2025 by rpki-client