Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/prKzcOdb2gq7whbRtn2j18st210.roa
File: prKzcOdb2gq7whbRtn2j18st210.roa (raw, json)
Hash identifier: TLxvtHMzXY4Lge96VJalh1cOFoXVbLd9V2/rCUHRN3g=
Subject key identifier: A6:B2:B3:70:E7:5B:DA:0A:BB:C2:16:D1:B6:7D:A3:D7:CB:2D:DB:5D
Certificate issuer: /CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Certificate serial: 01978CEE666BCFF4CFECE8F23F30BF2135F7
Authority key identifier: DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/prKzcOdb2gq7whbRtn2j18st210.roa
Signing time: Fri 20 Jun 2025 10:42:03 +0000
ROA not before: Fri 20 Jun 2025 10:42:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 194.59.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:ee:66:6b:cf:f4:cf:ec:e8:f2:3f:30:bf:21:35:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Validity
Not Before: Jun 20 10:42:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6b2b370e75bda0abbc216d1b67da3d7cb2ddb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:96:72:a2:4e:f2:5f:0f:9b:3e:e7:07:bc:
bb:fd:ea:be:43:9f:49:0e:95:2d:12:96:ad:54:d4:
73:51:3e:58:1d:42:8f:26:8d:fb:6e:3c:8e:2a:9f:
a7:64:7a:a0:43:05:65:9c:06:79:2d:2d:8a:ab:9e:
58:ee:17:04:3f:6d:33:a8:ea:56:01:8b:44:62:d3:
6b:ab:1c:58:c1:6b:df:b2:b0:6d:e9:80:81:51:00:
c9:af:bf:93:15:f7:5d:39:ce:54:0d:a2:e1:fd:b1:
88:1b:01:fc:b3:57:16:db:56:8d:1a:52:f3:95:a3:
cf:6c:04:f3:42:38:65:c4:e4:59:35:30:2a:a5:24:
b3:ba:4c:37:5a:7a:1d:00:df:64:0b:ba:10:81:6b:
82:21:94:1a:b4:5f:2c:81:71:f1:65:97:e4:06:5f:
e4:0b:e8:b1:e4:73:86:ca:a5:d7:e7:b0:70:08:76:
c5:f4:48:2c:a9:1f:03:ed:2b:75:6d:7e:c4:06:e6:
2f:fe:8e:b4:2c:2a:12:22:6d:5c:f9:5a:4a:80:df:
59:2b:0b:7a:8e:31:f4:2a:35:bc:37:f8:c5:2e:d9:
af:21:41:51:ac:69:8e:63:b8:16:72:21:76:76:ee:
f3:3a:a6:6b:07:d3:a5:1b:11:cc:cc:c0:d9:f1:92:
19:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B2:B3:70:E7:5B:DA:0A:BB:C2:16:D1:B6:7D:A3:D7:CB:2D:DB:5D
X509v3 Authority Key Identifier:
keyid:DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/prKzcOdb2gq7whbRtn2j18st210.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:07:ab:1f:a2:4a:cb:ac:ba:57:ca:aa:f0:82:e8:8f:00:05:
32:cf:8f:73:57:d4:62:76:58:12:d6:31:c3:06:e4:21:d9:d1:
df:c2:a9:7d:80:f0:5c:99:b7:1c:51:03:18:7e:f7:e1:d3:f1:
72:c8:0b:0b:55:3d:34:57:03:c7:08:8b:2c:e6:cf:16:a2:e4:
36:37:ac:54:3e:a7:58:65:6a:d0:4f:22:9b:ec:cb:9a:bf:8c:
06:43:8a:90:eb:36:6c:e8:53:b9:03:15:a1:d2:e4:49:43:a9:
ca:7d:43:ee:bb:20:49:4c:12:02:18:dd:07:61:9b:c5:8e:80:
8c:2f:1f:a7:2d:aa:85:da:55:61:1d:91:74:a4:26:ad:77:8c:
e8:c5:8a:ab:38:e9:b8:75:1e:56:11:7b:18:3c:6c:e9:50:c0:
71:f5:a9:d0:7d:d8:f2:4a:8f:74:9b:a3:83:d3:64:65:7f:ba:
12:a6:e2:0a:d1:ae:aa:76:c2:3b:e6:c4:f9:41:39:61:d8:fa:
10:98:9b:e9:53:f4:cd:74:a5:6e:0d:f4:fa:61:b7:24:1b:4d:
23:b9:08:96:7c:d1:31:8e:fa:be:21:98:20:9a:26:db:05:72:
c7:0c:ca:b8:f0:7d:14:66:a4:19:45:58:72:45:3d:04:44:a3:
7b:c0:48:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeM7mZrz/TP7OjyPzC/ITX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTcyYzhmYWVjYjcwNTJjODQxMjAxYjI1ZjZhMDE4ZTQ3
N2IxYzIwHhcNMjUwNjIwMTA0MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmIyYjM3MGU3NWJkYTBhYmJjMjE2ZDFiNjdkYTNkN2NiMmRkYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYSWcqJO8l8Pmz7nB7y7/eq+Q59J
DpUtEpatVNRzUT5YHUKPJo37bjyOKp+nZHqgQwVlnAZ5LS2Kq55Y7hcEP20zqOpW
AYtEYtNrqxxYwWvfsrBt6YCBUQDJr7+TFfddOc5UDaLh/bGIGwH8s1cW21aNGlLz
laPPbATzQjhlxORZNTAqpSSzukw3WnodAN9kC7oQgWuCIZQatF8sgXHxZZfkBl/k
C+ix5HOGyqXX57BwCHbF9EgsqR8D7St1bX7EBuYv/o60LCoSIm1c+VpKgN9ZKwt6
jjH0KjW8N/jFLtmvIUFRrGmOY7gWciF2du7zOqZrB9OlGxHMzMDZ8ZIZJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKays3DnW9oKu8IW0bZ9o9fLLdtdMB8GA1UdIwQY
MBaAFN7nLI+uy3BSyEEgGyX2oBjkd7HCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2Ut
MzgzZmIyYjk1NGQ5LzEvcHJLemNPZGIyZ3E3d2hiUnRuMmoxOHN0MjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2UtMzgzZmIyYjk1NGQ5
LzEvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjvXMA0G
CSqGSIb3DQEBCwUAA4IBAQCrB6sfokrLrLpXyqrwguiPAAUyz49zV9RidlgS1jHD
BuQh2dHfwql9gPBcmbccUQMYfvfh0/FyyAsLVT00VwPHCIss5s8WouQ2N6xUPqdY
ZWrQTyKb7Muav4wGQ4qQ6zZs6FO5AxWh0uRJQ6nKfUPuuyBJTBICGN0HYZvFjoCM
Lx+nLaqF2lVhHZF0pCatd4zoxYqrOOm4dR5WEXsYPGzpUMBx9anQfdjySo90m6OD
02Rlf7oSpuIK0a6qdsI75sT5QTlh2PoQmJvpU/TNdKVuDfT6YbckG00juQiWfNEx
jvq+IZggmibbBXLHDMq48H0UZqQZRVhyRT0ERKN7wEjs
-----END CERTIFICATE-----
Generated at Sun Jun 29 20:26:53 2025 by rpki-client