Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fMWmdcQXOhjoJBUXP3AGg8IgpJg.roa
File: fMWmdcQXOhjoJBUXP3AGg8IgpJg.roa (raw, json)
Hash identifier: lkH20hKPwY+mFCCqdbSxmlIPFq6XkB18aChnf73Uutk=
Subject key identifier: 7C:C5:A6:75:C4:17:3A:18:E8:24:15:17:3F:70:06:83:C2:20:A4:98
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0198C177B4BF7A3399196BAEF5F4DB6CB71C
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fMWmdcQXOhjoJBUXP3AGg8IgpJg.roa
Signing time: Tue 19 Aug 2025 08:35:04 +0000
ROA not before: Tue 19 Aug 2025 08:35:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:77:b4:bf:7a:33:99:19:6b:ae:f5:f4:db:6c:b7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Aug 19 08:35:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cc5a675c4173a18e82415173f700683c220a498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:87:00:0e:55:75:8e:d6:f3:50:bb:ac:34:a9:
4e:dc:7e:18:fa:aa:66:1d:45:2d:22:e7:9e:bc:48:
92:70:02:b0:7c:53:55:3b:2d:d3:9a:83:dd:f1:8b:
d0:f9:5b:4b:61:ca:e5:a9:53:9e:27:33:e7:c3:15:
43:3f:05:41:c0:ad:d1:07:23:c0:f1:ec:d2:cc:7e:
73:ed:fa:b7:4b:f0:b1:88:71:b8:24:c5:08:7b:32:
5f:6f:72:e8:8f:38:15:d3:b6:8d:d7:88:dd:f4:27:
5e:93:15:0d:e9:97:35:94:77:07:85:67:23:d0:e6:
45:29:68:06:56:e9:52:69:70:7b:98:86:d1:0e:1c:
03:d7:27:08:f7:bf:39:d2:c8:13:3e:66:9e:bc:5b:
dd:11:23:a8:b0:61:e0:71:21:59:03:5f:b8:02:26:
10:06:49:e5:05:4c:e9:9b:c7:80:bd:dd:a7:01:88:
06:0d:5a:9b:3c:05:3a:4a:79:a9:ec:12:68:bf:f3:
35:68:41:96:cf:28:00:8a:43:48:f5:17:b4:de:04:
be:ad:c7:5c:bf:de:ee:63:3d:d0:4c:49:50:33:8b:
5d:88:35:6a:6a:5e:d2:9c:cc:10:03:ec:80:00:be:
19:79:73:15:82:0a:39:3e:07:95:4d:f3:9e:57:70:
0a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C5:A6:75:C4:17:3A:18:E8:24:15:17:3F:70:06:83:C2:20:A4:98
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fMWmdcQXOhjoJBUXP3AGg8IgpJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.250.0/23
87.229.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:bc:93:65:43:93:74:48:ae:25:03:53:e7:4c:fd:bf:20:3a:
5d:fb:2d:10:05:f4:91:e8:5e:29:51:21:0b:d1:70:95:44:5c:
16:9b:af:29:d1:59:86:2b:62:96:c2:30:51:7f:23:84:af:11:
8f:95:9e:3e:7c:7d:16:20:9f:67:39:6b:d0:57:31:c9:b7:95:
e3:63:e7:f2:03:8b:50:67:e2:b0:47:bc:76:96:bd:15:bb:c3:
41:7c:5d:5a:a8:df:56:c6:22:7c:e0:55:4a:18:54:fb:76:42:
e5:be:8c:4b:a9:13:38:b2:02:da:3e:57:be:b9:48:cc:78:59:
c3:d5:64:c3:08:2a:ee:2b:1d:62:c8:5a:bf:9b:4a:fb:89:be:
49:82:d7:bc:c7:b6:5c:18:14:c2:b5:af:ae:77:1b:30:8f:01:
c8:68:8e:99:3b:2c:5e:d2:c7:f4:21:99:1a:cb:bb:00:63:a3:
93:4f:ec:15:bd:55:18:6e:a4:17:7f:75:65:fa:58:2b:07:a9:
da:9b:93:39:0f:b6:ac:26:9b:3f:a2:72:c5:be:14:22:e3:e1:
a8:9c:ce:a6:b0:e6:b6:ba:67:bb:19:be:e7:02:7b:84:c1:80:
90:72:3f:22:78:97:11:66:18:0d:92:2f:51:bd:30:47:bd:e8:
19:7e:ba:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjBd7S/ejOZGWuu9fTbbLccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwODE5MDgzNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M1YTY3NWM0MTczYTE4ZTgyNDE1MTczZjcwMDY4M2MyMjBhNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IcADlV1jtbzULusNKlO3H4Y+qpm
HUUtIueevEiScAKwfFNVOy3TmoPd8YvQ+VtLYcrlqVOeJzPnwxVDPwVBwK3RByPA
8ezSzH5z7fq3S/CxiHG4JMUIezJfb3LojzgV07aN14jd9CdekxUN6Zc1lHcHhWcj
0OZFKWgGVulSaXB7mIbRDhwD1ycI97850sgTPmaevFvdESOosGHgcSFZA1+4AiYQ
BknlBUzpm8eAvd2nAYgGDVqbPAU6Snmp7BJov/M1aEGWzygAikNI9Re03gS+rcdc
v97uYz3QTElQM4tdiDVqal7SnMwQA+yAAL4ZeXMVggo5PgeVTfOeV3AKVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHzFpnXEFzoY6CQVFz9wBoPCIKSYMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZk1XbWRjUVhPaGpvSkJVWFAzQUdnOElncEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT6zIAwQB
T6z6AwQCV+UIMA0GCSqGSIb3DQEBCwUAA4IBAQCavJNlQ5N0SK4lA1PnTP2/IDpd
+y0QBfSR6F4pUSEL0XCVRFwWm68p0VmGK2KWwjBRfyOErxGPlZ4+fH0WIJ9nOWvQ
VzHJt5XjY+fyA4tQZ+KwR7x2lr0Vu8NBfF1aqN9WxiJ84FVKGFT7dkLlvoxLqRM4
sgLaPle+uUjMeFnD1WTDCCruKx1iyFq/m0r7ib5Jgte8x7ZcGBTCta+udxswjwHI
aI6ZOyxe0sf0IZkay7sAY6OTT+wVvVUYbqQXf3Vl+lgrB6nam5M5D7asJps/onLF
vhQi4+GonM6msOa2ume7Gb7nAnuEwYCQcj8ieJcRZhgNki9RvTBHvegZfrqq
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:04:10 2025 by rpki-client