Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/sDXiMMtB0SUjAEcuxyn_krSwmHE.roa
File: sDXiMMtB0SUjAEcuxyn_krSwmHE.roa (raw, json)
Hash identifier: anyUBM1hq5J/9Y3FZD4T/DzSpqZkNbhmkogY6Bv+tL8=
Subject key identifier: B0:35:E2:30:CB:41:D1:25:23:00:47:2E:C7:29:FF:92:B4:B0:98:71
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01979DFD77F17AF1F227C497727E19DC4A3A
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/sDXiMMtB0SUjAEcuxyn_krSwmHE.roa
Signing time: Mon 23 Jun 2025 18:12:03 +0000
ROA not before: Mon 23 Jun 2025 18:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:fd:77:f1:7a:f1:f2:27:c4:97:72:7e:19:dc:4a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jun 23 18:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b035e230cb41d1252300472ec729ff92b4b09871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:20:b2:89:0b:9b:6f:2d:cf:4d:b2:57:d6:63:
be:ec:f8:5a:6c:c0:d1:e9:ce:05:80:bb:ab:34:9d:
00:35:e2:29:4d:79:32:99:8a:0a:cd:89:65:e3:a8:
a5:0b:9f:c7:66:0a:5d:e6:ce:3f:b8:96:60:ae:2b:
80:cd:57:05:74:6f:ba:d8:47:de:f9:8d:7e:4a:2b:
44:e6:29:25:31:8b:0d:cf:42:a1:2e:43:ce:ee:3f:
ca:1a:02:96:f0:be:86:80:5d:ac:c0:ce:77:6e:1c:
96:23:85:f2:4e:3b:e1:2c:cc:ac:1e:ac:dd:18:ee:
a6:44:bd:10:01:2c:82:43:01:3a:49:ff:1a:1c:b1:
ef:27:91:5e:fe:12:d1:6f:1e:aa:30:ce:fb:d2:e8:
33:2b:46:32:83:c3:fb:24:63:9e:61:19:2e:55:eb:
e5:19:c6:78:85:12:75:78:e4:47:4c:a2:f3:44:b5:
4b:a5:92:74:d8:7c:a5:9e:57:15:5f:6f:3a:2f:6d:
92:32:06:8f:8d:93:84:b4:30:d5:07:f7:1c:1b:e8:
42:4b:63:6a:b8:e8:c6:ef:04:db:fd:f3:1d:87:cb:
1e:7c:6f:53:4d:d3:4c:9f:c9:11:31:ed:32:5d:b7:
c7:f7:38:ef:de:09:4c:88:95:c7:64:ab:50:ae:3e:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:35:E2:30:CB:41:D1:25:23:00:47:2E:C7:29:FF:92:B4:B0:98:71
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/sDXiMMtB0SUjAEcuxyn_krSwmHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.28.0/23
86.54.31.0/24
IPv6:
2a01:e940::/48
Signature Algorithm: sha256WithRSAEncryption
c8:91:e3:65:72:72:a3:8f:02:0c:4d:6a:fd:10:93:35:69:d6:
5b:b9:b1:9d:42:99:da:e8:c7:af:a8:5b:8a:36:6c:f8:27:89:
41:72:56:9e:40:ce:a8:0d:77:09:9e:75:1d:05:cf:21:ca:45:
3c:a9:17:8b:89:79:ca:ee:84:4f:c8:60:42:58:8a:b4:5f:5f:
86:7f:de:dc:c6:c3:a5:32:33:5b:88:fa:e1:2d:3d:fb:a5:73:
32:4e:7b:88:b3:e2:93:23:d7:40:42:f4:ba:0a:a1:a3:18:6c:
56:46:28:db:9a:9c:d1:5c:61:13:15:55:cc:61:51:29:7a:49:
b3:2f:b8:1c:83:46:71:f2:9b:45:aa:79:0f:0b:17:8c:b2:f4:
da:bb:b3:5c:49:71:52:9e:30:fe:fa:19:dd:71:16:a5:55:17:
37:b3:16:13:ee:18:c2:b6:5a:28:70:6a:90:12:8e:73:b0:7d:
40:27:f4:44:8b:8e:d3:42:ad:01:d1:8b:d8:da:e5:13:8a:7c:
c9:29:97:06:f2:a5:5f:c9:35:a4:ac:94:96:63:14:bf:0a:2c:
49:e9:c9:ab:23:7e:c5:39:9f:0b:e6:5d:f8:72:aa:70:b7:07:
6e:0d:ec:dc:64:a9:16:d7:cd:a4:00:06:7c:0f:d7:d7:34:b1:
da:6a:27:a7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZed/XfxevHyJ8SXcn4Z3Eo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwNjIzMTgxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM1ZTIzMGNiNDFkMTI1MjMwMDQ3MmVjNzI5ZmY5MmI0YjA5ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyCyiQubby3PTbJX1mO+7PhabMDR
6c4FgLurNJ0ANeIpTXkymYoKzYll46ilC5/HZgpd5s4/uJZgriuAzVcFdG+62Efe
+Y1+SitE5iklMYsNz0KhLkPO7j/KGgKW8L6GgF2swM53bhyWI4XyTjvhLMysHqzd
GO6mRL0QASyCQwE6Sf8aHLHvJ5Fe/hLRbx6qMM770ugzK0Yyg8P7JGOeYRkuVevl
GcZ4hRJ1eORHTKLzRLVLpZJ02HylnlcVX286L22SMgaPjZOEtDDVB/ccG+hCS2Nq
uOjG7wTb/fMdh8sefG9TTdNMn8kRMe0yXbfH9zjv3glMiJXHZKtQrj6A9wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLA14jDLQdElIwBHLscp/5K0sJhxMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvc0RYaU1NdEIwU1VqQUVjdXh5bl9rclN3bUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBVjYcAwQA
VjYfMA8EAgACMAkDBwAqAelAAAAwDQYJKoZIhvcNAQELBQADggEBAMiR42VycqOP
AgxNav0QkzVp1lu5sZ1Cmdrox6+oW4o2bPgniUFyVp5AzqgNdwmedR0FzyHKRTyp
F4uJecruhE/IYEJYirRfX4Z/3tzGw6UyM1uI+uEtPfulczJOe4iz4pMj10BC9LoK
oaMYbFZGKNuanNFcYRMVVcxhUSl6SbMvuByDRnHym0WqeQ8LF4yy9Nq7s1xJcVKe
MP76Gd1xFqVVFzezFhPuGMK2WihwapASjnOwfUAn9ESLjtNCrQHRi9ja5ROKfMkp
lwbypV/JNaSslJZjFL8KLEnpyasjfsU5nwvmXfhyqnC3B24N7NxkqRbXzaQABnwP
19c0sdpqJ6c=
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:24:49 2025 by rpki-client