Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7lNOTrEwqfi1ykx8mI82GLbCVSg.roa
File: 7lNOTrEwqfi1ykx8mI82GLbCVSg.roa (raw, json)
Hash identifier: FZ2hfje/O61YReLW5yRaWN5SmQ1/e2mAoT18RMzuTMM=
Subject key identifier: EE:53:4E:4E:B1:30:A9:F8:B5:CA:4C:7C:98:8F:36:18:B6:C2:55:28
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0197B06ADC62E54F063AF2B054440A37A754
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7lNOTrEwqfi1ykx8mI82GLbCVSg.roa
Signing time: Fri 27 Jun 2025 08:04:42 +0000
ROA not before: Fri 27 Jun 2025 08:04:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:6a:dc:62:e5:4f:06:3a:f2:b0:54:44:0a:37:a7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jun 27 08:04:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee534e4eb130a9f8b5ca4c7c988f3618b6c25528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:41:f2:86:7f:1a:4e:b3:a7:2e:35:4d:8e:
9b:c9:62:4b:9b:60:41:6c:e7:8a:fa:f2:7e:50:49:
e2:0f:1e:57:6e:5e:db:bd:cf:8d:9c:ed:d5:26:dc:
1e:a5:08:ac:8d:85:6e:05:70:d2:a8:51:9c:26:2f:
90:a8:04:10:c8:15:8a:0a:d1:5f:a0:73:25:21:4a:
3a:96:78:b9:8d:cd:09:f2:e8:7b:52:85:f1:01:a0:
ce:18:3c:89:4e:ae:ce:be:56:7a:e5:af:7e:fe:d2:
c8:f2:10:f5:12:5c:c9:26:88:43:16:4b:4b:69:6d:
72:93:cc:f4:2f:01:6f:4b:fe:88:da:dd:30:18:c7:
75:46:e8:ae:a8:ea:c3:13:66:70:cd:c1:94:0d:b1:
53:ce:53:a1:8b:26:31:45:55:9e:d3:a0:de:5e:31:
d6:27:8f:5a:c2:49:1e:d1:28:95:7d:ff:6c:50:d9:
27:0c:8e:99:74:e2:66:41:8f:fd:d4:52:9f:b1:93:
07:e5:63:67:0b:77:52:11:09:ba:29:8a:2a:88:36:
4a:c6:18:a7:a1:88:ab:1e:34:b8:36:03:01:23:8e:
e0:d7:ca:8e:34:fd:5a:0c:7f:c5:ab:b7:6a:4d:0a:
c4:2b:c8:2b:a8:9a:8a:fb:70:84:ad:0b:8e:72:aa:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:53:4E:4E:B1:30:A9:F8:B5:CA:4C:7C:98:8F:36:18:B6:C2:55:28
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7lNOTrEwqfi1ykx8mI82GLbCVSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/24
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c8:65:3e:06:94:44:af:18:a4:2b:2c:fe:ce:9a:0a:4b:fe:
0e:77:4e:6e:c6:de:97:8c:6c:74:ca:41:46:ae:cf:78:c1:af:
b8:ea:1d:5c:32:be:d3:99:0d:1c:1a:eb:e7:f8:6c:e9:9d:65:
5e:58:cb:19:03:10:e7:44:41:2b:42:b7:7e:ca:e3:6c:88:e9:
82:b6:9c:ff:e6:38:cf:0b:25:38:b5:84:bc:9e:56:a4:7a:f2:
40:8a:87:3a:61:f6:ca:36:93:cf:33:dd:2d:ca:6a:33:6d:13:
93:e4:75:72:1f:e4:20:c6:e7:89:1f:05:0f:04:be:be:04:07:
bc:d0:48:cc:ed:48:59:49:66:fe:b9:b2:50:68:c5:0e:6a:90:
d6:39:12:0a:6a:09:ef:bb:94:ee:06:cb:4b:a2:1b:37:f2:82:
9a:4b:9d:4f:62:b0:1a:b5:23:d7:97:5e:99:a5:f3:f6:67:73:
26:25:d8:df:32:cb:c2:11:2c:91:13:03:b6:05:84:c6:28:e5:
08:95:90:42:b3:ac:89:0e:19:fb:eb:34:42:44:ac:20:11:5b:
91:39:b0:9f:a3:c5:b1:93:91:e2:7a:e3:f1:dc:07:84:99:b4:
05:c7:22:1a:9f:2b:23:fa:eb:88:7c:00:ed:53:a0:66:6e:75:
ac:3a:6b:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZewatxi5U8GOvKwVEQKN6dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwNjI3MDgwNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTUzNGU0ZWIxMzBhOWY4YjVjYTRjN2M5ODhmMzYxOGI2YzI1NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovBB8oZ/Gk6zpy41TY6byWJLm2BB
bOeK+vJ+UEniDx5Xbl7bvc+NnO3VJtwepQisjYVuBXDSqFGcJi+QqAQQyBWKCtFf
oHMlIUo6lni5jc0J8uh7UoXxAaDOGDyJTq7OvlZ65a9+/tLI8hD1ElzJJohDFktL
aW1yk8z0LwFvS/6I2t0wGMd1RuiuqOrDE2ZwzcGUDbFTzlOhiyYxRVWe06DeXjHW
J49awkke0SiVff9sUNknDI6ZdOJmQY/91FKfsZMH5WNnC3dSEQm6KYoqiDZKxhin
oYirHjS4NgMBI47g18qONP1aDH/Fq7dqTQrEK8grqJqK+3CErQuOcqpTwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO5TTk6xMKn4tcpMfJiPNhi2wlUoMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvN2xOT1RyRXdxZmkxeWt4OG1JODJHTGJDVlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrUAwQA
BQreMA0GCSqGSIb3DQEBCwUAA4IBAQCAyGU+BpRErxikKyz+zpoKS/4Od05uxt6X
jGx0ykFGrs94wa+46h1cMr7TmQ0cGuvn+GzpnWVeWMsZAxDnREErQrd+yuNsiOmC
tpz/5jjPCyU4tYS8nlakevJAioc6YfbKNpPPM90tymozbROT5HVyH+QgxueJHwUP
BL6+BAe80EjM7UhZSWb+ubJQaMUOapDWORIKagnvu5TuBstLohs38oKaS51PYrAa
tSPXl16ZpfP2Z3MmJdjfMsvCESyREwO2BYTGKOUIlZBCs6yJDhn76zRCRKwgEVuR
ObCfo8Wxk5HieuPx3AeEmbQFxyIanysj+uuIfADtU6BmbnWsOmt5
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:10:19 2025 by rpki-client