Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7sxmOy-0rAzIdMxxHjWAxKzl7IM.roa
File: 7sxmOy-0rAzIdMxxHjWAxKzl7IM.roa (raw, json)
Hash identifier: KA9edUubvYsZNpiT8V1e3qBkWy1Wm8VmX9dSsY6ejss=
Subject key identifier: EE:CC:66:3B:2F:B4:AC:0C:C8:74:CC:71:1E:35:80:C4:AC:E5:EC:83
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0198BD25BFA533610225F893873FCBE25426
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7sxmOy-0rAzIdMxxHjWAxKzl7IM.roa
Signing time: Mon 18 Aug 2025 12:27:04 +0000
ROA not before: Mon 18 Aug 2025 12:27:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59762
IP address blocks: 5.10.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:25:bf:a5:33:61:02:25:f8:93:87:3f:cb:e2:54:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Aug 18 12:27:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eecc663b2fb4ac0cc874cc711e3580c4ace5ec83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:3d:a5:70:4d:66:01:e8:5d:cc:da:0d:96:
9c:4e:05:75:70:57:d8:ec:a1:56:4a:57:91:43:b5:
1e:9a:ee:53:04:f5:0a:5e:07:84:2b:c3:36:7b:16:
c2:c6:a7:5a:90:58:a9:2c:71:c1:a5:03:27:d7:05:
f6:33:29:69:60:bf:e0:36:4a:dc:fb:7d:c3:c2:1d:
31:8b:9c:91:4c:09:40:3f:ce:6c:5f:09:d6:17:3a:
f9:55:0e:d4:91:22:1b:5b:8e:13:1f:0e:0e:d2:56:
11:ae:a0:35:0e:50:18:ac:bc:8a:9c:aa:20:cc:2f:
a8:91:f5:7e:f2:a4:39:38:6c:32:f7:21:78:b5:64:
fe:58:8b:b5:79:f2:d7:46:76:44:f8:55:48:2b:d9:
d0:d8:a4:10:aa:a3:8f:06:47:dc:e8:1a:ea:78:56:
7a:ed:80:30:9f:29:42:cd:81:27:ee:85:9d:75:fd:
31:36:45:86:94:e6:a6:03:99:76:91:fd:42:d9:7a:
4e:cc:69:ae:5f:3a:c8:43:74:e4:34:69:81:f6:cf:
11:ef:7a:97:30:f6:a1:ee:aa:e8:d5:cc:4d:14:24:
76:1a:7a:9e:12:f3:76:b3:19:19:69:cb:10:0f:0d:
3e:ff:77:12:70:82:33:a0:be:bf:24:96:53:79:61:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CC:66:3B:2F:B4:AC:0C:C8:74:CC:71:1E:35:80:C4:AC:E5:EC:83
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/7sxmOy-0rAzIdMxxHjWAxKzl7IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.216.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:90:f6:6a:8b:8d:42:ec:63:69:bb:1e:88:26:c5:6d:4a:3e:
00:a0:e2:a5:f9:dd:73:1d:96:c4:f8:38:4a:b6:f9:5c:16:02:
41:63:dd:f1:ab:e4:42:e5:2c:da:0a:6d:ef:30:a7:db:24:00:
11:6c:0d:92:8d:35:db:7c:eb:ee:50:7d:31:d9:53:09:50:23:
6b:98:ba:0d:0e:15:4f:f8:bb:10:87:16:db:67:8a:2b:d2:ea:
d6:46:08:46:18:a4:40:2c:f7:28:c3:05:f0:b3:3a:27:9d:bd:
f3:7a:d8:20:44:d2:65:c5:2d:9d:3a:4a:d6:02:5a:34:11:5e:
24:9c:3f:19:d7:ea:8c:43:3a:f7:5f:5a:6c:ed:62:81:c6:a5:
67:88:13:34:7b:f0:e2:7e:10:b8:e7:4c:da:31:e4:24:1d:18:
3d:99:e2:c8:a6:a9:71:95:38:14:80:84:2c:85:8e:73:ab:a5:
6e:bf:8b:bd:f4:c1:77:5d:4a:86:4a:3a:3c:9f:5d:ed:9c:b9:
a9:81:63:b1:91:17:f9:58:4d:38:ed:a7:4d:d8:74:e7:eb:42:
ca:72:a9:79:45:5a:a7:d1:de:d5:15:8f:2c:7c:4e:b8:95:5e:
65:78:cd:8e:5c:d6:90:2f:22:f9:b5:e7:0d:c9:29:f1:64:b5:
e5:e6:03:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZi9Jb+lM2ECJfiThz/L4lQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwODE4MTIyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNjNjYzYjJmYjRhYzBjYzg3NGNjNzExZTM1ODBjNGFjZTVlYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm49pXBNZgHoXczaDZacTgV1cFfY
7KFWSleRQ7Uemu5TBPUKXgeEK8M2exbCxqdakFipLHHBpQMn1wX2MylpYL/gNkrc
+33Dwh0xi5yRTAlAP85sXwnWFzr5VQ7UkSIbW44THw4O0lYRrqA1DlAYrLyKnKog
zC+okfV+8qQ5OGwy9yF4tWT+WIu1efLXRnZE+FVIK9nQ2KQQqqOPBkfc6BrqeFZ6
7YAwnylCzYEn7oWddf0xNkWGlOamA5l2kf1C2XpOzGmuXzrIQ3TkNGmB9s8R73qX
MPah7qro1cxNFCR2GnqeEvN2sxkZacsQDw0+/3cScIIzoL6/JJZTeWGa4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7MZjsvtKwMyHTMcR41gMSs5eyDMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvN3N4bU95LTByQXpJZE14eEhqV0F4S3psN0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQrYMA0G
CSqGSIb3DQEBCwUAA4IBAQBckPZqi41C7GNpux6IJsVtSj4AoOKl+d1zHZbE+DhK
tvlcFgJBY93xq+RC5SzaCm3vMKfbJAARbA2SjTXbfOvuUH0x2VMJUCNrmLoNDhVP
+LsQhxbbZ4or0urWRghGGKRALPcowwXwszonnb3zetggRNJlxS2dOkrWAlo0EV4k
nD8Z1+qMQzr3X1ps7WKBxqVniBM0e/DifhC450zaMeQkHRg9meLIpqlxlTgUgIQs
hY5zq6Vuv4u99MF3XUqGSjo8n13tnLmpgWOxkRf5WE047adN2HTn60LKcql5RVqn
0d7VFY8sfE64lV5leM2OXNaQLyL5tecNySnxZLXl5gNs
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:19:57 2025 by rpki-client