Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Y71aZPizitb8cfC2jQM8qboeRHE.roa
File: Y71aZPizitb8cfC2jQM8qboeRHE.roa (raw, json)
Hash identifier: 2RW7c5X7XS6+cJR57RbMmRPTtinCPQxC9w+xZJdyHfw=
Subject key identifier: 63:BD:5A:64:F8:B3:8A:D6:FC:71:F0:B6:8D:03:3C:A9:BA:1E:44:71
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0198BD25BF51A8BB34CB46F4832A5A48BD26
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Y71aZPizitb8cfC2jQM8qboeRHE.roa
Signing time: Mon 18 Aug 2025 12:27:04 +0000
ROA not before: Mon 18 Aug 2025 12:27:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.213.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:25:bf:51:a8:bb:34:cb:46:f4:83:2a:5a:48:bd:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Aug 18 12:27:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63bd5a64f8b38ad6fc71f0b68d033ca9ba1e4471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0b:5d:c7:3b:86:9d:cd:06:30:58:2a:50:84:
dc:b8:e1:4f:77:ef:ae:10:01:02:04:62:93:bf:7f:
0f:f4:d0:82:a1:3b:5e:24:e9:cb:61:4d:ee:6e:93:
ef:58:1c:bb:46:f8:11:6e:6d:28:92:ce:39:21:20:
d4:6a:68:d4:67:9a:7c:59:ae:af:e2:72:53:e8:ce:
72:36:53:bc:cd:aa:07:6e:53:46:b2:b6:47:74:5a:
59:6b:42:df:2c:cc:a8:57:38:5c:55:d6:10:1f:35:
a4:fb:07:f9:3c:ea:a3:d7:40:43:63:1b:c4:2a:dd:
1b:aa:90:78:09:9b:2b:27:db:8a:4b:f7:22:46:4f:
12:9e:84:78:67:fe:a3:ad:54:4b:e8:40:32:23:41:
0e:b1:ae:f4:75:b3:ae:81:81:8d:74:66:26:9f:4a:
9e:1d:01:56:d1:2b:ab:50:d3:a1:53:4f:85:9d:35:
09:90:d7:b3:44:d0:1e:8d:5d:42:60:d8:05:fd:75:
ea:87:d8:51:14:af:7c:0f:fa:4d:c9:85:c0:a6:1d:
2e:5f:40:78:81:61:02:31:c3:d2:42:a8:b1:d2:b4:
db:77:4e:ef:f0:28:fa:b1:e8:fa:12:c1:cc:2f:37:
6a:21:47:cc:85:c5:a6:81:da:bc:79:93:ef:9e:5a:
38:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BD:5A:64:F8:B3:8A:D6:FC:71:F0:B6:8D:03:3C:A9:BA:1E:44:71
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Y71aZPizitb8cfC2jQM8qboeRHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.213.0/24
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f7:b4:1e:64:3a:9f:c4:1e:73:ce:7f:79:0e:0f:e2:62:7e:
d1:8d:44:f5:42:05:fb:c4:d5:a3:3f:21:74:57:b5:a3:1a:72:
02:25:92:1e:13:14:22:85:41:4c:8f:5f:a1:f2:6a:e1:29:da:
8a:df:45:53:a5:a3:6c:91:f7:48:94:e0:b2:70:b7:d7:2b:3e:
b7:98:5f:a9:27:9c:04:bf:09:76:81:22:02:fe:9e:de:4b:25:
38:a7:ee:29:59:92:e1:d7:ad:d1:b2:25:68:aa:2d:70:64:54:
84:ce:40:7e:d1:94:ce:28:e8:15:cd:7c:5e:f1:f2:2f:ef:0a:
5a:54:8a:e1:71:c3:7c:a2:6c:72:54:5d:52:4f:69:00:53:f1:
4a:53:d5:56:3f:07:ce:aa:9d:30:60:c8:e0:b1:ba:eb:f2:18:
52:c3:14:66:49:42:e3:fb:25:17:7e:c2:48:da:ff:4e:d8:6f:
18:06:f0:f8:d2:87:a0:7f:1a:33:ef:7a:5a:03:f3:04:3f:d1:
6d:61:73:77:01:21:8d:97:5b:c3:fe:8c:cb:55:8b:f6:42:ee:
c2:e5:1a:c5:2b:8b:74:f5:9d:6f:b3:2f:9a:cc:1a:4d:05:20:
64:b5:ba:91:e2:68:92:9b:76:8c:1e:7f:97:59:b0:bb:52:cc:
fe:4d:96:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZi9Jb9RqLs0y0b0gypaSL0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwODE4MTIyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JkNWE2NGY4YjM4YWQ2ZmM3MWYwYjY4ZDAzM2NhOWJhMWU0NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQtdxzuGnc0GMFgqUITcuOFPd++u
EAECBGKTv38P9NCCoTteJOnLYU3ubpPvWBy7RvgRbm0oks45ISDUamjUZ5p8Wa6v
4nJT6M5yNlO8zaoHblNGsrZHdFpZa0LfLMyoVzhcVdYQHzWk+wf5POqj10BDYxvE
Kt0bqpB4CZsrJ9uKS/ciRk8SnoR4Z/6jrVRL6EAyI0EOsa70dbOugYGNdGYmn0qe
HQFW0SurUNOhU0+FnTUJkNezRNAejV1CYNgF/XXqh9hRFK98D/pNyYXAph0uX0B4
gWECMcPSQqix0rTbd07v8Cj6sej6EsHMLzdqIUfMhcWmgdq8eZPvnlo45wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGO9WmT4s4rW/HHwto0DPKm6HkRxMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvWTcxYVpQaXppdGI4Y2ZDMmpRTThxYm9lUkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrVAwQA
BQreMA0GCSqGSIb3DQEBCwUAA4IBAQCm97QeZDqfxB5zzn95Dg/iYn7RjUT1QgX7
xNWjPyF0V7WjGnICJZIeExQihUFMj1+h8mrhKdqK30VTpaNskfdIlOCycLfXKz63
mF+pJ5wEvwl2gSIC/p7eSyU4p+4pWZLh163RsiVoqi1wZFSEzkB+0ZTOKOgVzXxe
8fIv7wpaVIrhccN8omxyVF1ST2kAU/FKU9VWPwfOqp0wYMjgsbrr8hhSwxRmSULj
+yUXfsJI2v9O2G8YBvD40oegfxoz73paA/MEP9FtYXN3ASGNl1vD/ozLVYv2Qu7C
5RrFK4t09Z1vsy+azBpNBSBktbqR4miSm3aMHn+XWbC7Usz+TZYK
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:09:36 2025 by rpki-client