Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/g7iSOilt-gW2IHAFJDTin_UR6Sk.roa
File: g7iSOilt-gW2IHAFJDTin_UR6Sk.roa (raw, json)
Hash identifier: 6d6/Rxfzkc0sV1p0NeBijXFLS4iB5Dd77lkN109Rg/I=
Subject key identifier: 83:B8:92:3A:29:6D:FA:05:B6:20:70:05:24:34:E2:9F:F5:11:E9:29
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0197A0F55A41E342ED7692D8EF8E520F06A0
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/g7iSOilt-gW2IHAFJDTin_UR6Sk.roa
Signing time: Tue 24 Jun 2025 08:02:03 +0000
ROA not before: Tue 24 Jun 2025 08:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 140.150.8.0/24 maxlen: 24
140.150.13.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.17.0/24 maxlen: 24
146.103.69.0/24 maxlen: 24
146.103.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:f5:5a:41:e3:42:ed:76:92:d8:ef:8e:52:0f:06:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jun 24 08:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83b8923a296dfa05b62070052434e29ff511e929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:dd:e2:40:ba:32:c9:0d:a5:a0:89:27:a5:
c3:a2:73:7c:bd:a4:e1:e1:ba:24:5f:d5:58:07:a5:
f4:31:10:5e:4c:24:1e:0d:c7:12:ee:13:0b:91:91:
30:99:a1:91:40:1b:b3:e1:23:dc:bd:c6:64:a7:ba:
8d:a9:8a:62:81:f5:79:35:19:80:88:aa:95:95:45:
78:fd:d0:80:25:e1:89:f2:bf:75:f2:58:7b:c7:1f:
fb:7f:27:8f:7e:7f:83:2b:3f:32:7d:22:72:f6:11:
ee:7a:a9:79:56:80:61:01:9b:be:87:d0:80:0b:79:
74:9b:31:29:73:b5:7f:38:a7:77:47:1c:36:02:ba:
7e:3e:87:1d:09:0e:4f:50:1f:0a:98:f4:23:a9:d8:
60:d4:22:cd:d4:b5:8a:3f:4e:0f:26:ba:3f:63:2f:
7e:c4:d2:15:34:13:58:87:06:51:bd:4a:25:17:1d:
5f:3a:1a:a6:14:c9:70:54:f3:5b:9d:1e:26:97:46:
b8:f4:fb:fd:ba:3f:24:68:0e:38:75:b5:b7:16:c2:
8e:22:8c:3a:2b:4d:d3:f1:5a:07:a2:c1:af:30:f0:
67:d4:35:2a:2e:80:7c:b8:4f:23:98:87:37:de:7e:
8f:93:cc:cf:98:cc:1a:88:93:b9:7e:32:50:33:21:
31:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B8:92:3A:29:6D:FA:05:B6:20:70:05:24:34:E2:9F:F5:11:E9:29
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/g7iSOilt-gW2IHAFJDTin_UR6Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.8.0/24
140.150.13.0/24
140.150.16.0/23
146.103.69.0-146.103.70.255
Signature Algorithm: sha256WithRSAEncryption
3a:90:c3:46:0b:fb:d6:f3:c2:54:81:ec:bd:3a:b1:04:9d:97:
33:80:15:20:d2:de:b3:df:0c:2c:68:ec:81:1f:bb:57:b1:aa:
f4:c2:a3:eb:9b:0b:ad:79:75:ed:cd:69:75:8c:b0:01:a9:b6:
92:8a:77:e9:e9:a6:ad:94:7f:ca:8d:cd:46:f0:56:5d:57:e2:
49:59:13:3b:16:70:d2:1a:b5:d2:35:d6:04:82:37:2f:45:9d:
35:5c:a4:01:34:b1:1f:cd:6f:b2:27:64:ac:04:40:79:b9:d4:
43:e9:92:a4:8e:aa:72:af:4b:59:e0:e1:35:04:ea:93:e9:31:
4d:c6:d8:1c:3c:99:c6:b9:49:61:d9:e7:96:f9:d6:f8:cf:83:
3f:98:c1:51:88:e4:9c:02:7b:4c:5b:64:34:3f:1d:49:95:c6:
38:99:25:24:e0:12:30:11:c8:97:9a:08:0c:1d:46:bf:40:17:
1a:3f:40:98:76:42:03:bd:88:5d:38:8a:12:c1:07:41:6c:a3:
f3:e9:e5:77:9d:7f:a6:0b:ba:3e:8b:4b:22:60:e0:03:8a:7b:
eb:7c:48:d2:a4:01:be:25:31:bb:36:24:90:cc:f6:0d:0c:42:
f6:67:ea:65:7e:c8:1b:b4:96:b5:51:5f:8a:90:90:d4:12:04:
1b:20:5b:8e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZeg9VpB40LtdpLY745SDwagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNjI0MDgwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I4OTIzYTI5NmRmYTA1YjYyMDcwMDUyNDM0ZTI5ZmY1MTFlOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVnd4kC6MskNpaCJJ6XDonN8vaTh
4bokX9VYB6X0MRBeTCQeDccS7hMLkZEwmaGRQBuz4SPcvcZkp7qNqYpigfV5NRmA
iKqVlUV4/dCAJeGJ8r918lh7xx/7fyePfn+DKz8yfSJy9hHueql5VoBhAZu+h9CA
C3l0mzEpc7V/OKd3Rxw2Arp+PocdCQ5PUB8KmPQjqdhg1CLN1LWKP04PJro/Yy9+
xNIVNBNYhwZRvUolFx1fOhqmFMlwVPNbnR4ml0a49Pv9uj8kaA44dbW3FsKOIow6
K03T8VoHosGvMPBn1DUqLoB8uE8jmIc33n6Pk8zPmMwaiJO5fjJQMyExwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIO4kjopbfoFtiBwBSQ04p/1EekpMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvZzdpU09pbHQtZ1cySUhBRkpEVGluX1VSNlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjJYIAwQA
jJYNAwQBjJYQMAwDBACSZ0UDBACSZ0YwDQYJKoZIhvcNAQELBQADggEBADqQw0YL
+9bzwlSB7L06sQSdlzOAFSDS3rPfDCxo7IEfu1exqvTCo+ubC615de3NaXWMsAGp
tpKKd+nppq2Uf8qNzUbwVl1X4klZEzsWcNIatdI11gSCNy9FnTVcpAE0sR/Nb7In
ZKwEQHm51EPpkqSOqnKvS1ng4TUE6pPpMU3G2Bw8mca5SWHZ55b51vjPgz+YwVGI
5JwCe0xbZDQ/HUmVxjiZJSTgEjARyJeaCAwdRr9AFxo/QJh2QgO9iF04ihLBB0Fs
o/Pp5Xedf6YLuj6LSyJg4AOKe+t8SNKkAb4lMbs2JJDM9g0MQvZn6mV+yBu0lrVR
X4qQkNQSBBsgW44=
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:48:49 2025 by rpki-client