Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/sdKlP2Aw2qctGsD4JmkFw0F6ogE.roa
File: sdKlP2Aw2qctGsD4JmkFw0F6ogE.roa (raw, json)
Hash identifier: QHNv9dzaWkHzsPtxPcBQqXpHwKOh3KwCvpG8ivysLbs=
Subject key identifier: B1:D2:A5:3F:60:30:DA:A7:2D:1A:C0:F8:26:69:05:C3:41:7A:A2:01
Certificate issuer: /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial: 0197C53A5016CCC7AC9AD7B49FCFCBBDBD09
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/sdKlP2Aw2qctGsD4JmkFw0F6ogE.roa
Signing time: Tue 01 Jul 2025 09:03:42 +0000
ROA not before: Tue 01 Jul 2025 09:03:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 5.250.255.0/24 maxlen: 24
185.123.54.0/24 maxlen: 24
194.53.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:3a:50:16:cc:c7:ac:9a:d7:b4:9f:cf:cb:bd:bd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Validity
Not Before: Jul 1 09:03:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1d2a53f6030daa72d1ac0f8266905c3417aa201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6a:4d:35:e7:20:ee:d4:7e:35:ff:6a:56:c0:
b7:d6:9e:c8:73:a1:4e:60:f8:fe:c3:d8:e8:e9:4e:
71:5f:e3:93:f2:81:2c:a9:ab:5b:05:2e:d3:ff:1c:
1f:d6:1b:d9:84:0f:43:7c:58:e7:a2:77:64:81:1d:
72:8f:3c:8a:fe:da:82:33:f7:f3:6c:02:0c:45:a2:
fe:f7:e1:f1:a6:2f:e0:7d:ae:85:82:25:78:42:a9:
b9:ef:60:df:f1:ed:1e:70:d0:f0:a3:c4:50:0e:40:
da:9d:b5:c9:96:2c:ef:74:6c:94:ca:cb:a4:96:e9:
87:32:ab:11:00:58:c5:98:ae:7a:97:5e:77:28:17:
5e:99:96:fb:f4:e5:a5:41:d2:a2:b3:38:7b:94:e1:
fd:33:b5:71:87:b5:f3:49:19:bf:1d:04:ad:b5:29:
ee:93:9c:e3:f5:77:d2:23:7d:7c:c0:4a:4a:c8:db:
fe:60:de:e6:2a:a9:da:dc:4e:56:5b:08:a9:2a:7b:
5c:12:b6:e6:28:5a:cf:8a:cb:c9:0c:f6:27:d4:0d:
ee:87:0e:42:9b:f6:8e:83:54:9f:33:48:fe:57:72:
6b:66:6f:21:67:ff:3c:b1:89:5c:27:bc:39:ed:b6:
a0:30:7c:ee:62:ac:3a:c8:b2:5c:69:ed:91:40:c9:
b2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D2:A5:3F:60:30:DA:A7:2D:1A:C0:F8:26:69:05:C3:41:7A:A2:01
X509v3 Authority Key Identifier:
keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/sdKlP2Aw2qctGsD4JmkFw0F6ogE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.255.0/24
185.123.54.0/24
194.53.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:f6:63:70:59:f2:5a:2e:f2:92:2c:87:79:f5:96:93:a7:aa:
f5:b9:1f:45:98:3c:89:92:df:7d:fc:cf:25:3c:fd:c6:bb:f4:
c5:c0:a6:ad:0e:12:58:3c:9c:73:7f:b6:43:9e:11:2b:da:40:
12:bd:3e:68:eb:68:ce:25:2d:13:01:af:d6:87:41:45:27:16:
90:a3:38:b1:3a:9e:69:0f:f4:65:f6:65:e2:dd:17:a9:8e:85:
5d:28:07:a7:37:5a:f6:39:d3:8f:12:fa:25:23:9e:68:02:54:
35:e3:8e:2a:a6:11:16:2b:ac:88:e2:73:82:f2:19:99:4e:8a:
63:1b:c4:85:77:a1:43:ca:b1:ed:00:5f:5d:90:06:d7:47:45:
82:81:50:d9:81:43:bd:62:e3:44:2f:4e:74:22:92:01:7a:b1:
f8:1d:4c:b5:e3:1a:aa:61:1b:9b:80:08:34:1b:e9:8b:e4:2b:
77:cf:cd:1f:77:3f:77:99:ff:69:48:75:0e:cc:2e:80:d0:e4:
b1:0a:bb:b9:36:c9:79:ae:91:37:87:c4:21:4d:6f:48:34:af:
7d:c3:f4:a0:d0:79:2e:11:fe:d3:6c:70:e2:4c:91:7b:18:d6:
54:4e:91:36:74:2b:92:2e:bb:b2:1f:93:28:61:ee:2b:27:06:
5a:b9:f7:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfFOlAWzMesmte0n8/Lvb0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjUwNzAxMDkwMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQyYTUzZjYwMzBkYWE3MmQxYWMwZjgyNjY5MDVjMzQxN2FhMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2pNNecg7tR+Nf9qVsC31p7Ic6FO
YPj+w9jo6U5xX+OT8oEsqatbBS7T/xwf1hvZhA9DfFjnondkgR1yjzyK/tqCM/fz
bAIMRaL+9+Hxpi/gfa6FgiV4Qqm572Df8e0ecNDwo8RQDkDanbXJlizvdGyUysuk
lumHMqsRAFjFmK56l153KBdemZb79OWlQdKiszh7lOH9M7Vxh7XzSRm/HQSttSnu
k5zj9XfSI318wEpKyNv+YN7mKqna3E5WWwipKntcErbmKFrPisvJDPYn1A3uhw5C
m/aOg1SfM0j+V3JrZm8hZ/88sYlcJ7w57bagMHzuYqw6yLJcae2RQMmy1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLHSpT9gMNqnLRrA+CZpBcNBeqIBMB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvc2RLbFAyQXcycWN0R3NENEpta0Z3MEY2b2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABfr/AwQA
uXs2AwQAwjWKMA0GCSqGSIb3DQEBCwUAA4IBAQAr9mNwWfJaLvKSLId59ZaTp6r1
uR9FmDyJkt99/M8lPP3Gu/TFwKatDhJYPJxzf7ZDnhEr2kASvT5o62jOJS0TAa/W
h0FFJxaQozixOp5pD/Rl9mXi3RepjoVdKAenN1r2OdOPEvolI55oAlQ1444qphEW
K6yI4nOC8hmZTopjG8SFd6FDyrHtAF9dkAbXR0WCgVDZgUO9YuNEL050IpIBerH4
HUy14xqqYRubgAg0G+mL5Ct3z80fdz93mf9pSHUOzC6A0OSxCru5Nsl5rpE3h8Qh
TW9INK99w/Sg0HkuEf7TbHDiTJF7GNZUTpE2dCuSLruyH5MoYe4rJwZaufee
-----END CERTIFICATE-----
Generated at Tue Jul 1 19:33:54 2025 by rpki-client