Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/eTKtoFWz_Mx4YanJDAi3s36ZTD0.roa
File: eTKtoFWz_Mx4YanJDAi3s36ZTD0.roa (raw, json)
Hash identifier: /F4jtOytXs7E/d+FweZOPefzhGOW8m0ae7Vd5vmb9SU=
Subject key identifier: 79:32:AD:A0:55:B3:FC:CC:78:61:A9:C9:0C:08:B7:B3:7E:99:4C:3D
Certificate issuer: /CN=d7974f43746876558357f1fb91c3852a583a1453
Certificate serial: 01977DB53838AB220C04E30F175007C928AA
Authority key identifier: D7:97:4F:43:74:68:76:55:83:57:F1:FB:91:C3:85:2A:58:3A:14:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/eTKtoFWz_Mx4YanJDAi3s36ZTD0.roa
Signing time: Tue 17 Jun 2025 11:45:17 +0000
ROA not before: Tue 17 Jun 2025 11:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44418
IP address blocks: 81.161.59.0/24 maxlen: 24
91.199.104.0/24 maxlen: 24
91.220.75.0/24 maxlen: 24
195.189.155.0/24 maxlen: 24
195.210.4.0/23 maxlen: 23
2001:67c:eb4::/48 maxlen: 48
2001:67c:1438::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:b5:38:38:ab:22:0c:04:e3:0f:17:50:07:c9:28:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7974f43746876558357f1fb91c3852a583a1453
Validity
Not Before: Jun 17 11:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7932ada055b3fccc7861a9c90c08b7b37e994c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:41:0c:a2:e0:89:45:74:b0:e2:65:f8:88:14:
85:03:78:18:41:7a:88:1f:b4:57:40:f0:b8:04:8a:
7a:18:89:92:d9:7e:25:9d:15:8c:72:eb:79:82:81:
cd:5c:2c:d3:77:6a:0d:d2:b9:89:26:69:2f:a3:30:
49:8b:b7:6d:c6:df:9e:4a:f0:95:85:ac:f7:c7:b5:
88:54:61:20:a5:b1:41:7e:72:c2:fa:75:18:8e:cd:
35:79:bd:27:5d:60:62:37:bd:7f:68:0b:bc:79:1d:
42:45:ef:de:11:f7:f3:b3:aa:7b:34:f8:e8:a2:a3:
91:22:62:d7:3a:45:a1:22:dc:78:02:ba:be:7b:2d:
90:42:5e:00:94:0e:75:41:af:d4:9d:87:cf:c5:15:
a1:e2:2e:9c:44:b0:df:4b:1f:6d:0a:9c:90:bf:f3:
fb:96:da:77:16:09:b4:e6:3f:cb:60:87:96:ea:31:
10:d6:bf:58:76:3a:15:45:b5:a4:89:97:b9:70:a2:
85:43:a3:32:b7:41:32:e5:67:ac:e2:49:0f:3c:39:
1e:2d:b2:85:93:d2:25:2e:c8:ce:aa:e2:6a:47:a5:
57:0d:5d:96:8b:dc:04:07:c2:d9:e9:83:40:3c:ff:
f9:23:72:6e:4b:08:4a:3c:d3:7f:13:3c:1b:af:8c:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:32:AD:A0:55:B3:FC:CC:78:61:A9:C9:0C:08:B7:B3:7E:99:4C:3D
X509v3 Authority Key Identifier:
keyid:D7:97:4F:43:74:68:76:55:83:57:F1:FB:91:C3:85:2A:58:3A:14:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/eTKtoFWz_Mx4YanJDAi3s36ZTD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.59.0/24
91.199.104.0/24
91.220.75.0/24
195.189.155.0/24
195.210.4.0/23
IPv6:
2001:67c:eb4::/48
2001:67c:1438::/48
Signature Algorithm: sha256WithRSAEncryption
58:bb:d9:7d:e4:46:e4:a4:90:ce:bb:23:ee:8b:c0:82:04:ae:
57:a8:37:58:62:1c:15:4d:28:d9:83:b8:32:f3:b8:84:4e:e3:
43:4c:70:8d:13:b7:40:6c:44:05:65:41:e3:51:ac:f3:74:b9:
69:3a:91:e9:8f:9d:d1:f7:96:5a:d1:a5:dc:61:dc:2a:79:ac:
f4:53:60:77:da:dd:06:38:30:23:eb:5c:5e:a5:19:6f:48:e1:
4d:83:58:b7:89:f7:c7:e4:3c:00:39:7c:1b:83:91:69:e0:d9:
d3:a4:3b:5a:18:92:0f:5c:74:3a:d1:cb:4d:65:4a:9c:9b:63:
53:fb:f3:56:f1:bb:11:fe:3d:8a:1a:21:9e:8d:77:1d:c3:e7:
b8:b0:6b:8f:f6:3b:e6:bb:11:03:ed:31:7d:05:69:3e:fe:c5:
17:f6:28:1c:d4:da:92:2a:90:87:d4:ff:2d:93:37:c1:ba:a8:
6b:bd:3d:91:c5:da:47:ee:66:a0:ed:33:65:3a:40:7d:ce:cd:
a0:cb:32:14:24:b7:91:6b:dd:37:ff:4f:e8:be:ec:df:ea:8c:
75:db:52:4b:2e:98:6e:86:08:c8:02:c6:32:0a:2e:ae:e9:7c:
d9:b7:97:41:17:2f:bb:80:80:6f:c6:a7:02:a0:e9:6b:5f:d0:
bd:83:63:26
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZd9tTg4qyIMBOMPF1AHySiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc0ZjQzNzQ2ODc2NTU4MzU3ZjFmYjkxYzM4NTJhNTgz
YTE0NTMwHhcNMjUwNjE3MTE0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTMyYWRhMDU1YjNmY2NjNzg2MWE5YzkwYzA4YjdiMzdlOTk0YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UEMouCJRXSw4mX4iBSFA3gYQXqI
H7RXQPC4BIp6GImS2X4lnRWMcut5goHNXCzTd2oN0rmJJmkvozBJi7dtxt+eSvCV
haz3x7WIVGEgpbFBfnLC+nUYjs01eb0nXWBiN71/aAu8eR1CRe/eEffzs6p7NPjo
oqORImLXOkWhItx4Arq+ey2QQl4AlA51Qa/UnYfPxRWh4i6cRLDfSx9tCpyQv/P7
ltp3Fgm05j/LYIeW6jEQ1r9YdjoVRbWkiZe5cKKFQ6Myt0Ey5Wes4kkPPDkeLbKF
k9IlLsjOquJqR6VXDV2Wi9wEB8LZ6YNAPP/5I3JuSwhKPNN/Ezwbr4zKWwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHkyraBVs/zMeGGpyQwIt7N+mUw9MB8GA1UdIwQY
MBaAFNeXT0N0aHZVg1fx+5HDhSpYOhRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVkUFEzUm9kbFdEVl9IN2tjT0ZLbGc2RkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi82MDY5YzItOTYyNS00ZmZmLWI3Mzct
Y2MyNjViMDQ2MWMyLzEvZVRLdG9GV3pfTXg0WWFuSkRBaTNzMzZaVEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi82MDY5YzItOTYyNS00ZmZmLWI3MzctY2MyNjViMDQ2MWMy
LzEvMTVkUFEzUm9kbFdEVl9IN2tjT0ZLbGc2RkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAUaE7AwQA
W8doAwQAW9xLAwQAw72bAwQBw9IEMBgEAgACMBIDBwAgAQZ8DrQDBwAgAQZ8FDgw
DQYJKoZIhvcNAQELBQADggEBAFi72X3kRuSkkM67I+6LwIIErleoN1hiHBVNKNmD
uDLzuIRO40NMcI0Tt0BsRAVlQeNRrPN0uWk6kemPndH3llrRpdxh3Cp5rPRTYHfa
3QY4MCPrXF6lGW9I4U2DWLeJ98fkPAA5fBuDkWng2dOkO1oYkg9cdDrRy01lSpyb
Y1P781bxuxH+PYoaIZ6Ndx3D57iwa4/2O+a7EQPtMX0FaT7+xRf2KBzU2pIqkIfU
/y2TN8G6qGu9PZHF2kfuZqDtM2U6QH3OzaDLMhQkt5Fr3Tf/T+i+7N/qjHXbUksu
mG6GCMgCxjIKLq7pfNm3l0EXL7uAgG/GpwKg6Wtf0L2DYyY=
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:26:58 2025 by rpki-client