Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/XAuS9cOwofHgKjN6xo-X_k1g2lU.roa
File: XAuS9cOwofHgKjN6xo-X_k1g2lU.roa (raw, json)
Hash identifier: Lo5NNvDG5NABaesijqIjgNuDV8o9REZpW5yI1jXz28M=
Subject key identifier: 5C:0B:92:F5:C3:B0:A1:F1:E0:2A:33:7A:C6:8F:97:FE:4D:60:DA:55
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0196A601FE3305E38B7E0DC7990319C90E7D
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/XAuS9cOwofHgKjN6xo-X_k1g2lU.roa
Signing time: Tue 06 May 2025 14:31:10 +0000
ROA not before: Tue 06 May 2025 14:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215882
IP address blocks: 81.16.142.0/23 maxlen: 23
81.16.142.0/24 maxlen: 24
81.16.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 22:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:01:fe:33:05:e3:8b:7e:0d:c7:99:03:19:c9:0e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: May 6 14:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c0b92f5c3b0a1f1e02a337ac68f97fe4d60da55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:64:f3:67:9a:a5:88:d3:aa:02:49:85:2a:
8e:7f:eb:9b:06:59:2f:89:03:4e:57:bb:e3:95:52:
a8:60:16:41:96:c2:b6:58:a3:d3:d2:86:6d:55:3a:
a3:7b:92:14:64:45:f2:4d:aa:19:53:95:aa:5f:0a:
61:95:08:3e:32:30:43:35:31:73:52:b2:f9:0e:ab:
30:13:b7:4d:9c:b0:87:6d:da:10:8d:7e:f5:c8:75:
af:61:af:e6:23:d1:dd:9e:19:69:37:78:18:0d:0a:
1e:02:4d:6c:01:6b:f1:f9:7a:e6:b4:19:2a:cd:9b:
e4:8d:29:d5:b8:3d:a4:bb:2d:a5:0b:4e:6f:f3:9d:
8c:21:cb:a5:54:90:ff:82:e2:5c:f1:08:fa:1b:a4:
e0:82:b2:99:fb:6e:90:69:92:77:9c:23:af:d3:5b:
72:44:1b:7f:68:6a:ea:0a:ae:c6:1e:12:d4:82:cc:
5d:0d:59:e5:04:71:0f:ad:f9:2f:49:cc:37:29:10:
62:d8:4c:80:c9:e6:d2:49:cf:99:62:a9:4e:80:82:
d0:14:71:9d:6f:3b:6b:13:5d:fa:1a:dc:1a:58:73:
4a:fa:93:98:c5:02:94:16:7e:95:42:09:15:c8:1e:
ed:44:bf:d1:20:75:f6:f9:4c:0c:73:98:35:09:40:
89:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0B:92:F5:C3:B0:A1:F1:E0:2A:33:7A:C6:8F:97:FE:4D:60:DA:55
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/XAuS9cOwofHgKjN6xo-X_k1g2lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.142.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:23:64:ce:33:4c:8c:fe:3b:9f:03:54:38:5a:e6:c0:54:6c:
95:1c:a4:55:0f:60:a8:21:50:d4:6d:38:a3:9a:a4:b9:6a:91:
84:e4:ea:dd:c1:06:3b:63:de:6c:b2:b0:6e:2e:27:bb:36:01:
96:49:40:aa:5d:ba:03:f8:49:57:72:60:64:5a:0d:e1:9d:8f:
a9:92:ff:52:6f:d7:94:c7:aa:d6:0a:f5:2c:e2:ff:4b:90:c5:
53:42:8b:60:12:d4:1a:5f:3b:c7:a4:be:ba:04:f3:d9:f1:b2:
06:eb:e4:0f:cc:be:96:e3:cc:85:f8:8a:e6:a9:3e:02:03:99:
a3:43:c1:7b:25:16:17:d1:62:19:d5:96:59:e6:f8:e9:f5:e8:
a4:64:fe:ff:e7:ff:65:fe:c8:d4:65:10:67:45:fe:55:65:e8:
7f:d8:45:3c:95:f7:05:b2:3b:ad:f9:4f:f0:4f:d9:b3:24:7a:
74:30:b3:09:39:07:2b:24:e8:21:77:c9:1e:95:4b:28:10:7f:
78:91:c9:88:ae:63:59:ba:27:bb:ce:46:18:22:c3:9e:2a:b5:
49:83:7a:44:68:8d:71:db:1f:7b:ad:ab:a3:30:7d:1e:4e:9c:
7c:70:ef:3a:b1:f8:e7:fa:53:9a:0f:08:77:ac:24:73:f5:a5:
46:38:48:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZamAf4zBeOLfg3HmQMZyQ59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNTA2MTQzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBiOTJmNWMzYjBhMWYxZTAyYTMzN2FjNjhmOTdmZTRkNjBkYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDVk82eapYjTqgJJhSqOf+ubBlkv
iQNOV7vjlVKoYBZBlsK2WKPT0oZtVTqje5IUZEXyTaoZU5WqXwphlQg+MjBDNTFz
UrL5DqswE7dNnLCHbdoQjX71yHWvYa/mI9HdnhlpN3gYDQoeAk1sAWvx+XrmtBkq
zZvkjSnVuD2kuy2lC05v852MIculVJD/guJc8Qj6G6TggrKZ+26QaZJ3nCOv01ty
RBt/aGrqCq7GHhLUgsxdDVnlBHEPrfkvScw3KRBi2EyAyebSSc+ZYqlOgILQFHGd
bztrE136GtwaWHNK+pOYxQKUFn6VQgkVyB7tRL/RIHX2+UwMc5g1CUCJ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwLkvXDsKHx4CozesaPl/5NYNpVMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvWEF1UzljT3dvZkhnS2pONnhvLVhfazFnMmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBURCOMA0G
CSqGSIb3DQEBCwUAA4IBAQBMI2TOM0yM/jufA1Q4WubAVGyVHKRVD2CoIVDUbTij
mqS5apGE5OrdwQY7Y95ssrBuLie7NgGWSUCqXboD+ElXcmBkWg3hnY+pkv9Sb9eU
x6rWCvUs4v9LkMVTQotgEtQaXzvHpL66BPPZ8bIG6+QPzL6W48yF+IrmqT4CA5mj
Q8F7JRYX0WIZ1ZZZ5vjp9eikZP7/5/9l/sjUZRBnRf5VZeh/2EU8lfcFsjut+U/w
T9mzJHp0MLMJOQcrJOghd8kelUsoEH94kcmIrmNZuie7zkYYIsOeKrVJg3pEaI1x
2x97raujMH0eTpx8cO86sfjn+lOaDwh3rCRz9aVGOEga
-----END CERTIFICATE-----
Generated at Wed May 14 07:06:46 2025 by rpki-client