Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/7jTBlGSOzUArG5VVhBc9-xgZPdQ.roa
File: 7jTBlGSOzUArG5VVhBc9-xgZPdQ.roa (raw, json)
Hash identifier: yavmUXM6+em4MudJtfPugju27DvKZrSpZnOFW626fug=
Subject key identifier: EE:34:C1:94:64:8E:CD:40:2B:1B:95:55:84:17:3D:FB:18:19:3D:D4
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 01978234F3C0383F36078F9F3AA5596E7323
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/7jTBlGSOzUArG5VVhBc9-xgZPdQ.roa
Signing time: Wed 18 Jun 2025 08:43:17 +0000
ROA not before: Wed 18 Jun 2025 08:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212655
IP address blocks: 88.97.192.0/18 maxlen: 18
88.97.192.0/21 maxlen: 21
88.97.200.0/21 maxlen: 21
88.97.200.0/23 maxlen: 23
88.97.202.0/23 maxlen: 23
88.97.204.0/23 maxlen: 23
88.97.206.0/23 maxlen: 23
88.97.208.0/21 maxlen: 21
88.97.216.0/21 maxlen: 21
88.97.224.0/21 maxlen: 21
88.97.232.0/21 maxlen: 21
88.97.240.0/22 maxlen: 22
88.97.240.0/23 maxlen: 23
88.97.244.0/22 maxlen: 22
88.97.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:34:f3:c0:38:3f:36:07:8f:9f:3a:a5:59:6e:73:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jun 18 08:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee34c194648ecd402b1b955584173dfb18193dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b9:7b:b9:b1:6f:df:1e:5e:29:d6:5c:8c:be:
55:79:45:56:20:36:3e:ba:af:25:bc:0f:20:8c:a8:
59:9d:62:08:98:5c:44:e2:08:0e:ec:5d:9c:22:bf:
f2:86:bf:d2:58:03:91:e9:fb:b4:8e:7b:97:7d:62:
e4:41:4f:4f:3f:f3:57:6d:2e:a2:65:80:c6:4f:fc:
0e:db:1f:5f:c9:86:c1:e4:af:96:83:85:ef:9f:e4:
b7:6e:cf:86:5d:8c:98:56:fb:77:61:3b:d6:e8:51:
ab:19:7f:1d:4e:42:50:5f:01:5a:75:dd:91:ab:30:
c5:af:ae:9b:46:98:0d:1c:23:dd:dc:d9:b5:71:1c:
1a:43:3e:79:0d:57:3f:26:2d:2d:15:1a:37:df:e9:
c0:3e:cc:2e:35:ed:56:91:63:6e:53:dd:06:63:9d:
29:59:82:7f:bd:09:a9:10:7e:90:4f:3e:71:6f:9c:
b6:8a:22:e4:84:37:11:6d:cb:01:17:a9:9a:21:6c:
71:68:b5:4a:b0:b1:5a:f8:df:6c:47:c5:2f:92:62:
3b:8e:34:95:2c:6d:ce:cb:ce:68:b4:c9:7c:87:2b:
fb:b9:cd:5a:68:4d:16:9d:c2:4c:7a:f2:4b:eb:d0:
39:0b:7b:ce:19:0b:e9:ea:fb:d7:48:fd:24:a6:4a:
a6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:34:C1:94:64:8E:CD:40:2B:1B:95:55:84:17:3D:FB:18:19:3D:D4
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/7jTBlGSOzUArG5VVhBc9-xgZPdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a3:43:2d:8a:62:80:11:5d:cc:20:af:85:08:cd:c5:dc:3a:e4:
4f:f7:c8:d2:49:cc:f8:55:dd:3a:59:74:30:d8:3d:b8:ed:3a:
2a:27:7e:b6:23:6d:85:5e:86:83:de:53:a7:58:06:17:2a:0e:
1a:bc:6d:39:67:f5:73:7c:09:61:5c:89:c2:8a:8b:14:82:7c:
15:13:08:5b:0a:47:35:ec:f6:94:86:81:a5:83:94:43:de:8b:
69:22:10:6b:57:85:cb:57:e2:9f:73:57:f5:f0:dd:49:41:49:
9f:1f:ff:5d:ce:22:d6:26:7c:94:a6:2a:e3:47:1d:7e:4b:71:
fe:f9:6a:f8:f1:38:da:75:fa:87:77:f9:a6:0a:08:40:29:f5:
35:06:38:94:17:85:4a:10:2e:c2:e4:dd:da:32:1a:04:9c:bf:
3c:ad:30:6a:c3:47:64:d3:fb:63:d3:46:37:55:3b:48:f5:74:
4a:87:f2:b0:01:bd:3e:f2:4f:87:04:01:9e:48:03:30:c9:5a:
5b:e2:01:3d:e4:48:0c:ce:d2:7a:8a:88:78:9e:bd:7a:21:bc:
ae:92:78:b0:38:f6:50:2b:75:07:4e:20:24:dc:a3:6f:7a:df:
de:c4:a5:b4:18:90:c3:f1:b3:e7:4a:2d:cd:9f:95:36:c7:ea:
78:52:51:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeCNPPAOD82B4+fOqVZbnMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjUwNjE4MDg0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTM0YzE5NDY0OGVjZDQwMmIxYjk1NTU4NDE3M2RmYjE4MTkzZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rl7ubFv3x5eKdZcjL5VeUVWIDY+
uq8lvA8gjKhZnWIImFxE4ggO7F2cIr/yhr/SWAOR6fu0jnuXfWLkQU9PP/NXbS6i
ZYDGT/wO2x9fyYbB5K+Wg4Xvn+S3bs+GXYyYVvt3YTvW6FGrGX8dTkJQXwFadd2R
qzDFr66bRpgNHCPd3Nm1cRwaQz55DVc/Ji0tFRo33+nAPswuNe1WkWNuU90GY50p
WYJ/vQmpEH6QTz5xb5y2iiLkhDcRbcsBF6maIWxxaLVKsLFa+N9sR8UvkmI7jjSV
LG3Oy85otMl8hyv7uc1aaE0WncJMevJL69A5C3vOGQvp6vvXSP0kpkqmFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO40wZRkjs1AKxuVVYQXPfsYGT3UMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvN2pUQmxHU096VUFyRzVWVmhCYzkteGdaUGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGWGHAMA0G
CSqGSIb3DQEBCwUAA4IBAQCjQy2KYoARXcwgr4UIzcXcOuRP98jSScz4Vd06WXQw
2D247ToqJ362I22FXoaD3lOnWAYXKg4avG05Z/VzfAlhXInCiosUgnwVEwhbCkc1
7PaUhoGlg5RD3otpIhBrV4XLV+Kfc1f18N1JQUmfH/9dziLWJnyUpirjRx1+S3H+
+Wr48TjadfqHd/mmCghAKfU1BjiUF4VKEC7C5N3aMhoEnL88rTBqw0dk0/tj00Y3
VTtI9XRKh/KwAb0+8k+HBAGeSAMwyVpb4gE95EgMztJ6ioh4nr16IbyukniwOPZQ
K3UHTiAk3KNvet/exKW0GJDD8bPnSi3Nn5U2x+p4UlEq
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:18:41 2025 by rpki-client