Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/f_OzeuNZZpFRkQXgKxfAv-EvWx8.roa
File: f_OzeuNZZpFRkQXgKxfAv-EvWx8.roa (raw, json)
Hash identifier: 0uWs0IR99RTd6XlTaf3AtMr0IFQTi8n5Km7ugcXmb88=
Subject key identifier: 7F:F3:B3:7A:E3:59:66:91:51:91:05:E0:2B:17:C0:BF:E1:2F:5B:1F
Certificate issuer: /CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Certificate serial: 0197AC10A9450E0CD0C61A75EE1139E26BA7
Authority key identifier: 7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/f_OzeuNZZpFRkQXgKxfAv-EvWx8.roa
Signing time: Thu 26 Jun 2025 11:47:42 +0000
ROA not before: Thu 26 Jun 2025 11:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213953
IP address blocks: 88.218.16.0/24 maxlen: 24
88.218.18.0/24 maxlen: 24
193.228.91.0/24 maxlen: 24
193.228.168.0/24 maxlen: 24
193.228.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:10:a9:45:0e:0c:d0:c6:1a:75:ee:11:39:e2:6b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee053cb9cb4f41c1e4773e7f16e84bb57522033
Validity
Not Before: Jun 26 11:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ff3b37ae3596691519105e02b17c0bfe12f5b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ba:96:c9:4c:b3:3d:71:ed:42:1d:4e:6f:d3:
6e:52:9b:7b:15:26:bb:a4:24:0e:c8:21:67:f8:80:
11:e7:cc:e5:5b:f2:38:15:fa:cf:d2:da:e5:b5:5d:
79:bc:c2:38:f2:e1:dc:4f:34:3b:d9:33:1c:d8:48:
3c:d7:b3:73:4c:78:71:22:dc:c3:94:7d:32:11:8b:
e9:f3:e8:d6:59:c5:ae:e3:24:a9:4f:00:e9:ab:e7:
ec:9a:d4:50:b3:61:f8:e8:c2:6e:22:e5:df:7e:b3:
96:71:15:c6:82:47:1b:0f:91:92:1b:d7:a2:c5:ef:
88:7b:94:70:e2:8d:0d:7d:89:5a:4a:8a:3d:25:a1:
3f:a2:d1:cc:d0:b1:3f:3d:78:49:af:e9:1e:0c:62:
0c:a7:4d:7b:99:6b:c2:ab:91:0e:a2:61:d5:07:53:
4c:9d:13:78:84:92:c8:c4:c1:b5:27:08:b2:65:7f:
33:a9:86:e2:68:3c:51:b7:9e:51:32:e6:9d:90:c3:
0c:5f:4e:83:a8:d0:6d:12:db:6d:d0:cf:ce:ea:0c:
6c:a5:83:0f:b0:94:4a:81:30:48:88:6e:73:6a:f5:
30:e7:4e:72:91:44:34:d8:d8:d3:a6:cf:25:7d:91:
cf:53:b2:f1:ed:fc:db:ff:95:1e:ca:62:1d:7d:ac:
ac:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F3:B3:7A:E3:59:66:91:51:91:05:E0:2B:17:C0:BF:E1:2F:5B:1F
X509v3 Authority Key Identifier:
keyid:7E:E0:53:CB:9C:B4:F4:1C:1E:47:73:E7:F1:6E:84:BB:57:52:20:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuBTy5y09BweR3Pn8W6Eu1dSIDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/f_OzeuNZZpFRkQXgKxfAv-EvWx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0600a4-1464-4a7c-af56-18e86f0b1d81/1/fuBTy5y09BweR3Pn8W6Eu1dSIDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.16.0/24
88.218.18.0/24
193.228.91.0/24
193.228.168.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:88:5e:68:59:d1:94:b0:ea:ce:f0:09:55:61:11:20:87:93:
82:79:76:0f:87:76:fb:42:ca:58:a2:ba:5d:fa:81:47:8e:42:
fc:be:b7:5b:12:d7:c4:70:f8:2d:ec:a5:e9:7f:94:e4:57:f3:
be:0d:f1:82:85:bd:48:9b:89:ce:b0:40:ef:83:4d:9c:cf:00:
d4:3a:ae:d6:5f:a7:27:aa:ef:e6:b2:03:cd:be:04:c4:5b:a2:
4e:07:3f:b7:f6:fe:52:4e:ca:a8:65:a1:c6:4c:87:e5:82:e0:
2d:90:0f:a9:f6:8e:53:5e:64:3b:b6:86:41:48:c1:e5:2d:b5:
03:18:46:00:fa:7e:31:ec:d7:56:f8:6d:af:2b:dc:23:27:47:
32:c6:8e:18:d4:ca:07:40:af:b6:e6:8b:31:7b:80:3e:f9:48:
01:ed:e6:15:74:e6:8d:e6:6d:c4:0d:da:98:65:9d:38:a0:df:
7e:0d:de:fd:16:c7:3e:d6:12:f0:9d:dc:dc:f4:46:ee:31:a6:
70:5b:47:3c:49:d9:11:70:07:c3:ca:8d:3f:45:0b:77:1e:ba:
a0:b2:7d:58:03:4f:a9:8a:0b:7e:63:fa:89:0b:0a:24:be:74:
35:a1:b6:31:7e:88:4a:ed:d5:fe:cd:ca:d2:be:32:8d:8c:91:
06:87:45:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZesEKlFDgzQxhp17hE54munMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTA1M2NiOWNiNGY0MWMxZTQ3NzNlN2YxNmU4NGJiNTc1
MjIwMzMwHhcNMjUwNjI2MTE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYzYjM3YWUzNTk2NjkxNTE5MTA1ZTAyYjE3YzBiZmUxMmY1YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrqWyUyzPXHtQh1Ob9NuUpt7FSa7
pCQOyCFn+IAR58zlW/I4FfrP0trltV15vMI48uHcTzQ72TMc2Eg817NzTHhxItzD
lH0yEYvp8+jWWcWu4ySpTwDpq+fsmtRQs2H46MJuIuXffrOWcRXGgkcbD5GSG9ei
xe+Ie5Rw4o0NfYlaSoo9JaE/otHM0LE/PXhJr+keDGIMp017mWvCq5EOomHVB1NM
nRN4hJLIxMG1JwiyZX8zqYbiaDxRt55RMuadkMMMX06DqNBtEttt0M/O6gxspYMP
sJRKgTBIiG5zavUw505ykUQ02NjTps8lfZHPU7Lx7fzb/5UeymIdfaysLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH/zs3rjWWaRUZEF4CsXwL/hL1sfMB8GA1UdIwQY
MBaAFH7gU8uctPQcHkdz5/FuhLtXUiAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYt
MThlODZmMGIxZDgxLzEvZl9PemV1TlpacEZSa1FYZ0t4ZkF2LUV2V3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wNjAwYTQtMTQ2NC00YTdjLWFmNTYtMThlODZmMGIxZDgx
LzEvZnVCVHk1eTA5QndlUjNQbjhXNkV1MWRTSURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNoQAwQA
WNoSAwQAweRbAwQBweSoMA0GCSqGSIb3DQEBCwUAA4IBAQC8iF5oWdGUsOrO8AlV
YREgh5OCeXYPh3b7QspYorpd+oFHjkL8vrdbEtfEcPgt7KXpf5TkV/O+DfGChb1I
m4nOsEDvg02czwDUOq7WX6cnqu/msgPNvgTEW6JOBz+39v5STsqoZaHGTIflguAt
kA+p9o5TXmQ7toZBSMHlLbUDGEYA+n4x7NdW+G2vK9wjJ0cyxo4Y1MoHQK+25osx
e4A++UgB7eYVdOaN5m3EDdqYZZ04oN9+Dd79Fsc+1hLwndzc9EbuMaZwW0c8SdkR
cAfDyo0/RQt3Hrqgsn1YA0+pigt+Y/qJCwokvnQ1obYxfohK7dX+zcrSvjKNjJEG
h0Uw
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:44:24 2025 by rpki-client