Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/ebY0ybGhZip6V6HRTLpeSE7O7sw.roa
File: ebY0ybGhZip6V6HRTLpeSE7O7sw.roa (raw, json)
Hash identifier: CjnZtq5jk1id0rS9srgQaW3rR6nXLv2/QKmxK7hdv7k=
Subject key identifier: 79:B6:34:C9:B1:A1:66:2A:7A:57:A1:D1:4C:BA:5E:48:4E:CE:EE:CC
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 019759CD8E21476F406F2565B4EC6AB3E8CE
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/ebY0ybGhZip6V6HRTLpeSE7O7sw.roa
Signing time: Tue 10 Jun 2025 12:25:32 +0000
ROA not before: Tue 10 Jun 2025 12:25:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 81.173.82.0/24 maxlen: 24
81.173.88.0/21 maxlen: 24
192.162.28.0/22 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:cd:8e:21:47:6f:40:6f:25:65:b4:ec:6a:b3:e8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jun 10 12:25:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79b634c9b1a1662a7a57a1d14cba5e484eceeecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:67:b0:3e:75:5c:59:83:96:fe:fd:04:5b:0c:
e3:86:b6:f9:ed:4f:84:16:84:a2:08:49:59:2b:cf:
17:ed:4e:61:a5:45:b2:03:ae:3c:d0:6b:53:b7:27:
9c:37:b4:51:38:a3:ac:b3:5f:a1:98:16:1d:63:1d:
ed:29:ac:b4:7e:6d:fd:c3:c0:7d:9b:89:ed:fe:42:
97:06:84:d1:db:4b:cd:59:49:fc:f3:f8:10:04:0a:
b6:09:2e:1b:c3:57:1f:16:f5:4d:85:cc:13:61:c7:
73:99:7a:04:b7:26:1b:32:3b:b2:81:49:da:d4:1d:
5f:35:80:76:6d:f6:69:c4:f3:8e:84:4f:07:57:7c:
5f:17:58:35:7c:89:24:85:ff:9c:f1:2f:44:10:55:
d3:11:5f:43:6c:9a:e3:c7:9c:c1:ad:ab:cd:31:14:
bd:c8:36:58:00:df:29:68:87:0e:97:41:75:89:1d:
8c:43:72:77:a0:76:c6:44:ad:e3:a3:7e:e8:ae:80:
f5:29:c2:e4:3b:3a:2f:9d:0a:78:05:92:8e:72:9b:
1d:b2:79:93:94:2b:55:98:69:9f:57:12:f7:57:af:
6c:33:a3:55:91:bd:79:f9:93:dd:df:17:1d:33:6a:
59:cb:c7:c6:64:dc:0f:a4:6c:ff:37:2e:73:00:38:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B6:34:C9:B1:A1:66:2A:7A:57:A1:D1:4C:BA:5E:48:4E:CE:EE:CC
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/ebY0ybGhZip6V6HRTLpeSE7O7sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.82.0/24
81.173.88.0/21
192.162.28.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
81:38:3e:6e:1a:57:25:96:9e:04:cb:0b:37:fb:51:e7:e2:91:
ab:9f:e4:40:47:b3:9c:f4:c1:b1:5b:4e:2f:9e:f8:dc:cd:b5:
25:6a:30:7f:0c:75:dc:8a:a1:8a:40:89:fd:00:b7:d2:bf:92:
f3:c7:f4:e2:ff:fb:66:84:8f:dc:97:93:6b:4d:3d:14:de:c0:
fa:18:8d:0d:d1:04:c4:4a:e0:f5:87:42:e4:a5:2d:4b:90:46:
0c:1d:35:d6:31:52:1c:1b:10:de:6c:7e:db:a5:90:04:b6:ca:
d7:c5:71:50:7a:a6:5b:be:ea:32:a7:ad:9b:98:51:08:3d:45:
3e:ab:78:a2:93:dd:71:b0:a0:38:3b:f1:88:44:33:9d:40:eb:
4f:60:6f:3d:29:97:42:5f:1b:6c:36:62:a4:52:39:ec:d1:a0:
00:2f:fc:a5:a4:9b:ff:3b:84:11:dd:fa:9c:bb:16:fc:26:e7:
16:ad:6f:6d:c1:4d:ca:69:4f:18:21:c6:d3:7b:7d:cb:af:3f:
88:dc:a6:bf:1e:a7:37:33:b1:b4:45:cb:83:42:4f:0f:39:78:
c7:64:a2:ac:9a:1f:a5:56:e3:ad:d3:63:0d:f3:b5:83:f1:8f:
ab:e5:60:89:1c:e9:2c:29:f0:38:58:3a:3e:a8:10:a0:ae:b0:
66:28:7e:6c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZdZzY4hR29AbyVltOxqs+jOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwNjEwMTIyNTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWI2MzRjOWIxYTE2NjJhN2E1N2ExZDE0Y2JhNWU0ODRlY2VlZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mewPnVcWYOW/v0EWwzjhrb57U+E
FoSiCElZK88X7U5hpUWyA6480GtTtyecN7RROKOss1+hmBYdYx3tKay0fm39w8B9
m4nt/kKXBoTR20vNWUn88/gQBAq2CS4bw1cfFvVNhcwTYcdzmXoEtyYbMjuygUna
1B1fNYB2bfZpxPOOhE8HV3xfF1g1fIkkhf+c8S9EEFXTEV9DbJrjx5zBravNMRS9
yDZYAN8paIcOl0F1iR2MQ3J3oHbGRK3jo37oroD1KcLkOzovnQp4BZKOcpsdsnmT
lCtVmGmfVxL3V69sM6NVkb15+ZPd3xcdM2pZy8fGZNwPpGz/Ny5zADihZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHm2NMmxoWYqeleh0Uy6XkhOzu7MMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvZWJZMHliR2haaXA2VjZIUlRMcGVTRTdPN3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUa1SAwQD
Ua1YAwQCwKIcMA0EAgACMAcDBQAqABEoMA0GCSqGSIb3DQEBCwUAA4IBAQCBOD5u
Glcllp4Eyws3+1Hn4pGrn+RAR7Oc9MGxW04vnvjczbUlajB/DHXciqGKQIn9ALfS
v5Lzx/Ti//tmhI/cl5NrTT0U3sD6GI0N0QTESuD1h0LkpS1LkEYMHTXWMVIcGxDe
bH7bpZAEtsrXxXFQeqZbvuoyp62bmFEIPUU+q3iik91xsKA4O/GIRDOdQOtPYG89
KZdCXxtsNmKkUjns0aAAL/ylpJv/O4QR3fqcuxb8JucWrW9twU3KaU8YIcbTe33L
rz+I3Ka/Hqc3M7G0RcuDQk8POXjHZKKsmh+lVuOt02MN87WD8Y+r5WCJHOksKfA4
WDo+qBCgrrBmKH5s
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:31:58 2025 by rpki-client