Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/sEHiIEng4KK2exCqeB3KtfKP6-M.roa
File: sEHiIEng4KK2exCqeB3KtfKP6-M.roa (raw, json)
Hash identifier: sFnd3qUDhEUz9XKIdGVTZ2qVwlhZd/KQvrBSKAH2Wf8=
Subject key identifier: B0:41:E2:20:49:E0:E0:A2:B6:7B:10:AA:78:1D:CA:B5:F2:8F:EB:E3
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0197B0CBE7AA5C044AAE14124D96DBCA6F7F
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/sEHiIEng4KK2exCqeB3KtfKP6-M.roa
Signing time: Fri 27 Jun 2025 09:50:42 +0000
ROA not before: Fri 27 Jun 2025 09:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.108.237.0/24 maxlen: 24
195.96.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:cb:e7:aa:5c:04:4a:ae:14:12:4d:96:db:ca:6f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Jun 27 09:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b041e22049e0e0a2b67b10aa781dcab5f28febe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:7f:11:34:a9:fa:51:4c:c1:d0:b3:74:a1:
15:a3:9c:de:30:f0:21:67:91:58:ed:a6:e3:d4:38:
4d:d4:ff:0c:75:ce:14:2b:5f:a4:56:5f:ed:44:43:
f4:18:b5:30:62:4d:cc:94:7e:c0:a5:38:35:95:09:
bf:89:40:b6:09:f2:b7:3a:39:5d:fc:bf:f8:e6:ee:
92:5e:31:07:7f:fa:cf:97:b8:a3:48:23:0c:e0:a2:
09:36:ea:32:6b:8f:f4:91:61:ee:c1:14:52:b8:4a:
44:2a:ac:84:bb:34:85:ff:92:b1:32:32:a1:2b:24:
e6:10:aa:3d:1a:b5:62:39:09:4e:ca:0c:0e:98:87:
e4:23:f9:67:c2:17:e8:08:92:92:9c:eb:a4:96:90:
b9:b5:50:3e:1c:e2:24:fe:9e:d1:ec:05:3e:ea:2e:
36:ea:3c:71:67:5a:7f:60:64:64:5d:e7:d7:f0:c7:
36:2e:f7:0b:40:74:fa:55:2a:5d:88:c2:c1:39:5f:
4b:1b:6d:f2:76:68:16:55:4e:ca:c0:ad:af:ea:29:
81:d1:58:ee:36:03:40:ee:f0:ed:4c:6a:3c:17:86:
c4:c9:a9:42:ef:15:c0:7d:41:61:a2:68:60:8c:90:
2f:a1:c0:5b:73:bf:5c:1d:fe:c0:1b:8c:3f:a6:c6:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:41:E2:20:49:E0:E0:A2:B6:7B:10:AA:78:1D:CA:B5:F2:8F:EB:E3
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/sEHiIEng4KK2exCqeB3KtfKP6-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.237.0/24
195.96.156.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5d:f1:dc:99:23:1b:50:bc:86:6a:07:a0:30:83:30:3a:a2:
09:40:b9:d5:4f:4d:1d:e9:4d:46:a3:f2:bd:8d:d4:91:e4:98:
1a:57:bb:f1:56:8c:2d:c6:4f:1e:e7:8a:1b:95:0f:38:b0:62:
a8:ad:52:45:4d:83:8f:5b:d2:4c:2f:8c:e5:c3:35:72:d0:8d:
47:03:5c:25:06:81:68:33:63:58:9a:eb:8e:0a:96:56:c9:7c:
c2:ef:84:a7:de:2e:cc:e1:06:5e:4a:7b:1a:7d:9f:d6:7a:01:
8e:ad:cb:ee:1e:4d:d3:64:1b:60:ff:0d:b9:d4:26:64:f2:e3:
6f:83:0c:b4:1d:96:88:35:a4:9c:9d:3b:2e:d2:7b:09:7e:f8:
9d:40:f7:97:6b:cd:61:df:aa:b3:f1:e1:44:48:be:42:f0:3b:
01:a2:a9:11:04:67:f1:26:95:cd:7b:84:95:3d:cc:9f:b0:c1:
bc:c8:87:c4:95:02:76:da:f3:95:5c:07:a3:b1:a3:22:be:64:
fc:73:84:bb:a0:aa:16:33:79:89:ee:7d:bb:f1:1b:e8:44:6e:
a0:ca:25:37:82:2b:12:40:90:7b:3c:93:22:4b:d4:b1:13:2c:
6d:99:61:5a:1d:5c:c4:ff:b1:62:61:58:b4:1e:57:30:0c:52:
71:e1:1c:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZewy+eqXARKrhQSTZbbym9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwNjI3MDk1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDQxZTIyMDQ5ZTBlMGEyYjY3YjEwYWE3ODFkY2FiNWYyOGZlYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMN/ETSp+lFMwdCzdKEVo5zeMPAh
Z5FY7abj1DhN1P8Mdc4UK1+kVl/tREP0GLUwYk3MlH7ApTg1lQm/iUC2CfK3Ojld
/L/45u6SXjEHf/rPl7ijSCMM4KIJNuoya4/0kWHuwRRSuEpEKqyEuzSF/5KxMjKh
KyTmEKo9GrViOQlOygwOmIfkI/lnwhfoCJKSnOuklpC5tVA+HOIk/p7R7AU+6i42
6jxxZ1p/YGRkXefX8Mc2LvcLQHT6VSpdiMLBOV9LG23ydmgWVU7KwK2v6imB0Vju
NgNA7vDtTGo8F4bEyalC7xXAfUFhomhgjJAvocBbc79cHf7AG4w/psbGlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBB4iBJ4OCitnsQqngdyrXyj+vjMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvc0VIaUlFbmc0S0syZXhDcWVCM0t0ZktQNi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2ztAwQA
w2CcMA0GCSqGSIb3DQEBCwUAA4IBAQBNXfHcmSMbULyGagegMIMwOqIJQLnVT00d
6U1Go/K9jdSR5JgaV7vxVowtxk8e54oblQ84sGKorVJFTYOPW9JML4zlwzVy0I1H
A1wlBoFoM2NYmuuOCpZWyXzC74Sn3i7M4QZeSnsafZ/WegGOrcvuHk3TZBtg/w25
1CZk8uNvgwy0HZaINaScnTsu0nsJfvidQPeXa81h36qz8eFESL5C8DsBoqkRBGfx
JpXNe4SVPcyfsMG8yIfElQJ22vOVXAejsaMivmT8c4S7oKoWM3mJ7n278RvoRG6g
yiU3gisSQJB7PJMiS9SxEyxtmWFaHVzE/7FiYVi0HlcwDFJx4RzZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:48:39 2025 by rpki-client