Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EsuY095TVdQvItL4nhCZCNhOgbU.roa
File: EsuY095TVdQvItL4nhCZCNhOgbU.roa (raw, json)
Hash identifier: B2Hs9XAAe/G//v9MK7Gd6LTWKG9tnDW4StJm3GtXHag=
Subject key identifier: 12:CB:98:D3:DE:53:55:D4:2F:22:D2:F8:9E:10:99:08:D8:4E:81:B5
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0198A2FDE49EDA69347DDFEDF9F08DB4C26C
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EsuY095TVdQvItL4nhCZCNhOgbU.roa
Signing time: Wed 13 Aug 2025 10:33:24 +0000
ROA not before: Wed 13 Aug 2025 10:33:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:fd:e4:9e:da:69:34:7d:df:ed:f9:f0:8d:b4:c2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 13 10:33:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12cb98d3de5355d42f22d2f89e109908d84e81b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dd:08:5f:e4:09:ed:8e:3e:a4:0a:98:88:8d:
76:65:e7:92:d7:7f:ee:91:9b:b1:45:24:ce:f1:60:
11:65:b5:45:ee:71:c3:6f:70:af:81:3b:22:39:50:
ac:b6:0c:c7:0a:78:bd:47:bb:30:b9:65:51:b5:f8:
13:f5:9b:46:3d:f8:f7:88:02:fd:f8:cd:ec:fb:90:
e1:56:f4:5a:16:67:5d:3f:e4:c0:e0:26:bf:f0:8f:
f1:be:87:5e:81:47:ad:a3:91:77:09:e7:b2:ea:0f:
be:43:4a:74:bc:13:34:b3:17:16:ba:94:27:ae:82:
4c:0e:91:62:8c:9d:76:7e:8a:75:8d:45:77:4f:37:
12:0c:38:b8:83:f5:5a:48:79:e7:56:66:bb:33:8c:
61:41:37:05:ce:fc:8a:ce:cf:c5:05:d0:92:45:41:
fa:f6:d1:f6:ef:81:e4:0c:b0:c5:26:2e:5a:a7:b6:
6b:40:25:1a:43:9d:2d:47:37:e1:89:94:5a:a9:48:
74:20:1d:1d:77:02:51:70:4a:12:71:ba:b1:8c:a2:
f1:a2:6a:6a:3e:35:82:31:c1:a7:87:f0:07:ba:d9:
d9:cd:99:2e:7b:38:d6:26:d9:ed:c2:02:09:bf:fe:
7e:aa:62:c1:d9:15:fe:32:86:e6:6e:00:26:33:31:
87:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CB:98:D3:DE:53:55:D4:2F:22:D2:F8:9E:10:99:08:D8:4E:81:B5
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EsuY095TVdQvItL4nhCZCNhOgbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.112.0/24
89.23.115.0-89.23.118.255
Signature Algorithm: sha256WithRSAEncryption
92:8a:1d:c1:24:65:cb:ca:8d:22:89:e0:c4:ff:c8:85:57:c1:
77:b9:e9:ab:45:96:4a:62:e3:d7:c5:27:88:44:91:03:bf:f5:
c3:1f:a2:d1:6d:d5:39:0e:9d:01:a6:5d:f7:29:c1:55:9b:7b:
d3:da:11:4f:a6:28:31:1e:46:13:dd:e2:e6:af:2d:ce:88:df:
15:76:4f:69:e2:c0:5d:0a:2d:7b:89:4e:aa:d7:01:8d:84:f9:
a6:f2:d4:ca:d4:ad:4c:2d:fd:e2:a3:84:3d:2d:d3:23:ff:35:
cd:22:2a:94:ed:45:d7:1d:70:ce:6a:8c:c5:8e:d4:30:f0:cc:
98:cc:e3:d6:4e:3c:fb:e8:cf:fd:e4:75:de:e7:53:c2:e6:5c:
b5:c5:8e:78:62:4e:5b:1d:1c:74:0c:9b:5c:cc:61:9c:60:01:
02:2e:cc:77:9a:cd:43:22:d4:5d:ea:55:8a:d9:57:25:14:56:
5a:aa:1d:ca:34:cb:64:15:0d:80:f4:67:76:ed:a3:41:4b:32:
85:7a:14:c5:a3:d1:27:3c:66:b0:47:11:46:20:53:d9:fb:72:
40:2a:f1:29:60:d2:e8:bc:49:81:ea:cf:a3:31:25:78:a7:80:
cb:7a:ac:d2:a8:2c:84:da:27:ef:2a:9a:4f:5e:04:e8:50:89:
ce:25:a2:c5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZii/eSe2mk0fd/t+fCNtMJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwODEzMTAzMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNiOThkM2RlNTM1NWQ0MmYyMmQyZjg5ZTEwOTkwOGQ4NGU4MWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA090IX+QJ7Y4+pAqYiI12ZeeS13/u
kZuxRSTO8WARZbVF7nHDb3CvgTsiOVCstgzHCni9R7swuWVRtfgT9ZtGPfj3iAL9
+M3s+5DhVvRaFmddP+TA4Ca/8I/xvodegUeto5F3Ceey6g++Q0p0vBM0sxcWupQn
roJMDpFijJ12fop1jUV3TzcSDDi4g/VaSHnnVma7M4xhQTcFzvyKzs/FBdCSRUH6
9tH274HkDLDFJi5ap7ZrQCUaQ50tRzfhiZRaqUh0IB0ddwJRcEoScbqxjKLxompq
PjWCMcGnh/AHutnZzZkuezjWJtntwgIJv/5+qmLB2RX+MobmbgAmMzGHPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBLLmNPeU1XULyLS+J4QmQjYToG1MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRXN1WTA5NVRWZFF2SXRMNG5oQ1pDTmhPZ2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWRdwMAwD
BABZF3MDBABZF3YwDQYJKoZIhvcNAQELBQADggEBAJKKHcEkZcvKjSKJ4MT/yIVX
wXe56atFlkpi49fFJ4hEkQO/9cMfotFt1TkOnQGmXfcpwVWbe9PaEU+mKDEeRhPd
4uavLc6I3xV2T2niwF0KLXuJTqrXAY2E+aby1MrUrUwt/eKjhD0t0yP/Nc0iKpTt
RdcdcM5qjMWO1DDwzJjM49ZOPPvoz/3kdd7nU8LmXLXFjnhiTlsdHHQMm1zMYZxg
AQIuzHeazUMi1F3qVYrZVyUUVlqqHco0y2QVDYD0Z3bto0FLMoV6FMWj0Sc8ZrBH
EUYgU9n7ckAq8Slg0ui8SYHqz6MxJXingMt6rNKoLITaJ+8qmk9eBOhQic4losU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:58:45 2025 by rpki-client