Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iJB54eq2gdL_naX3zdftA5sdoGg.roa
File: iJB54eq2gdL_naX3zdftA5sdoGg.roa (raw, json)
Hash identifier: T0EgFKHq/jWzVCdE85bliHVVGwL++0pbYTM44LgbBpM=
Subject key identifier: 88:90:79:E1:EA:B6:81:D2:FF:9D:A5:F7:CD:D7:ED:03:9B:1D:A0:68
Certificate issuer: /CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Certificate serial: 019759815658CA8504FB1A1566081B74DDDA
Authority key identifier: EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iJB54eq2gdL_naX3zdftA5sdoGg.roa
Signing time: Tue 10 Jun 2025 11:02:17 +0000
ROA not before: Tue 10 Jun 2025 11:02:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47421
IP address blocks: 91.147.208.0/22 maxlen: 22
91.147.212.0/23 maxlen: 23
94.248.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:81:56:58:ca:85:04:fb:1a:15:66:08:1b:74:dd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Validity
Not Before: Jun 10 11:02:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=889079e1eab681d2ff9da5f7cdd7ed039b1da068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:03:68:1d:88:6c:d7:68:5a:f2:05:77:b5:5a:
94:b7:db:4c:d6:a2:25:98:94:6e:76:d9:af:02:b3:
39:fd:57:ec:8f:e6:fb:d4:e1:ef:8e:46:ed:3a:f9:
49:f4:b3:44:7b:31:9b:42:09:41:46:b4:a9:1e:ae:
c9:8c:a7:d1:65:60:24:d8:0b:43:9f:d1:00:96:b4:
7b:67:56:7a:10:14:ff:49:d6:6a:0e:09:91:4a:d6:
fb:a7:a9:63:4f:d3:26:40:12:0f:ec:68:dc:88:52:
d9:86:65:de:4b:9d:b8:90:f1:d2:72:d1:ff:5e:cc:
ed:90:6a:17:50:38:c9:ad:aa:bf:73:31:e5:d0:ce:
f4:23:ee:3b:c9:21:80:79:21:03:04:f5:28:c9:b3:
45:1e:bd:87:d6:f2:21:1a:7f:da:b0:ee:fa:3d:ff:
5e:0d:b7:4c:5c:f9:5f:fd:84:ab:0a:00:c3:5f:70:
7d:90:2c:8e:f8:81:e7:17:de:28:f1:58:60:50:24:
56:67:c2:06:c1:23:09:91:ed:0b:aa:f6:1f:d0:7a:
67:b1:a4:2a:e2:e1:e2:3d:16:51:2e:62:5b:bb:c2:
da:41:c5:50:b2:c6:ab:a4:0b:94:0c:42:46:db:dc:
e4:80:f6:a2:fd:4c:c9:22:68:ed:98:ad:cb:37:b7:
1b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:90:79:E1:EA:B6:81:D2:FF:9D:A5:F7:CD:D7:ED:03:9B:1D:A0:68
X509v3 Authority Key Identifier:
keyid:EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iJB54eq2gdL_naX3zdftA5sdoGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.208.0-91.147.213.255
94.248.168.0/23
Signature Algorithm: sha256WithRSAEncryption
75:ec:b1:21:57:4e:f8:e1:67:7c:21:85:15:66:fe:f7:6e:f8:
23:5e:cb:af:fd:da:d3:43:1b:4a:54:cd:67:47:da:97:65:f2:
d8:5a:cb:41:4d:6c:3a:70:39:81:d6:8d:46:1b:c3:b8:45:40:
7a:5c:fe:cc:f1:b9:76:dc:8c:ae:54:aa:e9:17:b5:e0:48:32:
6d:f9:92:28:ab:4a:3e:63:8f:50:82:6c:d2:66:06:27:e1:a2:
9b:41:64:27:72:4a:c5:a6:5c:22:b5:31:69:5b:ca:6e:4a:38:
4a:b3:75:24:7e:7a:7f:62:e3:10:a8:ff:1f:f3:86:28:e5:de:
4b:b9:8d:47:25:61:0b:e2:15:9c:9f:c9:e6:51:07:f3:30:ee:
29:08:3e:47:d2:88:f6:c8:1a:a7:db:49:fb:d7:f8:05:dc:9a:
b8:d3:52:e5:b4:49:9c:94:f6:2a:13:4a:96:da:b4:29:3a:23:
3a:13:63:eb:c8:ed:4c:2a:4a:6d:e9:d1:91:21:89:5a:8a:a2:
fa:f7:91:4a:db:2e:b6:7e:2d:b7:76:06:68:82:e5:56:dd:78:
94:16:cd:4b:ae:8d:c8:75:b2:b2:d2:fd:57:e3:b1:1f:85:9c:
17:57:58:de:75:1a:22:34:f1:32:11:b7:f8:1c:e6:bb:8f:0f:
f3:1b:a5:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZdZgVZYyoUE+xoVZggbdN3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVmZDVkZTc4ZjkzYmNhZWFkMTVlMTRjMDA2ZWRiYmQx
YjU5NTUwHhcNMjUwNjEwMTEwMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODkwNzllMWVhYjY4MWQyZmY5ZGE1ZjdjZGQ3ZWQwMzliMWRhMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gNoHYhs12ha8gV3tVqUt9tM1qIl
mJRudtmvArM5/Vfsj+b71OHvjkbtOvlJ9LNEezGbQglBRrSpHq7JjKfRZWAk2AtD
n9EAlrR7Z1Z6EBT/SdZqDgmRStb7p6ljT9MmQBIP7GjciFLZhmXeS524kPHSctH/
XsztkGoXUDjJraq/czHl0M70I+47ySGAeSEDBPUoybNFHr2H1vIhGn/asO76Pf9e
DbdMXPlf/YSrCgDDX3B9kCyO+IHnF94o8VhgUCRWZ8IGwSMJke0LqvYf0HpnsaQq
4uHiPRZRLmJbu8LaQcVQssarpAuUDEJG29zkgPai/UzJImjtmK3LN7cbBwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIiQeeHqtoHS/52l983X7QObHaBoMB8GA1UdIwQY
MBaAFO8O/V3nj5O8rq0V4UwAbtu9G1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDkt
ZWE4NjUwOWMzYjMwLzEvaUpCNTRlcTJnZExfbmFYM3pkZnRBNXNkb0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDktZWE4NjUwOWMzYjMw
LzEvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARbk9AD
BAFbk9QDBAFe+KgwDQYJKoZIhvcNAQELBQADggEBAHXssSFXTvjhZ3whhRVm/vdu
+CNey6/92tNDG0pUzWdH2pdl8thay0FNbDpwOYHWjUYbw7hFQHpc/szxuXbcjK5U
qukXteBIMm35kiirSj5jj1CCbNJmBifhoptBZCdySsWmXCK1MWlbym5KOEqzdSR+
en9i4xCo/x/zhijl3ku5jUclYQviFZyfyeZRB/Mw7ikIPkfSiPbIGqfbSfvX+AXc
mrjTUuW0SZyU9ioTSpbatCk6IzoTY+vI7UwqSm3p0ZEhiVqKovr3kUrbLrZ+Lbd2
BmiC5VbdeJQWzUuujch1srLS/VfjsR+FnBdXWN51GiI08TIRt/gc5ruPD/MbpW8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:10:01 2025 by rpki-client