Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/iPclpyCcjmZRUirmlpynRe1jVlQ.roa
File: iPclpyCcjmZRUirmlpynRe1jVlQ.roa (raw, json)
Hash identifier: 9e/d5wv0jrIlrbYbKSFVCEW56rVM8D3l+wGRzbJ1rM0=
Subject key identifier: 88:F7:25:A7:20:9C:8E:66:51:52:2A:E6:96:9C:A7:45:ED:63:56:54
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0196385BEC44CA4F5A2C5677F63EBC400325
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/iPclpyCcjmZRUirmlpynRe1jVlQ.roa
Signing time: Tue 15 Apr 2025 07:31:10 +0000
ROA not before: Tue 15 Apr 2025 07:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 80.254.228.0/24 maxlen: 24
185.92.168.0/24 maxlen: 24
185.92.169.0/24 maxlen: 24
185.92.171.0/24 maxlen: 24
2a13:5241::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 04:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:5b:ec:44:ca:4f:5a:2c:56:77:f6:3e:bc:40:03:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Apr 15 07:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88f725a7209c8e6651522ae6969ca745ed635654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:ac:b4:51:2d:fb:d7:35:77:45:29:fd:35:
4c:38:e2:c3:79:9f:05:d7:91:7a:44:a5:d3:99:66:
8f:4e:26:04:58:ba:2c:f4:f4:f0:43:2e:c1:47:f6:
bb:15:5d:03:cd:59:38:37:93:d4:69:ee:d5:75:82:
6e:83:70:b0:23:38:c2:b8:50:53:51:7f:29:6d:fa:
2d:3f:56:90:ab:a8:b8:e0:ef:56:d9:49:d2:aa:07:
74:69:a6:b2:40:a0:4a:a7:09:0e:d1:a9:9e:9f:22:
93:30:06:fa:95:52:58:bf:71:2c:9f:5f:7a:92:06:
6e:73:92:be:0d:9e:1a:d6:2f:62:d9:9f:f1:23:16:
06:13:db:fc:ac:0b:cb:0b:df:01:ed:94:a5:00:b5:
af:91:24:7f:11:e6:7e:af:7e:97:6f:b9:d9:2c:c4:
b5:16:a1:21:7c:f6:2f:f2:32:6a:91:22:6c:33:ed:
a2:95:e0:53:84:a5:cd:67:39:72:e9:d1:b8:1b:ce:
c2:1a:e4:a1:a3:d1:65:1f:f8:73:4e:f0:6b:1b:76:
ed:43:16:7f:67:b2:87:eb:ab:18:5f:4d:ec:69:d5:
40:7d:14:95:82:71:1f:ee:fe:2e:5a:fb:06:65:4c:
78:3d:50:24:e7:70:68:7f:4d:59:d9:92:83:f5:5e:
16:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F7:25:A7:20:9C:8E:66:51:52:2A:E6:96:9C:A7:45:ED:63:56:54
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/iPclpyCcjmZRUirmlpynRe1jVlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/24
185.92.168.0/23
185.92.171.0/24
IPv6:
2a13:5241::/32
Signature Algorithm: sha256WithRSAEncryption
03:ee:00:17:bc:6a:ae:90:47:1b:89:a1:d8:16:a1:ca:cd:84:
6e:29:19:68:99:6b:c5:76:4d:29:c1:ab:83:f3:ec:1f:87:7b:
6e:07:d9:d0:5a:b0:f8:8b:b7:9e:ad:39:43:4c:34:47:03:91:
fa:5b:dc:04:42:3d:55:fc:51:d1:a9:d8:e4:eb:80:e8:c5:e1:
06:78:e9:b6:6f:ed:13:41:87:c6:75:08:06:c7:80:4b:8a:00:
ef:d5:7c:c0:a6:33:d1:04:d0:37:37:9d:00:67:8b:60:8f:08:
93:a0:a0:62:5a:e6:aa:6c:14:15:d2:e6:b3:bb:54:0c:b6:8b:
ca:b7:20:95:aa:26:4e:98:bd:dd:d5:0b:a3:42:9c:bb:2e:90:
ea:11:45:6f:5c:25:48:15:86:ef:e7:9e:68:c7:4c:2e:58:2f:
78:b0:a1:c5:68:56:84:a0:f3:af:72:56:68:85:37:73:f2:c0:
3b:26:93:69:d5:db:d0:cc:24:dd:2f:cd:ff:f7:1f:6e:12:d8:
b5:2a:2a:26:1d:03:dc:ca:27:60:13:e4:32:c2:c5:ba:00:cf:
70:17:27:36:2d:b8:d8:b6:cc:1d:6a:65:c5:c6:f6:ac:13:e7:
79:52:42:ca:16:61:7e:1d:54:cf:ad:5a:61:1b:45:64:f4:e6:
d5:cf:72:d9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZY4W+xEyk9aLFZ39j68QAMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwNDE1MDczMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY3MjVhNzIwOWM4ZTY2NTE1MjJhZTY5NjljYTc0NWVkNjM1NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEastFEt+9c1d0Up/TVMOOLDeZ8F
15F6RKXTmWaPTiYEWLos9PTwQy7BR/a7FV0DzVk4N5PUae7VdYJug3CwIzjCuFBT
UX8pbfotP1aQq6i44O9W2UnSqgd0aaayQKBKpwkO0amenyKTMAb6lVJYv3Esn196
kgZuc5K+DZ4a1i9i2Z/xIxYGE9v8rAvLC98B7ZSlALWvkSR/EeZ+r36Xb7nZLMS1
FqEhfPYv8jJqkSJsM+2ileBThKXNZzly6dG4G87CGuSho9FlH/hzTvBrG3btQxZ/
Z7KH66sYX03sadVAfRSVgnEf7v4uWvsGZUx4PVAk53Bof01Z2ZKD9V4WaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIj3JacgnI5mUVIq5pacp0XtY1ZUMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvaVBjbHB5Q2NqbVpSVWlybWxweW5SZTFqVmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUP7kAwQB
uVyoAwQAuVyrMA0EAgACMAcDBQAqE1JBMA0GCSqGSIb3DQEBCwUAA4IBAQAD7gAX
vGqukEcbiaHYFqHKzYRuKRlomWvFdk0pwauD8+wfh3tuB9nQWrD4i7eerTlDTDRH
A5H6W9wEQj1V/FHRqdjk64DoxeEGeOm2b+0TQYfGdQgGx4BLigDv1XzApjPRBNA3
N50AZ4tgjwiToKBiWuaqbBQV0uazu1QMtovKtyCVqiZOmL3d1QujQpy7LpDqEUVv
XCVIFYbv555ox0wuWC94sKHFaFaEoPOvclZohTdz8sA7JpNp1dvQzCTdL83/9x9u
Eti1KiomHQPcyidgE+QywsW6AM9wFyc2LbjYtswdamXFxvasE+d5UkLKFmF+HVTP
rVphG0Vk9ObVz3LZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:18:31 2025 by rpki-client