
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/81k5uhijaAEhyRnitikdKr6KoLk.roa
File: 81k5uhijaAEhyRnitikdKr6KoLk.roa (raw, json)
Hash identifier: NBT01wcy3n0Il1fMZOXpBHOVuMqtyZ/F0o2qr5d3nvk=
Subject key identifier: F3:59:39:BA:18:A3:68:01:21:C9:19:E2:B6:29:1D:2A:BE:8A:A0:B9
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 019871A1D9B399B18D0A6C8CFBE04BFF747F
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/81k5uhijaAEhyRnitikdKr6KoLk.roa
Signing time: Sun 03 Aug 2025 20:31:29 +0000
ROA not before: Sun 03 Aug 2025 20:31:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212271
IP address blocks: 152.89.170.0/24 maxlen: 24
185.57.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:71:a1:d9:b3:99:b1:8d:0a:6c:8c:fb:e0:4b:ff:74:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Aug 3 20:31:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f35939ba18a3680121c919e2b6291d2abe8aa0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:95:bc:43:fa:9a:e7:03:23:9e:bc:a7:b2:
41:33:4c:51:c0:e2:68:90:2a:bc:b2:9d:f1:93:2d:
58:e3:f2:d9:51:e5:64:15:d7:37:d4:8e:56:76:49:
8c:2e:fd:13:fa:1b:35:06:ba:52:6c:4e:c1:84:2e:
12:46:e4:2a:4d:48:a4:eb:90:a5:52:19:08:84:65:
21:fa:27:23:1e:6d:eb:fe:bb:e3:9d:e5:09:89:30:
4c:7d:b2:57:6b:f9:94:53:f9:81:6c:43:2e:35:97:
82:41:d2:c0:f8:32:02:36:f1:06:1f:72:87:ce:8c:
ba:47:ae:fd:cd:13:59:ae:aa:11:37:5d:d9:71:ac:
0d:7f:fd:7f:38:3d:60:da:ed:2f:9d:be:72:a9:8c:
48:94:fe:58:33:65:28:0c:3c:f3:58:53:00:7a:68:
c1:fe:dd:c0:9a:66:7c:40:05:4f:ea:bc:bf:56:54:
6a:e4:64:ca:5e:4c:6d:8d:d8:e6:84:be:53:bb:48:
66:dd:2f:d7:33:31:38:b1:36:eb:8f:7c:fd:22:49:
49:21:04:66:7a:62:bf:4f:55:8f:b1:07:a5:db:a2:
34:eb:7d:48:98:48:98:78:ed:bb:3b:97:9b:d7:76:
40:dc:78:e9:7a:3d:9d:78:9e:95:af:79:c3:78:e6:
c3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:59:39:BA:18:A3:68:01:21:C9:19:E2:B6:29:1D:2A:BE:8A:A0:B9
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/81k5uhijaAEhyRnitikdKr6KoLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.170.0/24
185.57.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:9c:70:bc:30:a7:28:ee:c3:b8:57:ce:a2:21:9d:7b:56:d2:
f0:97:34:4e:78:d0:18:c0:12:bd:0f:17:fb:3d:59:b9:90:f2:
c7:f9:cb:eb:09:36:39:6e:e1:2f:8d:eb:74:48:d3:84:b4:02:
3d:1d:23:9a:8b:38:01:45:65:f8:21:9f:8e:65:4b:b6:7d:39:
be:18:9a:4e:ad:d6:70:20:7b:06:22:5d:76:8f:46:46:11:45:
7f:36:92:cc:1c:22:22:a7:33:5b:d1:0c:1b:e4:cd:c0:36:f0:
94:4c:95:f8:11:f0:94:7b:5f:25:08:32:e0:8c:29:9b:e6:d3:
90:88:ed:97:db:e7:d8:48:1f:f6:d3:22:23:90:c5:6b:fc:2f:
1a:d0:49:19:80:08:e3:ae:d0:9e:9d:96:a6:c0:3f:26:c4:70:
b4:11:48:8c:ff:78:5f:4c:91:d6:1a:cd:a6:81:ad:97:21:71:
8f:af:f2:b3:eb:49:5f:5e:e5:41:c3:b6:dd:69:5d:1d:91:35:
83:ee:32:0b:e0:7e:02:a0:5c:2d:56:1f:24:c4:56:d2:75:e6:
8f:50:b7:d6:1c:4a:2b:7f:9e:17:97:1a:15:61:7d:33:ee:31:
21:1e:49:ab:6a:bf:3b:ab:0f:c1:25:0b:b9:e6:08:2d:94:e6:
fc:b7:81:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhxodmzmbGNCmyM++BL/3R/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjUwODAzMjAzMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzU5MzliYTE4YTM2ODAxMjFjOTE5ZTJiNjI5MWQyYWJlOGFhMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0mVvEP6mucDI568p7JBM0xRwOJo
kCq8sp3xky1Y4/LZUeVkFdc31I5WdkmMLv0T+hs1BrpSbE7BhC4SRuQqTUik65Cl
UhkIhGUh+icjHm3r/rvjneUJiTBMfbJXa/mUU/mBbEMuNZeCQdLA+DICNvEGH3KH
zoy6R679zRNZrqoRN13ZcawNf/1/OD1g2u0vnb5yqYxIlP5YM2UoDDzzWFMAemjB
/t3AmmZ8QAVP6ry/VlRq5GTKXkxtjdjmhL5Tu0hm3S/XMzE4sTbrj3z9IklJIQRm
emK/T1WPsQel26I0631ImEiYeO27O5eb13ZA3Hjpej2deJ6Vr3nDeObD0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPNZOboYo2gBIckZ4rYpHSq+iqC5MB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvODFrNXVoaWphQUVoeVJuaXRpa2RLcjZLb0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFmqAwQA
uTnnMA0GCSqGSIb3DQEBCwUAA4IBAQB+nHC8MKco7sO4V86iIZ17VtLwlzROeNAY
wBK9Dxf7PVm5kPLH+cvrCTY5buEvjet0SNOEtAI9HSOaizgBRWX4IZ+OZUu2fTm+
GJpOrdZwIHsGIl12j0ZGEUV/NpLMHCIipzNb0Qwb5M3ANvCUTJX4EfCUe18lCDLg
jCmb5tOQiO2X2+fYSB/20yIjkMVr/C8a0EkZgAjjrtCenZamwD8mxHC0EUiM/3hf
TJHWGs2mga2XIXGPr/Kz60lfXuVBw7bdaV0dkTWD7jIL4H4CoFwtVh8kxFbSdeaP
ULfWHEorf54XlxoVYX0z7jEhHkmrar87qw/BJQu55ggtlOb8t4Hp
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:21:15 2025 by rpki-client