Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/641O2xrThMIhFNQYEn-uNmaaKGs.roa
File: 641O2xrThMIhFNQYEn-uNmaaKGs.roa (raw, json)
Hash identifier: ILVpWSurdjaF1Sfdg/iU1PS4aacGCB7ZOcbIzMGwla0=
Subject key identifier: EB:8D:4E:DB:1A:D3:84:C2:21:14:D4:18:12:7F:AE:36:66:9A:28:6B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01966D9C205DD94EB1716148D36F060A5C20
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/641O2xrThMIhFNQYEn-uNmaaKGs.roa
Signing time: Fri 25 Apr 2025 15:41:10 +0000
ROA not before: Fri 25 Apr 2025 15:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399195
IP address blocks: 87.229.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:9c:20:5d:d9:4e:b1:71:61:48:d3:6f:06:0a:5c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 25 15:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb8d4edb1ad384c22114d418127fae36669a286b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:51:e0:52:d5:23:c9:8f:ec:ad:73:f6:e7:08:
6f:d9:14:86:ad:18:ac:02:50:5c:f1:79:49:97:2d:
e9:79:16:48:bf:37:37:40:ff:df:6c:75:54:02:bc:
4f:e5:16:73:37:94:3d:96:c1:e0:61:40:31:44:72:
2f:29:31:dc:5a:00:be:99:0e:5e:29:45:d2:e5:81:
80:2f:c5:22:19:b1:79:41:56:d0:b4:e7:aa:5f:83:
3b:43:8b:ad:56:23:7d:3f:bf:89:5d:b0:64:92:b5:
3c:c1:25:bd:81:6e:64:d2:5e:77:0a:48:63:d5:77:
da:30:52:f1:15:5f:1c:bb:37:bd:6a:d3:3d:0f:a6:
b9:5d:50:e1:54:ae:3c:fe:9b:72:d9:18:23:84:29:
0c:95:10:88:06:63:1f:5f:2a:2d:15:87:58:90:37:
7e:55:c7:2b:92:e3:7e:17:92:36:66:2e:da:cd:d8:
12:18:2a:e7:6c:f5:22:5e:33:86:65:0f:54:63:e3:
9a:a9:32:c2:6c:80:fe:e5:6a:76:5c:96:18:d4:ab:
d3:19:03:8a:bd:3d:34:62:24:71:76:d7:b5:b6:6f:
a3:78:14:1a:9c:cd:e0:bc:2b:f6:40:49:74:60:c8:
19:6f:c2:e7:fa:49:61:08:ed:0d:8e:28:e8:62:1d:
e2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8D:4E:DB:1A:D3:84:C2:21:14:D4:18:12:7F:AE:36:66:9A:28:6B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/641O2xrThMIhFNQYEn-uNmaaKGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.31.0/24
Signature Algorithm: sha256WithRSAEncryption
99:be:db:f1:c8:fa:bc:4b:10:e2:35:84:8b:f8:69:07:a6:67:
18:42:51:90:6c:8e:88:87:1d:f7:67:e9:12:98:4c:a4:1d:6c:
1c:45:87:9f:1b:fa:ee:ad:32:d1:dd:4f:5e:18:38:5e:b1:da:
9b:5e:31:cf:f7:de:b8:46:f3:ea:b4:1b:f3:f6:82:d3:90:ed:
b3:61:8d:99:5f:7a:ed:92:0c:0c:1b:ca:4c:5a:6b:9e:3a:23:
9f:3d:68:83:aa:34:34:d6:6b:16:02:c5:a2:dc:4f:fe:e0:27:
c4:8d:3e:a2:cb:43:ae:d7:e1:70:f5:48:70:fd:8a:7c:3f:9f:
a7:ea:f0:88:9a:fc:88:8e:39:db:86:a8:87:3b:ca:3c:1e:4e:
10:1a:bf:84:3d:74:68:dc:30:22:03:a5:dc:83:29:f1:c8:e9:
97:27:84:27:a9:83:52:03:8b:50:0f:08:ff:93:4a:6a:c9:b2:
72:c9:57:9c:00:98:86:de:ec:e3:ee:d9:50:6a:45:ce:31:9e:
cf:5e:7d:b2:9b:e8:17:0f:59:4a:3f:04:04:df:92:71:03:65:
09:4b:68:4d:49:f2:0f:2e:2a:a5:a5:43:55:db:f8:52:1b:d3:
e3:5b:5d:81:df:ae:b5:e3:c4:05:09:74:30:be:4a:fd:2a:08:
73:63:a3:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZtnCBd2U6xcWFI028GClwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDI1MTU0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhkNGVkYjFhZDM4NGMyMjExNGQ0MTgxMjdmYWUzNjY2OWEyODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFHgUtUjyY/srXP25whv2RSGrRis
AlBc8XlJly3peRZIvzc3QP/fbHVUArxP5RZzN5Q9lsHgYUAxRHIvKTHcWgC+mQ5e
KUXS5YGAL8UiGbF5QVbQtOeqX4M7Q4utViN9P7+JXbBkkrU8wSW9gW5k0l53Ckhj
1XfaMFLxFV8cuze9atM9D6a5XVDhVK48/pty2RgjhCkMlRCIBmMfXyotFYdYkDd+
VccrkuN+F5I2Zi7azdgSGCrnbPUiXjOGZQ9UY+OaqTLCbID+5Wp2XJYY1KvTGQOK
vT00YiRxdte1tm+jeBQanM3gvCv2QEl0YMgZb8Ln+klhCO0NjijoYh3i2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuNTtsa04TCIRTUGBJ/rjZmmihrMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNjQxTzJ4clRoTUloRk5RWUVuLXVObWFhS0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+UfMA0G
CSqGSIb3DQEBCwUAA4IBAQCZvtvxyPq8SxDiNYSL+GkHpmcYQlGQbI6Ihx33Z+kS
mEykHWwcRYefG/rurTLR3U9eGDhesdqbXjHP9964RvPqtBvz9oLTkO2zYY2ZX3rt
kgwMG8pMWmueOiOfPWiDqjQ01msWAsWi3E/+4CfEjT6iy0Ou1+Fw9Uhw/Yp8P5+n
6vCImvyIjjnbhqiHO8o8Hk4QGr+EPXRo3DAiA6XcgynxyOmXJ4QnqYNSA4tQDwj/
k0pqybJyyVecAJiG3uzj7tlQakXOMZ7PXn2ym+gXD1lKPwQE35JxA2UJS2hNSfIP
LiqlpUNV2/hSG9PjW12B366148QFCXQwvkr9KghzY6Ps
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:50:48 2025 by rpki-client