Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/rbSeSASECcncNxuFKyRNPRmXtLw.roa
File: rbSeSASECcncNxuFKyRNPRmXtLw.roa (raw, json)
Hash identifier: V0VyKowbbBt6aWBLywK25alFdk2BC/BQj7049DYGKqI=
Subject key identifier: AD:B4:9E:48:04:84:09:C9:DC:37:1B:85:2B:24:4D:3D:19:97:B4:BC
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019758C0298E277DA9EBF35ED0825E8B0C71
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/rbSeSASECcncNxuFKyRNPRmXtLw.roa
Signing time: Tue 10 Jun 2025 07:31:17 +0000
ROA not before: Tue 10 Jun 2025 07:31:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 79.172.250.0/23 maxlen: 23
87.229.12.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.48.0/24 maxlen: 24
87.229.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:c0:29:8e:27:7d:a9:eb:f3:5e:d0:82:5e:8b:0c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 10 07:31:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adb49e48048409c9dc371b852b244d3d1997b4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:f3:2a:8f:2a:a3:06:48:7f:c6:41:18:23:
1a:37:67:ea:dd:62:dc:98:40:c0:c2:5e:3c:06:c9:
c8:cd:97:ab:ba:df:12:d1:f9:dd:bc:48:c7:32:b6:
56:f0:8b:a2:ae:23:a1:cd:79:7c:7a:6a:fb:11:10:
45:84:0f:d3:89:92:7c:71:e6:cc:34:07:a5:e4:0f:
35:8d:fd:28:18:cd:38:fa:50:4c:5b:84:d9:5f:95:
a4:cf:1a:ad:95:5b:54:e7:46:d2:df:5b:30:d2:fd:
6d:7c:b9:ec:ab:bd:50:2f:37:28:6b:42:48:fb:13:
ff:64:2e:0e:87:38:36:f1:35:dc:4e:1b:4c:26:03:
33:46:59:3a:00:82:d4:9e:86:00:bb:de:48:03:36:
87:34:a9:b4:44:97:eb:fc:b3:b9:71:91:ad:4f:12:
5b:de:80:34:b5:f3:ad:d6:85:d2:1f:90:64:24:4e:
a5:6f:ab:ab:e0:8d:ed:47:96:9c:af:f8:ba:6b:8d:
36:24:7a:2e:d1:e7:dc:73:62:c7:66:6a:93:62:ee:
65:72:3e:f5:a4:ea:da:ca:c2:31:bb:07:a8:2c:37:
f0:b0:18:48:a3:01:04:49:48:69:44:3a:a1:c5:14:
0f:02:6b:dd:cb:ae:1b:db:c4:4f:7e:34:69:87:4a:
24:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B4:9E:48:04:84:09:C9:DC:37:1B:85:2B:24:4D:3D:19:97:B4:BC
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/rbSeSASECcncNxuFKyRNPRmXtLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.250.0/23
87.229.12.0/24
87.229.35.0/24
87.229.48.0/24
87.229.50.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:5c:27:56:8f:69:85:30:8b:b4:06:65:38:08:cc:10:54:c7:
4a:f5:6a:41:7a:bc:5d:0a:e0:75:fe:c3:b7:91:2f:67:d1:01:
e9:68:25:5a:99:d0:16:eb:e0:19:27:0c:24:98:9e:9e:46:82:
a8:de:14:54:28:fc:b4:5d:a4:9b:5f:e0:e8:a7:e5:8b:f6:8f:
e8:ae:c4:d3:93:98:59:6f:06:25:2e:93:66:df:8f:fe:ae:2c:
36:41:3b:57:5d:cd:90:e3:3e:fa:2a:a4:f4:7f:5d:3e:6f:01:
44:65:34:d7:eb:73:e0:7e:57:54:3d:4a:ac:40:38:f7:d6:65:
1d:75:4e:17:88:a1:c6:cd:73:80:f8:4c:3b:59:f0:85:cd:18:
56:8f:0b:d3:17:59:dd:72:11:42:f1:00:ad:67:31:30:09:89:
92:32:3f:f8:01:58:7b:e8:ae:dd:02:82:9e:be:38:c0:5d:41:
ab:af:c5:8f:3b:87:51:35:03:ce:b5:0a:c3:14:3f:0a:aa:ea:
80:df:d4:5f:fd:33:ed:c4:19:e8:89:67:6c:5a:a1:d2:99:16:
57:a0:f3:28:f0:f9:39:ed:8b:cf:04:a7:05:60:ea:c4:83:7d:
29:66:1d:f2:fb:6f:37:56:0a:05:fd:a6:43:d6:c8:71:4f:9c:
58:6f:97:8d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdYwCmOJ32p6/Ne0IJeiwxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjEwMDczMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGI0OWU0ODA0ODQwOWM5ZGMzNzFiODUyYjI0NGQzZDE5OTdiNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2fzKo8qowZIf8ZBGCMaN2fq3WLc
mEDAwl48BsnIzZerut8S0fndvEjHMrZW8IuiriOhzXl8emr7ERBFhA/TiZJ8cebM
NAel5A81jf0oGM04+lBMW4TZX5WkzxqtlVtU50bS31sw0v1tfLnsq71QLzcoa0JI
+xP/ZC4Ohzg28TXcThtMJgMzRlk6AILUnoYAu95IAzaHNKm0RJfr/LO5cZGtTxJb
3oA0tfOt1oXSH5BkJE6lb6ur4I3tR5acr/i6a402JHou0efcc2LHZmqTYu5lcj71
pOraysIxuweoLDfwsBhIowEESUhpRDqhxRQPAmvdy64b28RPfjRph0okGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK20nkgEhAnJ3DcbhSskTT0Zl7S8MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvcmJTZVNBU0VDY25jTnh1Rkt5Uk5QUm1YdEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBT6z6AwQA
V+UMAwQAV+UjAwQAV+UwAwQAV+UyMA0GCSqGSIb3DQEBCwUAA4IBAQCiXCdWj2mF
MIu0BmU4CMwQVMdK9WpBerxdCuB1/sO3kS9n0QHpaCVamdAW6+AZJwwkmJ6eRoKo
3hRUKPy0XaSbX+Dop+WL9o/orsTTk5hZbwYlLpNm34/+riw2QTtXXc2Q4z76KqT0
f10+bwFEZTTX63PgfldUPUqsQDj31mUddU4XiKHGzXOA+Ew7WfCFzRhWjwvTF1nd
chFC8QCtZzEwCYmSMj/4AVh76K7dAoKevjjAXUGrr8WPO4dRNQPOtQrDFD8KquqA
39Rf/TPtxBnoiWdsWqHSmRZXoPMo8Pk57YvPBKcFYOrEg30pZh3y+283VgoF/aZD
1shxT5xYb5eN
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:13:25 2025 by rpki-client