Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/sW1FbXnmMLs31PJCKJCZsxmeKF0.roa
File: sW1FbXnmMLs31PJCKJCZsxmeKF0.roa (raw, json)
Hash identifier: gPwTFuA8vjPg7PCIOrBM62Yfp57prUWNjPVJTmJKnuM=
Subject key identifier: B1:6D:45:6D:79:E6:30:BB:37:D4:F2:42:28:90:99:B3:19:9E:28:5D
Certificate issuer: /CN=d125fac4a5d95b41a072ebbf4f035d09b3aa59c7
Certificate serial: 019897CA74E24EED9104CD8FB882AC341FBA
Authority key identifier: D1:25:FA:C4:A5:D9:5B:41:A0:72:EB:BF:4F:03:5D:09:B3:AA:59:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/sW1FbXnmMLs31PJCKJCZsxmeKF0.roa
Signing time: Mon 11 Aug 2025 06:21:24 +0000
ROA not before: Mon 11 Aug 2025 06:21:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47549
IP address blocks: 93.159.200.0/24 maxlen: 24
93.159.201.0/24 maxlen: 24
93.159.202.0/24 maxlen: 24
93.159.205.0/24 maxlen: 24
93.159.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:ca:74:e2:4e:ed:91:04:cd:8f:b8:82:ac:34:1f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d125fac4a5d95b41a072ebbf4f035d09b3aa59c7
Validity
Not Before: Aug 11 06:21:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b16d456d79e630bb37d4f242289099b3199e285d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:69:ff:5d:19:46:32:95:1f:d4:c8:c1:8a:b5:
ec:f3:e9:d1:57:b6:55:a4:1a:74:9b:21:d1:68:77:
48:81:fb:3a:14:d1:29:dd:d8:a4:42:ba:bb:88:47:
95:cc:92:eb:12:9b:d0:aa:fc:fb:36:91:55:4c:03:
3a:1f:36:53:85:f8:8b:67:af:01:6c:31:f7:d5:af:
f9:c7:69:eb:93:f9:bb:df:d1:3c:f1:8d:52:ee:83:
1d:00:07:a8:28:c8:50:df:2f:7e:9c:29:76:15:52:
82:3a:e1:97:1c:7b:16:36:d6:40:20:8c:db:67:9e:
6f:ac:95:ab:bd:82:c3:b6:94:c1:de:15:95:dd:23:
26:9c:14:3d:83:bc:c8:9a:f4:d0:f3:e8:de:14:5e:
5b:a2:19:73:70:9d:7a:a6:b2:3a:58:89:48:24:39:
06:d4:14:8b:e3:6e:52:23:9d:d7:88:af:c0:86:0d:
ee:92:ce:ad:ee:05:d6:4b:54:00:f5:03:35:94:e5:
b7:b7:6e:7b:06:d9:e7:75:74:c2:22:0c:45:e6:8c:
eb:69:f3:4a:b0:c4:bf:bd:36:bd:36:66:e8:1c:b9:
54:c6:97:a3:03:0f:69:8d:66:4c:35:37:ad:42:82:
9a:84:b6:d1:30:be:70:b9:59:c8:6c:e8:28:f3:35:
d3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6D:45:6D:79:E6:30:BB:37:D4:F2:42:28:90:99:B3:19:9E:28:5D
X509v3 Authority Key Identifier:
keyid:D1:25:FA:C4:A5:D9:5B:41:A0:72:EB:BF:4F:03:5D:09:B3:AA:59:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/sW1FbXnmMLs31PJCKJCZsxmeKF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8cea1f-45e4-4201-bebc-0ded06e40a75/1/0SX6xKXZW0Ggcuu_TwNdCbOqWcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.159.200.0-93.159.202.255
93.159.205.0-93.159.206.255
Signature Algorithm: sha256WithRSAEncryption
ad:fa:b9:8d:a1:67:b1:7e:e3:9f:05:d8:c4:48:22:55:d9:d1:
64:50:f1:b4:6a:73:fc:71:15:b1:02:f9:92:d2:08:a3:7f:f9:
16:d6:7d:cb:cc:0f:63:81:6a:82:2b:ca:61:ac:4a:d1:fd:2f:
62:3a:89:be:ef:00:43:7f:56:2c:fd:3a:40:15:7d:e8:26:5c:
f2:1b:4c:93:de:7e:50:a6:ba:bb:15:64:81:d0:90:03:7b:b6:
ef:e3:54:98:30:0a:06:95:6e:c0:14:93:d7:cb:10:0f:2a:bf:
ea:c7:02:bf:03:a7:b6:cb:2b:44:90:1e:44:1d:94:88:c4:5c:
5f:9f:5b:51:a2:06:60:44:57:74:85:df:40:e6:fc:fc:8b:13:
dc:5b:ac:0b:19:a0:08:1b:ac:c3:35:e7:a6:4a:2e:43:74:40:
f2:ec:61:06:83:00:c4:ee:dc:af:74:97:06:37:e1:7f:2e:8b:
73:d9:e4:0e:bf:c1:10:80:6a:81:8c:5a:91:6b:6c:86:a5:aa:
76:c6:0c:2e:e9:b2:ef:78:15:4b:f8:01:a2:cc:12:dc:1a:e9:
fb:de:82:12:f1:49:eb:f0:a5:b6:8d:d4:db:d2:91:24:24:e8:
92:fb:f1:1e:cf:cb:b2:88:ec:42:0d:25:70:49:e5:04:f9:60:
18:3a:92:07
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZiXynTiTu2RBM2PuIKsNB+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMjVmYWM0YTVkOTViNDFhMDcyZWJiZjRmMDM1ZDA5YjNh
YTU5YzcwHhcNMjUwODExMDYyMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZkNDU2ZDc5ZTYzMGJiMzdkNGYyNDIyODkwOTliMzE5OWUyODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGn/XRlGMpUf1MjBirXs8+nRV7ZV
pBp0myHRaHdIgfs6FNEp3dikQrq7iEeVzJLrEpvQqvz7NpFVTAM6HzZThfiLZ68B
bDH31a/5x2nrk/m739E88Y1S7oMdAAeoKMhQ3y9+nCl2FVKCOuGXHHsWNtZAIIzb
Z55vrJWrvYLDtpTB3hWV3SMmnBQ9g7zImvTQ8+jeFF5bohlzcJ16prI6WIlIJDkG
1BSL425SI53XiK/Ahg3uks6t7gXWS1QA9QM1lOW3t257BtnndXTCIgxF5ozrafNK
sMS/vTa9NmboHLlUxpejAw9pjWZMNTetQoKahLbRML5wuVnIbOgo8zXTsQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLFtRW155jC7N9TyQiiQmbMZnihdMB8GA1UdIwQY
MBaAFNEl+sSl2VtBoHLrv08DXQmzqlnHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFNYNnhLWFpXMEdnY3V1X1R3TmRDYk9xV2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84Y2VhMWYtNDVlNC00MjAxLWJlYmMt
MGRlZDA2ZTQwYTc1LzEvc1cxRmJYbm1NTHMzMVBKQ0tKQ1pzeG1lS0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS84Y2VhMWYtNDVlNC00MjAxLWJlYmMtMGRlZDA2ZTQwYTc1
LzEvMFNYNnhLWFpXMEdnY3V1X1R3TmRDYk9xV2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANdn8gD
BABdn8owDAMEAF2fzQMEAF2fzjANBgkqhkiG9w0BAQsFAAOCAQEArfq5jaFnsX7j
nwXYxEgiVdnRZFDxtGpz/HEVsQL5ktIIo3/5FtZ9y8wPY4FqgivKYaxK0f0vYjqJ
vu8AQ39WLP06QBV96CZc8htMk95+UKa6uxVkgdCQA3u27+NUmDAKBpVuwBST18sQ
Dyq/6scCvwOntssrRJAeRB2UiMRcX59bUaIGYERXdIXfQOb8/IsT3FusCxmgCBus
wzXnpkouQ3RA8uxhBoMAxO7cr3SXBjfhfy6Lc9nkDr/BEIBqgYxakWtshqWqdsYM
Lumy73gVS/gBoswS3Brp+96CEvFJ6/Clto3U29KRJCTokvvxHs/LsojsQg0lcEnl
BPlgGDqSBw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 11:32:42 2025 by rpki-client