Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpD-E8XYXFSv3ybr0yadTiLauhU.roa
File: DpD-E8XYXFSv3ybr0yadTiLauhU.roa (raw, json)
Hash identifier: tLMf7/iOTQ2c8oWIKXixfCJlelC7ZS8I4euWCkfjBzY=
Subject key identifier: 0E:90:FE:13:C5:D8:5C:54:AF:DF:26:EB:D3:26:9D:4E:22:DA:BA:15
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197A20D29167F805885B1CED06A4EE6AEE8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpD-E8XYXFSv3ybr0yadTiLauhU.roa
Signing time: Tue 24 Jun 2025 13:07:40 +0000
ROA not before: Tue 24 Jun 2025 13:07:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:0d:29:16:7f:80:58:85:b1:ce:d0:6a:4e:e6:ae:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 24 13:07:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e90fe13c5d85c54afdf26ebd3269d4e22daba15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:ff:97:d2:ee:f1:08:4f:a1:7a:15:a1:08:
98:37:09:d9:25:10:7e:14:d6:97:17:fe:5b:28:47:
47:7e:ae:17:fb:75:8f:20:85:32:1a:1c:2e:2e:28:
86:dd:86:d3:d3:f6:2f:e2:55:f3:3d:2b:7f:8c:33:
29:f2:c2:05:37:66:56:3a:7f:ac:a3:33:7e:4a:8e:
ce:c2:0b:07:44:f7:20:11:1f:4f:1c:f1:1e:04:0b:
60:ec:de:03:ff:55:bd:7b:86:3b:9b:8b:eb:b5:fb:
73:47:07:20:0b:ef:34:99:6e:f2:fe:58:c4:e2:14:
46:93:83:cf:09:68:0c:e2:00:0d:c5:7a:ef:f3:c1:
bc:df:ce:9a:57:94:5d:f7:7f:9b:e9:4b:92:9c:c8:
b2:87:ae:84:09:04:50:61:bb:35:c7:ab:d5:8e:e3:
e1:12:ac:7b:60:dd:ff:c3:cd:9c:6c:71:e5:05:5b:
8d:0b:91:b5:3a:c1:50:11:9a:3b:9c:a9:da:ea:7e:
43:f3:3e:5c:78:f5:46:8e:d1:b4:06:0b:c8:2c:57:
04:a7:f9:31:ba:f7:fa:fa:87:38:6a:a7:aa:2f:9a:
27:77:48:41:ce:2d:b4:69:ab:35:a0:9d:a1:f5:b7:
91:a0:4c:76:24:88:48:29:29:be:8b:89:75:0d:16:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:90:FE:13:C5:D8:5C:54:AF:DF:26:EB:D3:26:9D:4E:22:DA:BA:15
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DpD-E8XYXFSv3ybr0yadTiLauhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
37.139.128.0/24
45.88.66.0/24
45.128.234.0/23
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.108.0/24
87.120.196.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
109.206.240.0/24
109.206.243.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.186.0/23
193.47.61.0/24
193.148.56.0/23
Signature Algorithm: sha256WithRSAEncryption
44:3c:4f:4c:24:62:a5:9f:5c:db:39:1c:aa:63:f2:0f:91:a7:
10:02:88:30:9c:b0:f5:7d:3a:fe:ee:07:f7:7a:42:f7:ce:f2:
6f:78:91:75:cd:3e:c8:b2:76:1f:90:15:3e:71:1b:2c:f5:bd:
7d:d1:c5:ec:c5:52:d3:81:f8:eb:13:ba:da:b6:eb:46:c3:41:
ee:8e:c2:d2:1e:b1:1d:8f:39:9c:37:be:8c:dd:73:8e:b7:b4:
c8:f2:fe:08:ec:f0:a9:8c:2e:d5:61:7d:ca:d2:22:2e:2c:0d:
62:e8:60:ae:cc:8a:a3:74:a6:9b:4c:4c:2a:d4:6a:d9:38:39:
17:79:4f:a8:65:00:0a:dd:99:18:cf:a7:59:71:40:48:6e:30:
0a:95:84:78:5b:4a:26:d0:48:b8:0a:2e:31:c6:d5:37:36:68:
bb:38:02:05:03:df:63:a7:d7:3b:cc:bf:7b:39:59:ae:d5:53:
02:36:3a:c2:6d:c5:dc:5c:5c:ac:64:cf:47:72:9e:35:5d:54:
23:5e:c0:55:43:c5:6a:8b:8a:e1:a2:f1:19:d9:a6:48:23:be:
4e:17:9b:58:ae:d7:5b:97:ce:4b:52:0b:2b:6b:fa:73:37:b0:
14:f7:17:7d:d9:33:09:4b:25:bb:2a:c6:a6:7d:71:f9:e3:2d:
0c:2a:98:75
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZeiDSkWf4BYhbHO0GpO5q7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjI0MTMwNzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTkwZmUxM2M1ZDg1YzU0YWZkZjI2ZWJkMzI2OWQ0ZTIyZGFiYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmf/l9Lu8QhPoXoVoQiYNwnZJRB+
FNaXF/5bKEdHfq4X+3WPIIUyGhwuLiiG3YbT0/Yv4lXzPSt/jDMp8sIFN2ZWOn+s
ozN+So7OwgsHRPcgER9PHPEeBAtg7N4D/1W9e4Y7m4vrtftzRwcgC+80mW7y/ljE
4hRGk4PPCWgM4gANxXrv88G8386aV5Rd93+b6UuSnMiyh66ECQRQYbs1x6vVjuPh
Eqx7YN3/w82cbHHlBVuNC5G1OsFQEZo7nKna6n5D8z5cePVGjtG0BgvILFcEp/kx
uvf6+oc4aqeqL5ond0hBzi20aas1oJ2h9beRoEx2JIhIKSm+i4l1DRaySwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFA6Q/hPF2FxUr98m69MmnU4i2roVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRHBELUU4WFlYRlN2M3licjB5YWRUaUxhdWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIwDAME
AwX9OAMEAAX9OgMEACWLgAMEAC1YQgMEAS2A6gMEAFUfLAMEAFUfLgMEAFXQiAME
AFd4bAMEAFd4xAMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgMEAG3O8AMEAG3O8wME
AKsWHgMEAbnPDgMEALnaigMEALn23QMEALn8swMEAcEIugMEAMEvPQMEAcGUODAN
BgkqhkiG9w0BAQsFAAOCAQEARDxPTCRipZ9c2zkcqmPyD5GnEAKIMJyw9X06/u4H
93pC987yb3iRdc0+yLJ2H5AVPnEbLPW9fdHF7MVS04H46xO62rbrRsNB7o7C0h6x
HY85nDe+jN1zjre0yPL+COzwqYwu1WF9ytIiLiwNYuhgrsyKo3Smm0xMKtRq2Tg5
F3lPqGUACt2ZGM+nWXFASG4wCpWEeFtKJtBIuAouMcbVNzZouzgCBQPfY6fXO8y/
ezlZrtVTAjY6wm3F3FxcrGTPR3KeNV1UI17AVUPFaouK4aLxGdmmSCO+ThebWK7X
W5fOS1ILK2v6czewFPcXfdkzCUsluyrGpn1x+eMtDCqYdQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:02:35 2025 by rpki-client