Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/e9Q7nqELcXh9z5GxTS2HgswbvNY.roa
File: e9Q7nqELcXh9z5GxTS2HgswbvNY.roa (raw, json)
Hash identifier: W3gFNoBMYCC84DrQ/3WRMBqrsKJtoro560CT0+o0FeU=
Subject key identifier: 7B:D4:3B:9E:A1:0B:71:78:7D:CF:91:B1:4D:2D:87:82:CC:1B:BC:D6
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 019786D9160124121741DB90C01C61CFE369
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/e9Q7nqELcXh9z5GxTS2HgswbvNY.roa
Signing time: Thu 19 Jun 2025 06:21:03 +0000
ROA not before: Thu 19 Jun 2025 06:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
89.150.32.0/24 maxlen: 24
89.150.37.0/24 maxlen: 24
89.150.39.0/24 maxlen: 24
89.150.42.0/24 maxlen: 24
94.101.124.0/22 maxlen: 22
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.195.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.224.94.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.226.228.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 15:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:86:d9:16:01:24:12:17:41:db:90:c0:1c:61:cf:e3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jun 19 06:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bd43b9ea10b71787dcf91b14d2d8782cc1bbcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:a1:ac:dd:aa:4f:3f:b3:66:08:15:8a:4c:
f8:a2:55:36:5c:24:01:93:3f:55:c1:67:12:54:6a:
63:00:dd:37:4c:c1:f3:10:3d:12:f2:06:55:c5:69:
26:ac:15:cf:3c:d6:16:2d:55:ab:bd:66:3a:8d:1a:
c6:db:21:ed:5c:5c:28:ca:78:16:32:d3:e9:62:02:
97:0c:7d:5e:f8:0b:6b:46:70:7d:7b:89:3b:f1:a8:
b1:bb:37:39:a9:05:c1:98:93:ed:92:f6:e3:a1:32:
a3:94:38:8b:b3:58:30:3d:b1:e3:86:de:aa:5a:96:
8a:15:cf:af:b6:b5:e2:c2:5a:6e:16:e7:82:d4:48:
58:a9:64:83:90:30:2a:6d:87:d2:40:a0:0d:3b:1e:
a8:83:59:f1:03:6d:c3:7f:c3:d7:94:54:fa:f5:e1:
03:83:a8:f9:48:ea:77:35:7a:46:9a:94:12:1f:22:
c4:a9:4b:35:1b:19:9b:4e:1b:97:cc:fa:d2:c8:43:
ed:67:b5:0b:4e:e9:7c:f2:95:d2:4e:ad:1c:f3:40:
2f:48:04:68:92:cf:6c:fb:76:c2:23:83:76:43:b2:
81:de:8d:b0:e9:2a:b5:e8:95:ce:e5:b2:b6:a2:ca:
22:8b:cc:4a:05:4a:e8:6c:89:52:4f:f1:f2:95:2a:
76:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D4:3B:9E:A1:0B:71:78:7D:CF:91:B1:4D:2D:87:82:CC:1B:BC:D6
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/e9Q7nqELcXh9z5GxTS2HgswbvNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
89.150.32.0/24
89.150.37.0/24
89.150.39.0/24
89.150.42.0/24
94.101.124.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.230.144.0/24
185.232.135.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
e3:f4:e2:c8:fa:75:d0:f9:18:83:9d:5e:89:a3:1f:c4:71:ec:
4d:07:7b:ea:94:65:99:9d:ef:33:0d:48:63:9c:13:aa:1d:64:
82:04:0c:18:c2:3e:ff:63:69:54:29:7f:7d:3e:c2:f8:1e:56:
84:ca:ed:24:c6:93:ff:fc:d7:5a:98:b7:46:73:ca:9b:be:ab:
63:5c:b9:96:a2:0c:b1:61:26:c1:9b:19:4e:6b:d3:b7:90:2a:
1b:3d:f3:41:0e:4a:00:ce:af:38:15:52:58:99:c2:f7:69:66:
1a:d5:83:2b:98:6b:2b:91:88:ca:d7:71:56:f3:6d:cb:91:df:
3e:f1:01:3a:14:b7:be:d7:5d:ee:3d:b5:4e:0c:f6:a5:b0:c5:
6d:b8:a7:e0:81:82:d1:dd:99:e9:f5:48:a6:0e:49:f2:80:3b:
7b:da:03:4f:de:fe:bd:fc:9c:50:b3:aa:9d:97:f4:db:69:dc:
f7:4d:48:a3:8b:22:c9:75:f8:95:3b:3a:7e:b7:68:2e:40:1d:
24:ef:96:af:8a:bd:df:3a:1d:08:91:89:a8:d0:6f:f1:f5:bd:
a9:ac:ae:83:56:39:f5:28:33:1e:bb:b4:9b:c3:96:5f:a2:4c:
55:aa:f2:a1:02:6b:42:ec:cf:34:cf:84:2c:f6:7d:e2:1f:11:
12:ea:04:8d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZeG2RYBJBIXQduQwBxhz+NpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjUwNjE5MDYyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ0M2I5ZWExMGI3MTc4N2RjZjkxYjE0ZDJkODc4MmNjMWJiY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGahrN2qTz+zZggVikz4olU2XCQB
kz9VwWcSVGpjAN03TMHzED0S8gZVxWkmrBXPPNYWLVWrvWY6jRrG2yHtXFwoyngW
MtPpYgKXDH1e+AtrRnB9e4k78aixuzc5qQXBmJPtkvbjoTKjlDiLs1gwPbHjht6q
WpaKFc+vtrXiwlpuFueC1EhYqWSDkDAqbYfSQKANOx6og1nxA23Df8PXlFT69eED
g6j5SOp3NXpGmpQSHyLEqUs1GxmbThuXzPrSyEPtZ7ULTul88pXSTq0c80AvSARo
ks9s+3bCI4N2Q7KB3o2w6Sq16JXO5bK2osoii8xKBUrobIlST/HylSp2uwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFHvUO56hC3F4fc+RsU0th4LMG7zWMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvZTlRN25xRUxjWGg5ejVHeFRTMkhnc3didk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCBfz8
AwQAWZYgAwQAWZYlAwQAWZYnAwQAWZYqAwQCXmV8AwQDsHioMAwDBAC5SsEDBAK5
SsADBAC5whkDBAC53b8wDAMEALngXQMEBbngQAMEALni5AMEALnmkAMEALnohwME
ArnvBAMEAbzUIAMEAcHyvDANBAIAAjAHAwUDKglOQDANBgkqhkiG9w0BAQsFAAOC
AQEA4/TiyPp10PkYg51eiaMfxHHsTQd76pRlmZ3vMw1IY5wTqh1kggQMGMI+/2Np
VCl/fT7C+B5WhMrtJMaT//zXWpi3RnPKm76rY1y5lqIMsWEmwZsZTmvTt5AqGz3z
QQ5KAM6vOBVSWJnC92lmGtWDK5hrK5GIytdxVvNty5HfPvEBOhS3vtdd7j21Tgz2
pbDFbbin4IGC0d2Z6fVIpg5J8oA7e9oDT97+vfycULOqnZf022nc901Io4siyXX4
lTs6frdoLkAdJO+Wr4q93zodCJGJqNBv8fW9qayug1Y59SgzHru0m8OWX6JMVary
oQJrQuzPNM+ELPZ94h8REuoEjQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 22:26:52 2025 by rpki-client