Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/epjcRDDR7fG54t-Eg9eWx-AHJdk.roa
File: epjcRDDR7fG54t-Eg9eWx-AHJdk.roa (raw, json)
Hash identifier: siY4PNMhlNtHYOac0jE/f3bheKw3083mfLpAaUBg+Fc=
Subject key identifier: 7A:98:DC:44:30:D1:ED:F1:B9:E2:DF:84:83:D7:96:C7:E0:07:25:D9
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019749F2CC57DA3AA37E9DB8367C67618729
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/epjcRDDR7fG54t-Eg9eWx-AHJdk.roa
Signing time: Sat 07 Jun 2025 10:32:18 +0000
ROA not before: Sat 07 Jun 2025 10:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 5.180.252.0/23 maxlen: 23
5.180.254.0/23 maxlen: 23
5.253.244.0/24 maxlen: 24
45.67.138.0/24 maxlen: 24
45.84.199.0/24 maxlen: 24
45.91.251.0/24 maxlen: 24
45.131.109.0/24 maxlen: 24
45.134.108.0/23 maxlen: 23
45.134.108.0/24 maxlen: 24
45.134.109.0/24 maxlen: 24
45.137.71.0/24 maxlen: 24
45.145.224.0/23 maxlen: 23
46.243.76.0/22 maxlen: 24
185.132.55.0/24 maxlen: 24
204.11.1.0/24 maxlen: 24
212.87.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 10:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:f2:cc:57:da:3a:a3:7e:9d:b8:36:7c:67:61:87:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jun 7 10:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a98dc4430d1edf1b9e2df8483d796c7e00725d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:cd:2f:c6:ae:10:07:72:f8:3d:e9:cd:f7:
53:02:c1:6b:d2:46:2e:09:00:30:64:3a:a9:d2:a3:
fc:58:9e:90:6b:c5:2c:1c:af:62:4b:ad:5e:f9:d6:
be:fc:41:6c:1d:c2:bb:b5:67:f8:62:48:51:bc:82:
53:90:22:e0:b8:24:a0:6a:b6:e2:cd:83:92:32:eb:
24:11:7d:41:c1:f9:bc:f6:f3:d6:4e:f2:25:d1:d7:
5a:dd:fd:6b:ab:bc:c9:82:44:b0:d5:bc:2d:bf:c3:
11:bf:df:d0:8f:33:ba:68:5c:87:07:9e:7b:fc:af:
1f:dc:93:c5:9e:f6:f7:4a:f6:21:09:08:c6:74:91:
ae:2e:72:cd:4c:47:f4:b0:7f:99:c3:81:67:cf:58:
3d:dc:8a:9b:db:27:7d:6a:79:98:7a:d9:5a:91:8d:
08:93:3d:55:d9:ee:49:1c:e8:2f:bb:10:f3:ff:eb:
cb:18:66:62:72:6f:2e:ce:68:2e:06:b6:de:d8:60:
7e:8f:c9:90:0a:5e:f1:d0:6b:a8:0c:19:61:00:2c:
f5:c7:fa:80:e3:60:09:29:f6:d4:fa:13:ad:8f:15:
64:06:3b:a5:d8:f5:c5:31:56:c1:23:99:2c:96:87:
ff:eb:74:62:e1:e0:5c:04:78:58:84:ad:ac:3f:56:
a0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:98:DC:44:30:D1:ED:F1:B9:E2:DF:84:83:D7:96:C7:E0:07:25:D9
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/epjcRDDR7fG54t-Eg9eWx-AHJdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.252.0/22
5.253.244.0/24
45.67.138.0/24
45.84.199.0/24
45.91.251.0/24
45.131.109.0/24
45.134.108.0/23
45.137.71.0/24
45.145.224.0/23
46.243.76.0/22
185.132.55.0/24
204.11.1.0/24
212.87.214.0/23
Signature Algorithm: sha256WithRSAEncryption
76:8a:57:c6:a3:ca:9e:5a:73:e7:c1:12:55:81:88:28:aa:63:
2c:36:ad:29:d3:b8:0d:26:3d:89:51:47:d8:3b:89:70:3e:15:
d5:57:04:c4:50:89:70:2b:3e:73:d0:9a:0a:6e:62:08:8c:5d:
e8:ba:ae:92:d8:07:88:a4:33:bb:cc:fd:4e:18:09:81:18:a2:
66:e2:1e:4e:7a:28:a4:98:f0:e7:30:e7:44:49:34:eb:22:e0:
4f:17:8d:4d:28:f2:ff:d7:cc:40:f9:f7:f7:97:46:71:52:04:
4f:de:f5:61:d5:ce:1e:55:5d:95:9a:55:4d:4a:2d:20:2e:a5:
58:2f:92:48:35:a6:72:b5:f7:3a:a3:90:c5:cb:60:e4:b0:a8:
f4:37:29:dd:28:43:30:f1:40:c8:8a:24:dd:3d:c8:8c:f7:b7:
eb:7b:d1:7f:60:16:89:bb:e2:91:78:48:4c:a5:11:6a:70:15:
40:07:b4:ac:c3:21:a9:54:25:f2:bb:1f:01:54:47:e4:0c:9e:
ba:db:81:f1:0f:19:d8:a4:6c:72:a3:2f:04:10:2b:48:79:cd:
ff:63:81:ff:16:a4:07:67:75:4a:63:c1:36:66:ff:a7:e0:bd:
dc:71:2b:12:f5:d4:63:e9:35:c0:54:af:0f:e8:bb:b8:81:eb:
be:fe:7a:6b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZdJ8sxX2jqjfp24NnxnYYcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNjA3MTAzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk4ZGM0NDMwZDFlZGYxYjllMmRmODQ4M2Q3OTZjN2UwMDcyNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoLNL8auEAdy+D3pzfdTAsFr0kYu
CQAwZDqp0qP8WJ6Qa8UsHK9iS61e+da+/EFsHcK7tWf4YkhRvIJTkCLguCSgarbi
zYOSMuskEX1Bwfm89vPWTvIl0dda3f1rq7zJgkSw1bwtv8MRv9/QjzO6aFyHB557
/K8f3JPFnvb3SvYhCQjGdJGuLnLNTEf0sH+Zw4Fnz1g93Iqb2yd9anmYetlakY0I
kz1V2e5JHOgvuxDz/+vLGGZicm8uzmguBrbe2GB+j8mQCl7x0GuoDBlhACz1x/qA
42AJKfbU+hOtjxVkBjul2PXFMVbBI5kslof/63Ri4eBcBHhYhK2sP1agtwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHqY3EQw0e3xueLfhIPXlsfgByXZMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZXBqY1JERFI3Zkc1NHQtRWc5ZVd4LUFISmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCBbT8AwQA
Bf30AwQALUOKAwQALVTHAwQALVv7AwQALYNtAwQBLYZsAwQALYlHAwQBLZHgAwQC
LvNMAwQAuYQ3AwQAzAsBAwQB1FfWMA0GCSqGSIb3DQEBCwUAA4IBAQB2ilfGo8qe
WnPnwRJVgYgoqmMsNq0p07gNJj2JUUfYO4lwPhXVVwTEUIlwKz5z0JoKbmIIjF3o
uq6S2AeIpDO7zP1OGAmBGKJm4h5OeiikmPDnMOdESTTrIuBPF41NKPL/18xA+ff3
l0ZxUgRP3vVh1c4eVV2VmlVNSi0gLqVYL5JINaZytfc6o5DFy2DksKj0NyndKEMw
8UDIiiTdPciM97fre9F/YBaJu+KReEhMpRFqcBVAB7SswyGpVCXyux8BVEfkDJ66
24HxDxnYpGxyoy8EECtIec3/Y4H/FqQHZ3VKY8E2Zv+n4L3ccSsS9dRj6TXAVK8P
6Lu4geu+/npr
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:24:14 2025 by rpki-client