Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/IZaawvEL9ufXxBhEx6Rm4LQFHJA.roa
File: IZaawvEL9ufXxBhEx6Rm4LQFHJA.roa (raw, json)
Hash identifier: 5TsF6Yr1jfWHgHOHw8f1MLF7osh99wdmNuoVyInqJgM=
Subject key identifier: 21:96:9A:C2:F1:0B:F6:E7:D7:C4:18:44:C7:A4:66:E0:B4:05:1C:90
Certificate issuer: /CN=bd6497047f20d6f708d7db42557b698fbfb3d8fb
Certificate serial: 0199D302293BB74840B353CBE9C39BAE1617
Authority key identifier: BD:64:97:04:7F:20:D6:F7:08:D7:DB:42:55:7B:69:8F:BF:B3:D8:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/IZaawvEL9ufXxBhEx6Rm4LQFHJA.roa
Signing time: Sat 11 Oct 2025 11:22:37 +0000
ROA not before: Sat 11 Oct 2025 11:22:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41371
IP address blocks: 77.240.32.0/24 maxlen: 24
77.240.34.0/24 maxlen: 24
77.240.36.0/24 maxlen: 24
77.240.37.0/24 maxlen: 24
77.240.40.0/24 maxlen: 24
77.240.41.0/24 maxlen: 24
77.240.42.0/24 maxlen: 24
77.240.43.0/24 maxlen: 24
88.151.176.0/21 maxlen: 21
88.151.177.0/24 maxlen: 24
88.151.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d3:02:29:3b:b7:48:40:b3:53:cb:e9:c3:9b:ae:16:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6497047f20d6f708d7db42557b698fbfb3d8fb
Validity
Not Before: Oct 11 11:22:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21969ac2f10bf6e7d7c41844c7a466e0b4051c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:19:df:57:38:90:32:23:1d:0b:ee:85:20:23:
0e:b6:87:44:5b:0e:a2:f4:3c:2f:60:eb:ac:17:3c:
8b:f3:01:d9:85:ef:2d:8b:88:af:0b:64:c1:af:69:
ce:ef:3d:fc:70:7d:77:85:5d:c3:50:91:65:0e:15:
15:f7:7e:5d:98:e8:9c:df:6a:d5:70:88:9c:44:f5:
ea:40:4f:23:96:24:b2:64:77:ed:4a:82:f0:fc:51:
d5:ca:74:aa:52:e8:8b:74:88:ce:d5:6e:5b:f7:30:
13:45:09:6c:bf:b9:6b:7c:52:7c:c8:d7:43:11:cb:
e8:11:7f:a4:08:c3:69:97:bf:79:3e:b6:e0:d6:0a:
d4:93:42:ca:b8:ab:3b:53:f7:3d:97:55:71:58:6e:
53:14:0e:b2:c9:f3:ef:a9:9f:9a:ce:93:a5:91:39:
0c:f5:db:82:b4:1a:98:4a:0a:99:dc:d9:38:cb:6c:
02:d6:1a:0f:e1:a6:3a:6b:8d:68:f9:4f:09:4c:99:
e8:39:6f:0a:00:15:e8:d5:f3:cc:0b:2b:4d:22:8c:
23:6b:b0:bd:e9:74:53:25:f8:3f:5f:8e:5d:dd:0a:
e1:7a:6b:b8:e1:3a:cf:15:98:7d:4e:dd:f8:ad:e0:
72:1f:73:49:7e:60:09:08:bc:8c:c1:a6:c0:63:0e:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:96:9A:C2:F1:0B:F6:E7:D7:C4:18:44:C7:A4:66:E0:B4:05:1C:90
X509v3 Authority Key Identifier:
keyid:BD:64:97:04:7F:20:D6:F7:08:D7:DB:42:55:7B:69:8F:BF:B3:D8:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/IZaawvEL9ufXxBhEx6Rm4LQFHJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.32.0/24
77.240.34.0/24
77.240.36.0/23
77.240.40.0/22
88.151.176.0/21
Signature Algorithm: sha256WithRSAEncryption
47:43:e6:66:86:3a:8a:31:8a:5f:9a:d3:7e:5a:e6:db:89:19:
d9:df:69:b2:3b:20:b6:78:9c:7a:45:72:5a:2a:bc:bf:6b:c3:
b7:5d:5b:02:39:d3:62:c9:5e:23:71:20:74:15:a7:86:19:66:
28:70:ad:fe:24:63:52:c0:00:0c:69:b2:54:95:43:77:1f:77:
38:28:68:5f:37:46:89:fa:30:27:94:d6:93:aa:58:79:4c:7e:
eb:69:ee:cc:cb:f8:5a:df:da:45:26:53:2c:25:01:81:e0:4c:
bc:12:73:c2:75:11:c4:c2:79:c5:f1:18:7b:a6:79:87:99:2c:
94:bc:5b:a3:05:fe:79:4b:b2:7d:5e:73:f1:72:4e:82:96:8b:
94:d7:ae:9d:93:88:b8:4d:43:8a:ae:1f:3f:0a:87:e5:38:d6:
06:0b:af:41:e0:dc:68:6d:04:29:ac:69:ae:70:9f:ea:a3:3d:
64:9a:dc:ff:de:bf:75:ab:75:2e:18:e1:fe:fc:0c:50:72:3e:
a4:cf:07:af:9b:2e:cc:1f:80:f3:e4:fe:cf:51:84:a0:a4:cf:
5b:fb:65:e3:25:ea:ba:0b:6b:3d:2b:96:d9:47:e0:88:48:c2:
23:24:df:14:24:b1:2a:fc:5b:04:b3:c4:91:2a:b9:d0:fb:44:
5e:91:07:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnTAik7t0hAs1PL6cObrhYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjQ5NzA0N2YyMGQ2ZjcwOGQ3ZGI0MjU1N2I2OThmYmZi
M2Q4ZmIwHhcNMjUxMDExMTEyMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk2OWFjMmYxMGJmNmU3ZDdjNDE4NDRjN2E0NjZlMGI0MDUxYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohnfVziQMiMdC+6FICMOtodEWw6i
9DwvYOusFzyL8wHZhe8ti4ivC2TBr2nO7z38cH13hV3DUJFlDhUV935dmOic32rV
cIicRPXqQE8jliSyZHftSoLw/FHVynSqUuiLdIjO1W5b9zATRQlsv7lrfFJ8yNdD
EcvoEX+kCMNpl795Prbg1grUk0LKuKs7U/c9l1VxWG5TFA6yyfPvqZ+azpOlkTkM
9duCtBqYSgqZ3Nk4y2wC1hoP4aY6a41o+U8JTJnoOW8KABXo1fPMCytNIowja7C9
6XRTJfg/X45d3Qrhemu44TrPFZh9Tt34reByH3NJfmAJCLyMwabAYw4PLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCGWmsLxC/bn18QYRMekZuC0BRyQMB8GA1UdIwQY
MBaAFL1klwR/INb3CNfbQlV7aY+/s9j7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldTWEJIOGcxdmNJMTl0Q1ZYdHBqNy16MlBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC81ODMzZjMtMjQyMS00MWIwLWJlMmUt
ODJhMTA3YzRhN2UyLzEvSVphYXd2RUw5dWZYeEJoRXg2Um00TFFGSEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC81ODMzZjMtMjQyMS00MWIwLWJlMmUtODJhMTA3YzRhN2Uy
LzEvdldTWEJIOGcxdmNJMTl0Q1ZYdHBqNy16MlBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfAgAwQA
TfAiAwQBTfAkAwQCTfAoAwQDWJewMA0GCSqGSIb3DQEBCwUAA4IBAQBHQ+ZmhjqK
MYpfmtN+WubbiRnZ32myOyC2eJx6RXJaKry/a8O3XVsCOdNiyV4jcSB0FaeGGWYo
cK3+JGNSwAAMabJUlUN3H3c4KGhfN0aJ+jAnlNaTqlh5TH7rae7My/ha39pFJlMs
JQGB4Ey8EnPCdRHEwnnF8Rh7pnmHmSyUvFujBf55S7J9XnPxck6ClouU166dk4i4
TUOKrh8/CoflONYGC69B4NxobQQprGmucJ/qoz1kmtz/3r91q3UuGOH+/AxQcj6k
zwevmy7MH4Dz5P7PUYSgpM9b+2XjJeq6C2s9K5bZR+CISMIjJN8UJLEq/FsEs8SR
KrnQ+0RekQcJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:27:00 2025 by rpki-client