Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/cVvRDlFeixczJTqCXcYlQV8jbs4.roa
File: cVvRDlFeixczJTqCXcYlQV8jbs4.roa (raw, json)
Hash identifier: HdjTlGqisKFCHucis0QwNwMDwyNde7NA3CJ0MQRIDug=
Subject key identifier: 71:5B:D1:0E:51:5E:8B:17:33:25:3A:82:5D:C6:25:41:5F:23:6E:CE
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 019777E57D1C227AEDAD5828DF868FB85DC0
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/cVvRDlFeixczJTqCXcYlQV8jbs4.roa
Signing time: Mon 16 Jun 2025 08:40:17 +0000
ROA not before: Mon 16 Jun 2025 08:40:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 5.224.0.0/15 maxlen: 15
31.4.0.0/16 maxlen: 24
37.222.0.0/15 maxlen: 24
46.24.0.0/14 maxlen: 14
46.25.0.0/21 maxlen: 21
46.25.60.0/22 maxlen: 22
46.136.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 24
77.208.0.0/14 maxlen: 24
77.224.0.0/13 maxlen: 13
87.124.192.0/18 maxlen: 18
87.125.0.0/16 maxlen: 24
87.235.0.0/16 maxlen: 16
89.6.0.0/15 maxlen: 15
93.113.16.0/21 maxlen: 21
94.248.64.0/18 maxlen: 18
95.60.0.0/14 maxlen: 14
95.60.32.0/21 maxlen: 21
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
178.57.128.0/18 maxlen: 18
178.139.0.0/16 maxlen: 22
188.84.0.0/14 maxlen: 14
188.86.112.0/22 maxlen: 22
188.211.228.0/22 maxlen: 22
193.125.0.0/16 maxlen: 16
194.220.0.0/16 maxlen: 16
212.73.32.0/19 maxlen: 24
212.145.0.0/16 maxlen: 16
212.166.128.0/17 maxlen: 23
217.130.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:e5:7d:1c:22:7a:ed:ad:58:28:df:86:8f:b8:5d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jun 16 08:40:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=715bd10e515e8b1733253a825dc625415f236ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c3:f8:d9:c0:f4:7e:0a:65:20:57:8c:b9:fd:
65:38:a8:5a:48:95:17:28:91:d7:52:3e:39:41:76:
ab:bf:22:cb:d5:16:57:6f:a3:81:35:f9:72:c7:6f:
b8:e5:71:cd:1b:22:1d:5c:16:15:67:5b:dd:33:51:
e9:8c:9e:7b:3e:83:ce:7c:9c:1f:63:60:15:eb:02:
e1:26:85:ce:7c:fc:85:96:7b:8c:11:0b:6f:a6:cf:
1a:69:25:59:36:2f:05:f2:3c:f4:7c:66:73:2c:fe:
24:86:76:b9:b6:d8:6f:68:53:94:2b:7c:3a:3a:b5:
d8:53:2e:ec:15:ad:68:ac:d1:7e:34:ea:5c:5e:ba:
ef:f9:3a:3f:2f:55:7e:a2:5d:a7:e3:92:ef:86:22:
0d:d9:e6:03:3a:15:18:89:a6:0f:f3:6f:ee:cd:d9:
c9:24:80:7f:db:0e:18:d7:1f:0e:cc:ab:80:57:ed:
0a:06:61:bd:93:87:ea:1d:70:83:88:1f:ae:6e:73:
5f:ac:b4:63:be:f3:89:41:58:7d:43:9b:66:61:8b:
94:a5:90:b3:11:2f:71:8f:ae:a0:9e:e1:c7:90:cd:
64:6c:cc:3e:7a:b9:cc:ee:9e:b4:16:25:65:44:f9:
82:27:d9:f1:4a:f6:36:9f:c0:4b:c6:53:9e:0a:e8:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5B:D1:0E:51:5E:8B:17:33:25:3A:82:5D:C6:25:41:5F:23:6E:CE
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/cVvRDlFeixczJTqCXcYlQV8jbs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:b0:ad:3a:08:99:10:ff:05:18:e1:50:1e:e7:e6:9e:0d:00:
5f:cf:cc:b9:77:4d:11:d0:0e:f8:7d:3d:b6:34:c2:7b:f1:66:
15:0a:27:73:c7:ba:b4:b8:f2:ee:0d:fa:77:f0:39:ed:a5:ed:
90:f7:52:8d:aa:32:13:38:6f:6e:b2:f8:4d:ba:39:7d:79:d2:
e0:84:91:21:ec:eb:b3:64:29:d9:d8:c1:46:fb:27:1d:55:db:
a9:df:e8:c4:fa:6f:4f:b1:90:c1:0b:b3:28:d1:3b:88:9a:c9:
d5:e0:55:be:4c:69:70:ff:c4:f5:64:c7:83:54:89:d0:c6:07:
8d:ff:74:8f:9c:62:9d:b1:aa:2c:97:29:e1:8d:ca:7e:f6:be:
33:69:fa:91:ce:f4:4d:00:4e:08:ac:d9:5c:a2:8b:45:51:11:
97:68:55:93:25:c0:16:9f:79:8b:6f:e1:f3:38:87:bf:04:cc:
00:e0:cb:66:5c:94:88:fe:75:5a:8e:7f:28:8c:99:05:cf:bc:
a1:08:cf:6a:88:2b:9d:c2:af:4a:ee:02:41:e9:9b:0d:ed:75:
7a:9c:9e:f9:af:9f:ea:fe:56:14:51:c1:df:3a:a3:75:8b:6c:
ec:a7:fa:f9:8c:35:35:d0:22:58:a9:2b:d3:7d:40:98:c0:e9:
98:bf:25:0b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZd35X0cInrtrVgo34aPuF3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjUwNjE2MDg0MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTViZDEwZTUxNWU4YjE3MzMyNTNhODI1ZGM2MjU0MTVmMjM2ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncP42cD0fgplIFeMuf1lOKhaSJUX
KJHXUj45QXarvyLL1RZXb6OBNflyx2+45XHNGyIdXBYVZ1vdM1HpjJ57PoPOfJwf
Y2AV6wLhJoXOfPyFlnuMEQtvps8aaSVZNi8F8jz0fGZzLP4khna5tthvaFOUK3w6
OrXYUy7sFa1orNF+NOpcXrrv+To/L1V+ol2n45LvhiIN2eYDOhUYiaYP82/uzdnJ
JIB/2w4Y1x8OzKuAV+0KBmG9k4fqHXCDiB+ubnNfrLRjvvOJQVh9Q5tmYYuUpZCz
ES9xj66gnuHHkM1kbMw+ernM7p60FiVlRPmCJ9nxSvY2n8BLxlOeCuiZgQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFHFb0Q5RXosXMyU6gl3GJUFfI27OMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvY1Z2UkRsRmVpeGN6SlRxQ1hjWWxRVjhqYnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBmAQCAAEwgZEDAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IAwQHPlcAAwMCTdADAwNN4DALAwQGV3zAAwMB
V3wDAwBX6wMDAVkGAwQDXXEQAwQGXvhAAwMCXzwDAwCUOAMDAJ+TAwQGsjmAAwMA
sosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQMEB9SmgAMDANmCMA0G
CSqGSIb3DQEBCwUAA4IBAQAusK06CJkQ/wUY4VAe5+aeDQBfz8y5d00R0A74fT22
NMJ78WYVCidzx7q0uPLuDfp38Dntpe2Q91KNqjITOG9usvhNujl9edLghJEh7Ouz
ZCnZ2MFG+ycdVdup3+jE+m9PsZDBC7Mo0TuImsnV4FW+TGlw/8T1ZMeDVInQxgeN
/3SPnGKdsaoslynhjcp+9r4zafqRzvRNAE4IrNlcootFURGXaFWTJcAWn3mLb+Hz
OIe/BMwA4MtmXJSI/nVajn8ojJkFz7yhCM9qiCudwq9K7gJB6ZsN7XV6nJ75r5/q
/lYUUcHfOqN1i2zsp/r5jDU10CJYqSvTfUCYwOmYvyUL
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:39:42 2025 by rpki-client