Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/yJY2Oeq3toKxTdk7-X31riY01hg.roa
File: yJY2Oeq3toKxTdk7-X31riY01hg.roa (raw, json)
Hash identifier: 5uMPJikDIqqkTXkRRFHehwnU8XhjCZjiCcVLwMn6QX4=
Subject key identifier: C8:96:36:39:EA:B7:B6:82:B1:4D:D9:3B:F9:7D:F5:AE:26:34:D6:18
Certificate issuer: /CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Certificate serial: 0198D10BBDCC43CAE0E1C0DB190D3DBC1196
Authority key identifier: 1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/yJY2Oeq3toKxTdk7-X31riY01hg.roa
Signing time: Fri 22 Aug 2025 09:11:04 +0000
ROA not before: Fri 22 Aug 2025 09:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15493
IP address blocks: 77.242.96.0/20 maxlen: 20
77.242.96.0/24 maxlen: 24
77.242.111.0/24 maxlen: 24
80.91.16.0/20 maxlen: 20
178.236.208.0/20 maxlen: 20
178.236.211.0/24 maxlen: 24
178.236.212.0/24 maxlen: 24
178.236.214.0/24 maxlen: 24
178.236.215.0/24 maxlen: 24
178.236.221.0/24 maxlen: 24
178.236.222.0/24 maxlen: 24
185.11.4.0/23 maxlen: 23
185.11.6.0/23 maxlen: 23
217.116.48.0/20 maxlen: 20
217.116.51.0/24 maxlen: 24
217.116.52.0/24 maxlen: 24
217.116.55.0/24 maxlen: 24
217.116.57.0/24 maxlen: 24
217.116.59.0/24 maxlen: 24
2a02:dc00:1::/48 maxlen: 48
2a02:dc00:2::/48 maxlen: 48
2a02:dc00:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:0b:bd:cc:43:ca:e0:e1:c0:db:19:0d:3d:bc:11:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1c2357e70b97d03ed70c3d688ce507c6758d54
Validity
Not Before: Aug 22 09:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8963639eab7b682b14dd93bf97df5ae2634d618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:57:3a:78:1d:d4:8c:e5:06:f2:b5:eb:dc:62:
6c:e9:5f:c2:ea:6a:0e:6d:f7:91:ab:07:b6:0e:9f:
27:f4:05:f1:a8:e5:2b:c7:42:c8:ff:74:3c:1d:de:
ba:a7:11:ef:a7:ec:cb:92:db:d6:32:e8:fd:19:e8:
d2:b7:ac:45:9b:9a:cb:db:38:d1:d8:8c:0c:fa:b2:
12:8e:b9:73:3b:7a:77:e4:92:55:8d:38:2a:d1:8c:
6a:fb:d5:a4:2d:e1:35:01:8a:ee:a2:76:6a:ec:99:
54:61:54:09:1f:bf:b8:4a:a4:66:d7:56:75:6f:b8:
86:ae:86:a7:8f:a7:94:23:b0:10:cc:83:d2:96:92:
34:4f:22:5f:d7:98:59:6f:3b:3a:fe:82:93:e5:1e:
db:01:a0:d5:ca:4f:ce:0a:b7:9b:4c:a7:42:e8:a9:
82:8f:88:36:11:df:cb:2f:01:f2:5e:29:f1:93:01:
48:62:78:3d:62:e8:9d:92:48:5e:7d:63:b5:94:b9:
35:3f:e5:40:f4:88:4f:09:09:48:74:9c:f6:3d:7a:
da:ed:cc:7e:2f:b4:3d:d9:d8:87:97:34:f7:7d:4a:
d7:bb:bd:ca:5f:93:d5:11:4e:86:b4:e2:37:1d:87:
15:96:a2:37:6f:b3:a7:46:a7:85:ea:63:43:a4:28:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:96:36:39:EA:B7:B6:82:B1:4D:D9:3B:F9:7D:F5:AE:26:34:D6:18
X509v3 Authority Key Identifier:
keyid:1E:1C:23:57:E7:0B:97:D0:3E:D7:0C:3D:68:8C:E5:07:C6:75:8D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/yJY2Oeq3toKxTdk7-X31riY01hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/054867-14d4-4922-bf5f-6ddcfac970f7/1/HhwjV-cLl9A-1ww9aIzlB8Z1jVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.96.0/20
80.91.16.0/20
178.236.208.0/20
185.11.4.0/22
217.116.48.0/20
IPv6:
2a02:dc00:1::-2a02:dc00:2:ffff:ffff:ffff:ffff:ffff
2a02:dc00:100::/48
Signature Algorithm: sha256WithRSAEncryption
4a:09:76:2c:d9:f4:9b:81:c0:ae:eb:8c:14:83:a5:e5:ad:71:
2c:1c:d6:99:b7:31:d8:f0:5f:e3:01:15:81:f8:bf:f2:52:f3:
c2:ae:52:cb:f3:19:03:fe:2b:68:c7:bd:04:ea:3e:d2:41:c4:
c2:66:2b:58:99:f4:10:23:88:58:82:46:9b:cf:01:89:9d:bc:
f5:03:b7:21:f5:6d:a8:26:60:2b:9b:05:cc:e4:ba:43:07:46:
97:08:f5:67:7d:80:6f:c6:20:bb:e1:3a:50:b9:64:0e:65:41:
91:9f:86:1e:ad:89:ae:98:5d:03:a1:b5:3c:65:53:eb:40:ad:
49:4b:44:3c:1b:13:af:4a:0c:87:7e:d5:5d:7e:4f:e5:9d:5b:
38:67:30:65:ea:f1:af:af:43:5d:69:5d:d8:0c:74:26:2e:ee:
59:eb:fe:ed:64:ee:4b:64:fe:b0:6f:60:10:59:fd:52:76:d2:
a7:d8:0e:dc:66:05:dd:57:53:77:97:24:17:e1:30:2e:98:d5:
a4:87:ca:6a:18:a1:f8:02:ae:7a:d3:3f:37:5f:4f:e7:04:a6:
a0:13:60:8d:34:ba:11:ed:08:ba:37:ea:f3:e3:32:46:49:1f:
3b:8e:e3:10:6e:3d:8c:e4:93:c5:96:0b:08:10:5d:ec:b2:a6:
5b:be:33:7e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZjRC73MQ8rg4cDbGQ09vBGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMWMyMzU3ZTcwYjk3ZDAzZWQ3MGMzZDY4OGNlNTA3YzY3
NThkNTQwHhcNMjUwODIyMDkxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk2MzYzOWVhYjdiNjgyYjE0ZGQ5M2JmOTdkZjVhZTI2MzRkNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Fc6eB3UjOUG8rXr3GJs6V/C6moO
bfeRqwe2Dp8n9AXxqOUrx0LI/3Q8Hd66pxHvp+zLktvWMuj9GejSt6xFm5rL2zjR
2IwM+rISjrlzO3p35JJVjTgq0Yxq+9WkLeE1AYruonZq7JlUYVQJH7+4SqRm11Z1
b7iGroanj6eUI7AQzIPSlpI0TyJf15hZbzs6/oKT5R7bAaDVyk/OCrebTKdC6KmC
j4g2Ed/LLwHyXinxkwFIYng9YuidkkhefWO1lLk1P+VA9IhPCQlIdJz2PXra7cx+
L7Q92diHlzT3fUrXu73KX5PVEU6GtOI3HYcVlqI3b7OnRqeF6mNDpCi3jwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFMiWNjnqt7aCsU3ZO/l99a4mNNYYMB8GA1UdIwQY
MBaAFB4cI1fnC5fQPtcMPWiM5QfGdY1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYt
NmRkY2ZhYzk3MGY3LzEveUpZMk9lcTN0b0t4VGRrNy1YMzFyaVkwMWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTQ4NjctMTRkNC00OTIyLWJmNWYtNmRkY2ZhYzk3MGY3
LzEvSGh3alYtY0xsOUEtMXd3OWFJemxCOFoxalZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAkBAIAATAeAwQETfJgAwQE
UFsQAwQEsuzQAwQCuQsEAwQE2XQwMCMEAgACMB0wEgMHACoC3AAAAQMHACoC3AAA
AgMHACoC3AABADANBgkqhkiG9w0BAQsFAAOCAQEASgl2LNn0m4HAruuMFIOl5a1x
LBzWmbcx2PBf4wEVgfi/8lLzwq5Sy/MZA/4raMe9BOo+0kHEwmYrWJn0ECOIWIJG
m88BiZ289QO3IfVtqCZgK5sFzOS6QwdGlwj1Z32Ab8Ygu+E6ULlkDmVBkZ+GHq2J
rphdA6G1PGVT60CtSUtEPBsTr0oMh37VXX5P5Z1bOGcwZerxr69DXWld2Ax0Ji7u
Wev+7WTuS2T+sG9gEFn9UnbSp9gO3GYF3VdTd5ckF+EwLpjVpIfKahih+AKuetM/
N19P5wSmoBNgjTS6Ee0Iujfq8+MyRkkfO47jEG49jOSTxZYLCBBd7LKmW74zfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:52:35 2025 by rpki-client