Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/tUZHDdFwry8ADa4Cy4cgEjcwGpA.roa
File: tUZHDdFwry8ADa4Cy4cgEjcwGpA.roa (raw, json)
Hash identifier: khx6M/GES6UZBMxotwf4KeFJV0Wp8E9iWqwkSmvOz7Q=
Subject key identifier: B5:46:47:0D:D1:70:AF:2F:00:0D:AE:02:CB:87:20:12:37:30:1A:90
Certificate issuer: /CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Certificate serial: 01979A41A71A645AE7DD15D76CA0081E2E40
Authority key identifier: E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/tUZHDdFwry8ADa4Cy4cgEjcwGpA.roa
Signing time: Mon 23 Jun 2025 00:48:03 +0000
ROA not before: Mon 23 Jun 2025 00:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42742
IP address blocks: 78.157.224.0/19 maxlen: 19
78.157.253.0/24 maxlen: 24
78.157.254.0/23 maxlen: 23
185.211.164.0/22 maxlen: 22
188.191.0.0/20 maxlen: 20
188.191.2.0/24 maxlen: 24
188.191.3.0/24 maxlen: 24
188.191.4.0/24 maxlen: 24
188.191.5.0/24 maxlen: 24
188.191.6.0/24 maxlen: 24
188.191.7.0/24 maxlen: 24
188.191.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 15:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9a:41:a7:1a:64:5a:e7:dd:15:d7:6c:a0:08:1e:2e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Validity
Not Before: Jun 23 00:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b546470dd170af2f000dae02cb87201237301a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:98:0b:19:74:b2:41:f8:ee:a6:ba:75:9f:3e:
4d:a2:bf:0f:b6:50:93:2c:61:eb:ff:ea:55:7f:16:
50:ba:ae:b9:b6:1d:6d:7c:dd:55:0f:e0:75:79:dc:
83:4c:1e:8c:3c:54:32:7f:f4:51:75:f1:f8:08:83:
b5:3c:53:ad:24:82:76:b7:f4:43:28:da:bc:85:2c:
7a:86:bb:6b:d7:26:65:bc:d4:28:9c:05:a4:d5:0d:
8e:87:37:bc:1d:bf:fb:03:40:78:13:ae:6d:21:3a:
2f:e9:da:c0:58:49:32:6e:83:42:b7:2c:dc:47:4b:
48:e8:0c:48:0e:de:14:61:46:44:ee:6c:61:bb:69:
3a:99:5d:7b:e4:c6:85:f6:ea:f3:67:2e:48:62:26:
5b:88:de:cc:17:52:5e:cd:4c:56:f0:76:a0:10:f7:
72:7c:33:40:4c:8d:56:6c:27:3e:83:25:df:57:9d:
cc:a1:58:00:5c:43:84:79:ce:02:6b:c4:b0:18:59:
00:71:fe:8a:63:c5:a0:da:7a:f5:13:f8:2c:6c:ef:
55:b7:90:0c:8b:b0:b9:92:d5:8e:29:d1:63:e3:b4:
15:50:bd:52:f6:9b:b5:cd:53:ed:02:fb:13:cd:a8:
49:3e:0e:6e:ff:14:03:fb:7f:82:ce:e8:75:68:3d:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:46:47:0D:D1:70:AF:2F:00:0D:AE:02:CB:87:20:12:37:30:1A:90
X509v3 Authority Key Identifier:
keyid:E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/tUZHDdFwry8ADa4Cy4cgEjcwGpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.224.0/19
185.211.164.0/22
188.191.0.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:39:25:30:3c:40:0f:17:1c:ef:0a:54:57:fc:db:d1:4b:7e:
1b:81:34:aa:c8:3a:26:ba:a0:b2:49:48:d0:92:0f:6c:37:35:
53:47:2e:cf:fe:a1:cf:f2:67:26:d0:65:62:85:4b:75:32:98:
c6:2d:9f:13:62:82:21:96:21:9f:a0:f0:87:a4:c8:2a:a3:f3:
a2:68:25:95:68:22:0c:f6:95:e8:18:0e:cc:d9:a6:5a:a3:d9:
21:2d:f4:72:0f:78:be:38:b0:b4:b0:c4:d1:e8:0c:be:49:97:
3c:b9:a9:e4:00:42:b0:75:42:96:cc:9d:3f:68:5a:12:0e:66:
f7:f1:7c:1d:b3:6b:ce:e3:74:4b:cb:9f:b6:72:53:86:3c:59:
18:ae:d4:09:1d:34:8d:d4:a4:50:5a:2c:ac:fe:9f:f4:7b:dd:
9f:7f:1f:c3:74:f1:99:be:e3:de:42:5c:47:d6:fe:68:30:b1:
68:96:bc:fd:a7:1d:49:00:ed:01:78:62:e4:11:20:9b:93:2d:
de:b6:15:56:2d:2a:b0:50:1f:29:ab:03:c2:f3:8e:cf:f4:69:
d6:46:63:0d:88:2b:e5:6c:60:d1:49:84:29:78:32:f6:1d:68:
49:46:8f:00:a8:ea:06:46:d0:d5:c7:dd:86:5d:2f:0f:6f:05:
cc:c1:c7:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeaQacaZFrn3RXXbKAIHi5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Nzk2ZDhjMTlmMzJhMWNhZmJkNWI3OGY1Mjc2Y2U4ZGY5
OTVkMGEwHhcNMjUwNjIzMDA0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ2NDcwZGQxNzBhZjJmMDAwZGFlMDJjYjg3MjAxMjM3MzAxYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppgLGXSyQfjuprp1nz5Nor8PtlCT
LGHr/+pVfxZQuq65th1tfN1VD+B1edyDTB6MPFQyf/RRdfH4CIO1PFOtJIJ2t/RD
KNq8hSx6hrtr1yZlvNQonAWk1Q2Ohze8Hb/7A0B4E65tITov6drAWEkyboNCtyzc
R0tI6AxIDt4UYUZE7mxhu2k6mV175MaF9urzZy5IYiZbiN7MF1JezUxW8HagEPdy
fDNATI1WbCc+gyXfV53MoVgAXEOEec4Ca8SwGFkAcf6KY8Wg2nr1E/gsbO9Vt5AM
i7C5ktWOKdFj47QVUL1S9pu1zVPtAvsTzahJPg5u/xQD+3+Czuh1aD1SfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVGRw3RcK8vAA2uAsuHIBI3MBqQMB8GA1UdIwQY
MBaAFOd5bYwZ8yocr71bePUnbOjfmV0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDct
Mjg1N2U4YTIzNTU4LzEvdFVaSERkRndyeThBRGE0Q3k0Y2dFamN3R3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDctMjg1N2U4YTIzNTU4
LzEvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTp3gAwQC
udOkAwQEvL8AMA0GCSqGSIb3DQEBCwUAA4IBAQBbOSUwPEAPFxzvClRX/NvRS34b
gTSqyDomuqCySUjQkg9sNzVTRy7P/qHP8mcm0GVihUt1MpjGLZ8TYoIhliGfoPCH
pMgqo/OiaCWVaCIM9pXoGA7M2aZao9khLfRyD3i+OLC0sMTR6Ay+SZc8uankAEKw
dUKWzJ0/aFoSDmb38Xwds2vO43RLy5+2clOGPFkYrtQJHTSN1KRQWiys/p/0e92f
fx/DdPGZvuPeQlxH1v5oMLFolrz9px1JAO0BeGLkESCbky3ethVWLSqwUB8pqwPC
847P9GnWRmMNiCvlbGDRSYQpeDL2HWhJRo8AqOoGRtDVx92GXS8PbwXMwccI
-----END CERTIFICATE-----
Generated at Tue Jul 1 22:34:32 2025 by rpki-client