Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/D79_joXGPOWpWr93YY0Y2guGopg.roa
File: D79_joXGPOWpWr93YY0Y2guGopg.roa (raw, json)
Hash identifier: 0cVbgcQor7L9mYV+oSvm/P1YAy/Mh97VSOZWkl7idYY=
Subject key identifier: 0F:BF:7F:8E:85:C6:3C:E5:A9:5A:BF:77:61:8D:18:DA:0B:86:A2:98
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 0197B134463E01855EE98A7D546AED6D6022
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/D79_joXGPOWpWr93YY0Y2guGopg.roa
Signing time: Fri 27 Jun 2025 11:44:42 +0000
ROA not before: Fri 27 Jun 2025 11:44:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58289
IP address blocks: 86.54.184.0/24 maxlen: 24
91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
109.175.215.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
212.108.87.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:34:46:3e:01:85:5e:e9:8a:7d:54:6a:ed:6d:60:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jun 27 11:44:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fbf7f8e85c63ce5a95abf77618d18da0b86a298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:9d:3f:ae:f0:8b:d5:58:6d:60:1d:55:fa:
7b:0b:c4:40:ed:18:70:a4:86:34:8f:e1:61:87:5b:
63:fd:92:36:c9:26:ac:f7:a8:d0:0a:cd:17:c7:6c:
0a:a5:6c:54:b3:43:63:c0:b6:d5:ee:03:7b:30:4b:
71:29:a4:2a:5a:61:4f:a3:d6:48:5d:48:64:af:de:
49:3b:e5:a5:bd:99:7a:8b:30:00:04:62:cb:7f:12:
a3:a9:ed:dd:e7:79:e8:84:32:8d:6b:b6:19:39:d9:
fe:64:f7:46:10:1c:d6:f6:58:99:a4:fb:10:51:1f:
42:27:3d:d2:36:90:4f:64:80:41:c0:93:b2:d6:2d:
9a:67:0b:c1:d6:4f:e3:c0:69:ce:cb:84:d7:73:57:
6c:5d:c5:04:cf:84:4d:3c:c0:38:6a:85:dc:81:f7:
59:87:b7:e2:ae:4c:40:f8:15:de:5f:a2:03:f3:99:
f9:b9:12:75:5f:60:42:a8:35:80:21:c9:1b:f1:b6:
4e:ed:5f:6e:3b:9b:94:3d:1d:e6:db:c9:e9:84:5f:
76:a3:6f:0c:eb:06:d7:da:40:19:3a:1a:25:b3:f5:
5e:78:70:93:6c:c1:c0:45:d2:ab:72:47:b7:07:43:
4f:60:fe:2f:cc:92:00:57:32:28:2f:da:86:21:8d:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BF:7F:8E:85:C6:3C:E5:A9:5A:BF:77:61:8D:18:DA:0B:86:A2:98
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/D79_joXGPOWpWr93YY0Y2guGopg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.184.0/24
91.147.111.0/24
92.240.243.0/24
109.175.215.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
212.108.87.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
3f:c2:82:b2:47:ba:57:ea:f7:50:f8:0e:58:d0:c5:fb:d4:38:
d7:b6:f2:b5:da:61:7f:a7:b6:98:09:f3:19:ac:0c:13:a3:5a:
e4:8a:7c:57:5b:c6:cd:42:b1:bf:14:2e:4b:11:0a:35:c3:9f:
d0:1b:bb:93:91:eb:58:b6:02:84:c2:a8:ed:58:03:03:7b:cc:
4f:8e:bb:11:c2:9c:0f:6c:25:ce:89:da:3c:9c:d4:9d:61:ac:
fd:14:0f:e7:8a:37:ab:56:40:f9:49:da:3e:21:54:7a:92:e4:
1e:3a:15:52:69:93:2d:11:58:b1:53:21:4d:0f:48:e8:09:29:
a8:7e:5a:f5:a1:e0:e0:62:97:e4:6c:59:34:73:68:3f:52:be:
43:92:cb:be:06:d9:85:e8:f4:c6:6e:f9:fd:b3:39:2d:63:84:
53:83:1f:b4:0d:26:1d:8f:ae:76:a2:6d:a4:5b:2d:ae:56:81:
1b:bb:5b:74:42:7d:e2:29:b8:dc:06:76:6a:6e:7d:bb:36:8f:
32:7d:bf:df:a7:47:8c:42:d7:d6:cb:b0:d5:b0:29:f4:57:36:
41:d6:43:7c:5c:1e:60:89:31:84:dd:f4:d1:5c:46:32:38:18:
f5:bc:e2:12:f3:ce:a3:85:74:02:b6:59:ef:c2:28:b4:f6:0c:
5f:ee:60:95
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZexNEY+AYVe6Yp9VGrtbWAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjUwNjI3MTE0NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJmN2Y4ZTg1YzYzY2U1YTk1YWJmNzc2MThkMThkYTBiODZhMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp+dP67wi9VYbWAdVfp7C8RA7Rhw
pIY0j+Fhh1tj/ZI2ySas96jQCs0Xx2wKpWxUs0NjwLbV7gN7MEtxKaQqWmFPo9ZI
XUhkr95JO+WlvZl6izAABGLLfxKjqe3d53nohDKNa7YZOdn+ZPdGEBzW9liZpPsQ
UR9CJz3SNpBPZIBBwJOy1i2aZwvB1k/jwGnOy4TXc1dsXcUEz4RNPMA4aoXcgfdZ
h7firkxA+BXeX6ID85n5uRJ1X2BCqDWAIckb8bZO7V9uO5uUPR3m28nphF92o28M
6wbX2kAZOhols/VeeHCTbMHARdKrcke3B0NPYP4vzJIAVzIoL9qGIY2BmwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA+/f46FxjzlqVq/d2GNGNoLhqKYMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvRDc5X2pvWEdQT1dwV3I5M1lZMFkyZ3VHb3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQAVja4AwQA
W5NvAwQAXPDzAwQAba/XAwQAuaLqAwQAwSv7AwQAwh+FAwQAwh+HAwQA1GxXMA8E
AgACMAkDBwAqDmYAAAAwDQYJKoZIhvcNAQELBQADggEBAD/CgrJHulfq91D4DljQ
xfvUONe28rXaYX+ntpgJ8xmsDBOjWuSKfFdbxs1Csb8ULksRCjXDn9Abu5OR61i2
AoTCqO1YAwN7zE+OuxHCnA9sJc6J2jyc1J1hrP0UD+eKN6tWQPlJ2j4hVHqS5B46
FVJpky0RWLFTIU0PSOgJKah+WvWh4OBil+RsWTRzaD9SvkOSy74G2YXo9MZu+f2z
OS1jhFODH7QNJh2PrnaibaRbLa5WgRu7W3RCfeIpuNwGdmpufbs2jzJ9v9+nR4xC
19bLsNWwKfRXNkHWQ3xcHmCJMYTd9NFcRjI4GPW84hLzzqOFdAK2We/CKLT2DF/u
YJU=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:18:29 2025 by rpki-client