Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/gXTQ_DqBbvWK4zOCraUhqqUl7Zk.roa
File: gXTQ_DqBbvWK4zOCraUhqqUl7Zk.roa (raw, json)
Hash identifier: qOt1Z426R0Ot2Dml4Qmnhu+irkAmbjEf1aZkvn7kIfc=
Subject key identifier: 81:74:D0:FC:3A:81:6E:F5:8A:E3:33:82:AD:A5:21:AA:A5:25:ED:99
Certificate issuer: /CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Certificate serial: 0198BDA994D80E9F0BCF583A240D9CA09D90
Authority key identifier: AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/gXTQ_DqBbvWK4zOCraUhqqUl7Zk.roa
Signing time: Mon 18 Aug 2025 14:51:04 +0000
ROA not before: Mon 18 Aug 2025 14:51:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28716
IP address blocks: 45.89.180.0/22 maxlen: 24
46.243.32.0/21 maxlen: 24
46.243.38.0/24 maxlen: 24
77.95.136.0/21 maxlen: 24
77.95.136.0/24 maxlen: 24
78.159.192.0/21 maxlen: 24
78.159.216.0/21 maxlen: 24
80.94.112.0/20 maxlen: 24
80.94.116.0/24 maxlen: 24
185.41.212.0/22 maxlen: 22
185.61.12.0/22 maxlen: 24
213.178.216.0/22 maxlen: 24
217.19.144.0/20 maxlen: 24
217.19.151.0/24 maxlen: 24
217.19.156.0/24 maxlen: 24
2001:1bd0::/29 maxlen: 48
2a01:5d20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:a9:94:d8:0e:9f:0b:cf:58:3a:24:0d:9c:a0:9d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7cc334f51d2b6eb4e27d6d56b9bce3e85560cc
Validity
Not Before: Aug 18 14:51:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8174d0fc3a816ef58ae33382ada521aaa525ed99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:61:df:b7:61:21:5d:93:8c:64:f7:c0:a0:18:
53:c0:17:ec:8c:ec:20:86:e1:88:5f:55:7b:68:a5:
08:bb:0d:ce:c0:e3:4d:59:81:68:e6:c0:f9:22:bf:
db:bc:97:e6:0f:2f:01:d2:68:0f:d2:17:65:b6:2f:
ba:f6:0a:5c:0c:ec:62:8e:39:62:cf:a2:14:3e:3a:
8b:1f:89:3e:85:b3:c3:ab:41:52:1e:a6:60:41:5b:
d2:d1:4f:38:fc:2a:7b:f7:4c:cc:87:a0:69:63:f3:
42:3d:0b:18:3a:5b:01:a3:e1:58:b2:63:a5:1a:d4:
7b:45:1a:5d:e4:f9:b2:6a:41:3f:a1:b9:20:09:39:
23:ed:a5:0a:d5:69:21:d4:51:4c:af:bd:fe:6c:46:
6a:0d:76:8f:85:31:d1:50:71:3e:7a:06:c1:7b:a3:
55:5e:81:45:9d:96:69:31:dc:22:49:b9:b9:71:de:
2f:d6:89:a7:a0:04:75:df:32:e0:c3:4b:17:80:11:
85:9a:9d:e1:9e:a4:e6:91:e9:40:cd:52:0d:ec:15:
52:2d:b2:a1:d4:22:f0:21:c7:94:1c:5c:a3:a3:fb:
f1:06:8a:09:e5:fd:9a:75:84:ee:b4:bf:5d:30:df:
8c:5d:e9:36:8d:95:bf:3e:82:4b:39:64:46:38:a8:
07:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:74:D0:FC:3A:81:6E:F5:8A:E3:33:82:AD:A5:21:AA:A5:25:ED:99
X509v3 Authority Key Identifier:
keyid:AC:7C:C3:34:F5:1D:2B:6E:B4:E2:7D:6D:56:B9:BC:E3:E8:55:60:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHzDNPUdK2604n1tVrm84-hVYMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/gXTQ_DqBbvWK4zOCraUhqqUl7Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dd55e8-febd-49d0-a5a7-1cf15b2ba7be/1/rHzDNPUdK2604n1tVrm84-hVYMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.180.0/22
46.243.32.0/21
77.95.136.0/21
78.159.192.0/21
78.159.216.0/21
80.94.112.0/20
185.41.212.0/22
185.61.12.0/22
213.178.216.0/22
217.19.144.0/20
IPv6:
2001:1bd0::/29
2a01:5d20::/29
Signature Algorithm: sha256WithRSAEncryption
31:aa:6f:68:1d:80:24:e6:db:73:ce:43:f7:7c:fc:55:17:8a:
21:38:05:f3:0f:6c:15:8c:0a:9c:6a:ce:ea:0f:21:1a:e2:97:
29:bc:d4:ee:e9:ba:75:08:60:7b:1b:c8:77:95:95:b7:c2:38:
92:69:c5:4e:ed:df:84:92:fc:1b:8c:06:92:7d:ce:41:f2:c5:
87:b0:38:4a:99:20:3e:c9:1c:ab:c0:dc:e0:ef:aa:b0:a3:6d:
3e:66:47:30:d8:2c:2d:e6:07:2a:10:d2:a2:80:d5:bc:8b:99:
ff:b2:4e:8c:b4:57:d7:4b:12:f0:a4:38:90:1e:8c:fe:63:1f:
54:58:1e:8e:04:85:bb:d1:bc:d2:b2:c6:b0:fc:0c:a8:58:5a:
39:6c:29:ac:90:62:e7:c7:97:2e:12:f0:1d:05:f4:f7:0b:d2:
25:4d:89:d2:ed:7e:e4:e8:1d:eb:40:5f:ab:b0:7c:41:e9:08:
05:f4:17:61:c1:48:de:1e:86:67:ab:f7:93:29:a4:d6:21:11:
f3:5e:c6:c0:16:82:6a:38:28:d6:fd:2d:f8:35:ba:d1:27:b9:
d5:22:d6:1e:bd:c6:67:d4:80:12:8d:c8:01:0c:d4:86:e5:c6:
de:18:cd:cf:6d:47:30:69:fd:79:2a:7d:35:d7:17:ec:3c:5f:
4b:23:63:45
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZi9qZTYDp8Lz1g6JA2coJ2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjN2NjMzM0ZjUxZDJiNmViNGUyN2Q2ZDU2YjliY2UzZTg1
NTYwY2MwHhcNMjUwODE4MTQ1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTc0ZDBmYzNhODE2ZWY1OGFlMzMzODJhZGE1MjFhYWE1MjVlZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GHft2EhXZOMZPfAoBhTwBfsjOwg
huGIX1V7aKUIuw3OwONNWYFo5sD5Ir/bvJfmDy8B0mgP0hdlti+69gpcDOxijjli
z6IUPjqLH4k+hbPDq0FSHqZgQVvS0U84/Cp790zMh6BpY/NCPQsYOlsBo+FYsmOl
GtR7RRpd5PmyakE/obkgCTkj7aUK1Wkh1FFMr73+bEZqDXaPhTHRUHE+egbBe6NV
XoFFnZZpMdwiSbm5cd4v1omnoAR13zLgw0sXgBGFmp3hnqTmkelAzVIN7BVSLbKh
1CLwIceUHFyjo/vxBooJ5f2adYTutL9dMN+MXek2jZW/PoJLOWRGOKgHqwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFIF00Pw6gW71iuMzgq2lIaqlJe2ZMB8GA1UdIwQY
MBaAFKx8wzT1HStutOJ9bVa5vOPoVWDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTct
MWNmMTViMmJhN2JlLzEvZ1hUUV9EcUJidldLNHpPQ3JhVWhxcVVsN1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kZDU1ZTgtZmViZC00OWQwLWE1YTctMWNmMTViMmJhN2Jl
LzEvckh6RE5QVWRLMjYwNG4xdFZybTg0LWhWWU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQCLVm0AwQD
LvMgAwQDTV+IAwQDTp/AAwQDTp/YAwQEUF5wAwQCuSnUAwQCuT0MAwQC1bLYAwQE
2ROQMBQEAgACMA4DBQMgARvQAwUDKgFdIDANBgkqhkiG9w0BAQsFAAOCAQEAMapv
aB2AJObbc85D93z8VReKITgF8w9sFYwKnGrO6g8hGuKXKbzU7um6dQhgexvId5WV
t8I4kmnFTu3fhJL8G4wGkn3OQfLFh7A4SpkgPskcq8Dc4O+qsKNtPmZHMNgsLeYH
KhDSooDVvIuZ/7JOjLRX10sS8KQ4kB6M/mMfVFgejgSFu9G80rLGsPwMqFhaOWwp
rJBi58eXLhLwHQX09wvSJU2J0u1+5Ogd60Bfq7B8QekIBfQXYcFI3h6GZ6v3kymk
1iER817GwBaCajgo1v0t+DW60Se51SLWHr3GZ9SAEo3IAQzUhuXG3hjNz21HMGn9
eSp9NdcX7DxfSyNjRQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:42:51 2025 by rpki-client