Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/DyNdjdFcqCQ2sA-pdcF248bja1U.roa
File: DyNdjdFcqCQ2sA-pdcF248bja1U.roa (raw, json)
Hash identifier: vOCav9C4XHthbuuvb7kPqUtD1NQZ4xhkp/BoWnGQisQ=
Subject key identifier: 0F:23:5D:8D:D1:5C:A8:24:36:B0:0F:A9:75:C1:76:E3:C6:E3:6B:55
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0198C299027C4EF10C11217A989433D1B0A8
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/DyNdjdFcqCQ2sA-pdcF248bja1U.roa
Signing time: Tue 19 Aug 2025 13:51:04 +0000
ROA not before: Tue 19 Aug 2025 13:51:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
149.255.168.0/21 maxlen: 24
185.46.200.0/22 maxlen: 24
185.66.204.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.209.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.152.8.0/22 maxlen: 24
185.161.132.0/22 maxlen: 24
192.175.40.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c2:99:02:7c:4e:f1:0c:11:21:7a:98:94:33:d1:b0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Aug 19 13:51:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f235d8dd15ca82436b00fa975c176e3c6e36b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d7:2a:21:c8:26:b2:20:ae:b9:1a:f5:63:70:
90:58:23:83:9e:18:33:c9:d4:d4:90:da:93:5e:75:
f6:ff:49:2f:1d:52:b9:4b:91:69:82:25:ac:e2:04:
98:44:81:8f:7b:71:a5:0d:32:ca:51:5f:f5:2a:8c:
99:7d:f2:6d:1e:fe:3c:c3:a9:a2:e1:d3:a3:68:df:
69:4c:58:47:5c:89:03:48:52:05:83:d1:6d:5c:17:
56:98:ed:bf:21:37:08:96:98:df:36:86:6d:e6:dd:
4f:50:1a:b1:fd:a8:72:e9:43:2e:76:2f:85:eb:08:
07:61:23:29:01:34:52:4d:46:1b:bd:6c:28:d7:34:
bf:b3:f3:33:9c:d8:ff:36:40:24:30:e4:20:56:81:
e3:9a:81:ee:ee:83:b8:00:ab:a0:fe:1b:e9:32:f4:
d5:64:18:7b:60:7b:f3:41:32:e9:d9:b7:f2:1c:6f:
eb:b9:88:7d:99:47:54:40:1d:4b:c6:3d:7e:e3:af:
10:38:35:d9:7b:9b:56:de:37:33:f8:32:d5:f5:1c:
69:33:0f:de:51:da:50:52:59:29:4b:c0:fa:f2:9a:
1b:11:a9:6f:9e:ef:7a:0c:97:67:64:b8:03:d3:20:
b5:5e:5f:b2:37:21:87:59:b4:b0:9f:a9:39:c9:b7:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:23:5D:8D:D1:5C:A8:24:36:B0:0F:A9:75:C1:76:E3:C6:E3:6B:55
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/DyNdjdFcqCQ2sA-pdcF248bja1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
149.255.168.0/21
185.46.200.0/22
185.66.204.0/22
185.149.208.0/22
185.152.8.0/22
185.161.132.0/22
192.175.40.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
60:25:2b:16:5f:12:60:ce:ee:28:cd:f3:74:77:5e:2f:c6:da:
a5:a7:d7:d9:7d:76:17:bd:af:59:50:c0:c9:c6:1b:52:e9:e7:
da:83:1b:d6:04:d0:b9:c0:17:ef:1e:7e:56:03:e0:81:bc:91:
06:c8:b8:e0:e2:d4:e3:a3:d7:3f:34:d1:21:02:a1:f7:51:b4:
86:05:fb:eb:86:f5:8e:d7:ce:22:d5:56:d6:5c:24:b9:60:39:
5b:35:a6:82:4b:a8:96:59:5a:2a:b6:dc:c3:41:44:f1:7d:1e:
e4:43:5a:0d:31:e0:a3:7c:2d:ae:4b:5d:3f:9a:fe:51:5a:5a:
14:ec:99:2f:68:4e:76:b4:8a:53:a4:8a:7d:49:5e:39:95:1e:
f8:40:22:cd:d7:12:3f:fe:0a:d4:4a:3b:73:a4:5f:8e:4e:a0:
f1:d3:1f:d2:40:6f:f4:38:c8:f1:63:ee:dd:73:1d:79:64:3c:
fc:44:46:c7:34:c4:3f:ef:46:d9:d2:46:38:df:3e:1e:89:5d:
3d:bc:43:f0:60:80:47:0f:a9:2d:46:f8:73:eb:fe:20:6b:3c:
85:44:40:1f:f2:96:ac:d0:31:87:6c:30:14:01:7e:80:e9:72:
98:2c:19:3a:71:aa:38:e1:b3:66:c0:1a:81:da:32:73:5d:ee:
54:6d:86:5f
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZjCmQJ8TvEMESF6mJQz0bCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwODE5MTM1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIzNWQ4ZGQxNWNhODI0MzZiMDBmYTk3NWMxNzZlM2M2ZTM2YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitcqIcgmsiCuuRr1Y3CQWCODnhgz
ydTUkNqTXnX2/0kvHVK5S5FpgiWs4gSYRIGPe3GlDTLKUV/1KoyZffJtHv48w6mi
4dOjaN9pTFhHXIkDSFIFg9FtXBdWmO2/ITcIlpjfNoZt5t1PUBqx/ahy6UMudi+F
6wgHYSMpATRSTUYbvWwo1zS/s/MznNj/NkAkMOQgVoHjmoHu7oO4AKug/hvpMvTV
ZBh7YHvzQTLp2bfyHG/ruYh9mUdUQB1Lxj1+468QODXZe5tW3jcz+DLV9RxpMw/e
UdpQUlkpS8D68pobEalvnu96DJdnZLgD0yC1Xl+yNyGHWbSwn6k5ybcdzQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFA8jXY3RXKgkNrAPqXXBduPG42tVMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvRHlOZGpkRmNxQ1Eyc0EtcGRjRjI0OGJqYTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQCW+s4AwQD
lf+oAwQCuS7IAwQCuULMAwQCuZXQAwQCuZgIAwQCuaGEAwQCwK8oAwQCwgB0MBsE
AgACMBUDBQMqBBhAAwUDKguGQAMFAyoPzUAwDQYJKoZIhvcNAQELBQADggEBAGAl
KxZfEmDO7ijN83R3Xi/G2qWn19l9dhe9r1lQwMnGG1Lp59qDG9YE0LnAF+8eflYD
4IG8kQbIuODi1OOj1z800SECofdRtIYF++uG9Y7XziLVVtZcJLlgOVs1poJLqJZZ
Wiq23MNBRPF9HuRDWg0x4KN8La5LXT+a/lFaWhTsmS9oTna0ilOkin1JXjmVHvhA
Is3XEj/+CtRKO3OkX45OoPHTH9JAb/Q4yPFj7t1zHXlkPPxERsc0xD/vRtnSRjjf
Ph6JXT28Q/BggEcPqS1G+HPr/iBrPIVEQB/ylqzQMYdsMBQBfoDpcpgsGTpxqjjh
s2bAGoHaMnNd7lRthl8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:01:51 2025 by rpki-client