Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/csVsVOJyNiX8ZBdrkB1Q1Y3Vh50.roa
File: csVsVOJyNiX8ZBdrkB1Q1Y3Vh50.roa (raw, json)
Hash identifier: WI/e8U0rzHFdNl/a0Rdvy6scdzkHY7t0thSHPZwHq5o=
Subject key identifier: 72:C5:6C:54:E2:72:36:25:FC:64:17:6B:90:1D:50:D5:8D:D5:87:9D
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 01977F8738B03B1508B2CBCE136AB02DE332
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/csVsVOJyNiX8ZBdrkB1Q1Y3Vh50.roa
Signing time: Tue 17 Jun 2025 20:14:17 +0000
ROA not before: Tue 17 Jun 2025 20:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/22 maxlen: 22
83.172.132.0/23 maxlen: 23
83.172.160.0/23 maxlen: 23
83.172.180.0/22 maxlen: 22
83.172.188.0/23 maxlen: 23
2a02:cec0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:87:38:b0:3b:15:08:b2:cb:ce:13:6a:b0:2d:e3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: Jun 17 20:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72c56c54e2723625fc64176b901d50d58dd5879d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f8:da:84:79:83:e9:ae:29:b4:43:2b:5b:3d:
45:91:ea:c3:fc:a9:6c:9c:16:9d:2a:ad:f9:58:75:
ac:6f:fb:c6:e5:d8:a4:36:a5:39:7a:c9:2a:55:b8:
e2:00:df:58:95:79:3e:f0:42:bf:ed:a4:6e:88:29:
dd:e6:ef:d2:3b:5f:7b:84:f7:df:fc:23:31:3d:04:
05:a1:46:d2:a3:3b:5e:62:7d:45:c6:e3:6d:3d:60:
b7:87:18:44:93:d1:be:5f:55:07:18:fb:58:7d:10:
90:3e:51:d9:56:01:48:ee:ad:a0:c2:94:aa:7f:68:
36:c3:ff:75:99:f4:53:a6:f7:2f:8b:7d:83:5d:39:
4a:44:2e:e7:c9:23:c2:b6:09:0d:e3:5b:07:11:4f:
47:ac:59:6e:2d:6a:d2:6f:2b:93:ce:b9:96:7b:68:
91:07:76:97:d8:ec:de:aa:7a:e6:a9:74:c2:80:f2:
84:1a:3d:a1:9b:5b:77:07:5f:e3:17:b4:18:88:69:
12:2e:43:1d:0d:ea:c5:5d:3d:1e:ac:fe:61:a3:65:
6d:ed:13:66:d0:dc:e7:9e:6d:96:b0:16:40:78:e4:
50:09:a1:ca:aa:67:41:2a:da:c7:cd:8e:83:98:14:
e8:48:fc:f0:37:c5:0d:89:cd:dd:91:b1:f6:19:e7:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C5:6C:54:E2:72:36:25:FC:64:17:6B:90:1D:50:D5:8D:D5:87:9D
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/csVsVOJyNiX8ZBdrkB1Q1Y3Vh50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0-83.172.133.255
83.172.160.0/23
83.172.180.0/22
83.172.188.0/23
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
8f:0d:90:03:c9:25:7c:9f:6d:ef:60:68:65:4f:d5:dd:d5:ac:
67:a8:54:e8:85:8a:33:3a:05:85:fa:09:34:49:48:4d:88:30:
a6:c1:f8:cf:91:4c:79:dd:81:26:e7:38:54:1c:14:93:b4:a5:
97:72:62:84:51:a9:6b:69:20:9b:59:27:f8:77:c6:50:11:88:
db:8c:9e:82:e3:3c:e2:55:92:74:4e:3b:d5:1a:f3:dc:a2:65:
63:5d:a5:fb:e6:06:e7:0a:50:54:e1:e3:d7:1e:83:ac:db:78:
fd:0d:13:13:6f:0b:f7:5a:af:5b:83:23:61:a9:51:c8:c5:d8:
fa:b0:a3:9e:4c:c0:b1:cc:bc:fd:fb:60:48:01:7d:cb:3e:33:
be:75:23:91:2d:22:cc:c5:fa:78:7d:d3:fb:85:2f:a3:00:ef:
80:e1:8c:30:89:b7:bf:fe:1f:b7:cc:1f:2a:0c:5c:b0:2c:0e:
e2:1d:80:77:41:89:d0:70:f6:d7:cf:0f:c5:94:de:d8:59:4a:
43:2a:1b:70:fd:02:d8:b7:f5:e5:6f:e3:74:9d:ad:3e:60:49:
85:c6:d6:53:47:3c:74:e1:42:6f:13:c6:b0:0b:7a:ad:0d:38:
71:5c:42:2d:5a:41:05:91:5d:f6:a8:b4:b3:10:e4:58:cf:79:
79:11:39:d7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZd/hziwOxUIssvOE2qwLeMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjUwNjE3MjAxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM1NmM1NGUyNzIzNjI1ZmM2NDE3NmI5MDFkNTBkNThkZDU4NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vjahHmD6a4ptEMrWz1FkerD/Kls
nBadKq35WHWsb/vG5dikNqU5eskqVbjiAN9YlXk+8EK/7aRuiCnd5u/SO197hPff
/CMxPQQFoUbSozteYn1FxuNtPWC3hxhEk9G+X1UHGPtYfRCQPlHZVgFI7q2gwpSq
f2g2w/91mfRTpvcvi32DXTlKRC7nySPCtgkN41sHEU9HrFluLWrSbyuTzrmWe2iR
B3aX2OzeqnrmqXTCgPKEGj2hm1t3B1/jF7QYiGkSLkMdDerFXT0erP5ho2Vt7RNm
0Nznnm2WsBZAeORQCaHKqmdBKtrHzY6DmBToSPzwN8UNic3dkbH2GecpgQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHLFbFTicjYl/GQXa5AdUNWN1YedMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvY3NWc1ZPSnlOaVg4WkJkcmtCMVExWTNWaDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAdTrIAD
BAFTrIQDBAFTrKADBAJTrLQDBAFTrLwwDQQCAAIwBwMFAioCzsAwDQYJKoZIhvcN
AQELBQADggEBAI8NkAPJJXyfbe9gaGVP1d3VrGeoVOiFijM6BYX6CTRJSE2IMKbB
+M+RTHndgSbnOFQcFJO0pZdyYoRRqWtpIJtZJ/h3xlARiNuMnoLjPOJVknROO9Ua
89yiZWNdpfvmBucKUFTh49ceg6zbeP0NExNvC/dar1uDI2GpUcjF2Pqwo55MwLHM
vP37YEgBfcs+M751I5EtIszF+nh90/uFL6MA74DhjDCJt7/+H7fMHyoMXLAsDuId
gHdBidBw9tfPD8WU3thZSkMqG3D9Ati39eVv43SdrT5gSYXG1lNHPHThQm8TxrAL
eq0NOHFcQi1aQQWRXfaotLMQ5FjPeXkROdc=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:43:32 2025 by rpki-client