Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/43DBoHyjiorpYt6dv-j4uRvTolk.roa
File: 43DBoHyjiorpYt6dv-j4uRvTolk.roa (raw, json)
Hash identifier: zlvrEcO2nIutlS94K9wDLAiUzBmW/xF4SzfRWP7kA9w=
Subject key identifier: E3:70:C1:A0:7C:A3:8A:8A:E9:62:DE:9D:BF:E8:F8:B9:1B:D3:A2:59
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0197B1C7AC710A8172E2A79AE8C6AEF34443
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/43DBoHyjiorpYt6dv-j4uRvTolk.roa
Signing time: Fri 27 Jun 2025 14:25:42 +0000
ROA not before: Fri 27 Jun 2025 14:25:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214996
IP address blocks: 152.53.31.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.52.0/22 maxlen: 22
152.53.68.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.164.0/22 maxlen: 22
152.53.168.0/22 maxlen: 22
152.53.192.0/20 maxlen: 32
152.53.208.0/20 maxlen: 22
152.53.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:c7:ac:71:0a:81:72:e2:a7:9a:e8:c6:ae:f3:44:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jun 27 14:25:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e370c1a07ca38a8ae962de9dbfe8f8b91bd3a259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3d:28:9e:08:20:73:9a:c6:99:9f:4e:69:96:
b5:01:50:40:d3:73:4e:23:97:a2:cb:e0:f3:1b:50:
46:1f:d6:f8:c3:2e:cb:b8:8e:89:a7:86:98:52:68:
8d:14:25:05:8a:b7:44:f3:3a:6d:3e:99:f0:49:cd:
f3:2a:ec:fa:dc:61:c8:22:e3:c4:36:66:43:d0:d8:
f6:c5:0b:c8:3c:ba:86:d6:50:6c:63:0a:e7:10:55:
d5:05:a5:0b:5f:f0:50:c9:ce:1e:81:04:90:cf:01:
32:9d:65:0c:d7:34:b2:9f:64:e7:23:37:51:c9:74:
0d:9c:9e:b1:e6:b0:c0:25:7d:dd:2f:6c:b9:32:d5:
0b:28:1d:14:28:b7:17:7a:8a:a8:ed:e2:73:eb:b1:
e4:37:c9:01:94:33:50:ae:db:2c:55:e2:9b:5a:cc:
da:30:03:26:e5:17:73:23:b6:53:0b:d4:92:74:a5:
e1:bf:b7:f8:b4:fa:33:0a:43:32:5b:53:eb:9f:d7:
a1:2e:82:fe:0d:3f:a0:08:51:3e:6b:de:56:d9:4e:
af:ca:71:36:06:b0:35:89:2d:e2:27:88:28:ec:c6:
68:44:24:a0:de:82:ab:79:3a:bf:77:55:51:f3:26:
13:31:dd:5b:ab:90:d8:ea:70:a4:d0:87:e4:b3:20:
34:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:70:C1:A0:7C:A3:8A:8A:E9:62:DE:9D:BF:E8:F8:B9:1B:D3:A2:59
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/43DBoHyjiorpYt6dv-j4uRvTolk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.31.0/24
152.53.36.0/22
152.53.52.0/22
152.53.68.0/24
152.53.80.0/22
152.53.88.0/22
152.53.164.0-152.53.171.255
152.53.192.0/19
152.53.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:72:39:99:dc:62:2b:f9:a3:bb:0c:8a:c8:5f:07:74:5c:0c:
d9:61:1e:13:6a:8a:93:2c:a1:27:b3:cc:9a:c3:c4:cc:64:92:
88:1a:1b:23:80:11:20:9d:70:30:4d:c2:7f:98:5e:5e:ac:5d:
28:0e:48:42:59:b4:26:fa:2a:ae:25:fe:c7:93:7a:80:bd:67:
56:c0:8d:e0:21:3a:3f:2f:0d:0f:21:5b:81:c6:2b:81:65:6c:
13:d4:cd:ee:d4:26:f6:c4:2e:71:06:06:ff:63:05:30:68:9b:
96:74:50:ee:96:8b:56:a7:fe:ad:81:cb:05:d0:1d:ef:2f:a7:
80:16:70:35:b3:b7:5a:41:04:9f:82:a1:cd:37:5c:23:85:ce:
a8:d0:b1:80:c0:f3:84:34:19:81:b8:83:b1:d7:43:5a:ad:8c:
23:72:0e:fd:47:09:73:2a:48:90:ad:1d:73:4d:8c:19:04:98:
f8:aa:88:ae:b0:3f:de:22:88:fb:1d:f8:ac:b3:2c:1f:c1:95:
8f:d5:a9:30:8b:62:27:01:04:a1:cf:b8:60:4f:c0:86:bd:50:
22:12:1a:8c:18:7a:54:73:e0:c1:3c:ab:fa:90:8f:bc:37:73:
34:b0:83:83:23:68:4b:25:90:de:25:05:17:26:8c:7e:0b:59:
86:d8:6a:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZexx6xxCoFy4qea6Mau80RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNjI3MTQyNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzcwYzFhMDdjYTM4YThhZTk2MmRlOWRiZmU4ZjhiOTFiZDNhMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4z0ongggc5rGmZ9OaZa1AVBA03NO
I5eiy+DzG1BGH9b4wy7LuI6Jp4aYUmiNFCUFirdE8zptPpnwSc3zKuz63GHIIuPE
NmZD0Nj2xQvIPLqG1lBsYwrnEFXVBaULX/BQyc4egQSQzwEynWUM1zSyn2TnIzdR
yXQNnJ6x5rDAJX3dL2y5MtULKB0UKLcXeoqo7eJz67HkN8kBlDNQrtssVeKbWsza
MAMm5RdzI7ZTC9SSdKXhv7f4tPozCkMyW1Prn9ehLoL+DT+gCFE+a95W2U6vynE2
BrA1iS3iJ4go7MZoRCSg3oKreTq/d1VR8yYTMd1bq5DY6nCk0IfksyA0tQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFONwwaB8o4qK6WLenb/o+Lkb06JZMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNDNEQm9IeWppb3JwWXQ2ZHYtajR1UnZUb2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmDUfAwQC
mDUkAwQCmDU0AwQAmDVEAwQCmDVQAwQCmDVYMAwDBAKYNaQDBAKYNagDBAWYNcAD
BAKYNfAwDQYJKoZIhvcNAQELBQADggEBALByOZncYiv5o7sMishfB3RcDNlhHhNq
ipMsoSezzJrDxMxkkogaGyOAESCdcDBNwn+YXl6sXSgOSEJZtCb6Kq4l/seTeoC9
Z1bAjeAhOj8vDQ8hW4HGK4FlbBPUze7UJvbELnEGBv9jBTBom5Z0UO6Wi1an/q2B
ywXQHe8vp4AWcDWzt1pBBJ+Coc03XCOFzqjQsYDA84Q0GYG4g7HXQ1qtjCNyDv1H
CXMqSJCtHXNNjBkEmPiqiK6wP94iiPsd+KyzLB/BlY/VqTCLYicBBKHPuGBPwIa9
UCISGowYelRz4ME8q/qQj7w3czSwg4MjaEslkN4lBRcmjH4LWYbYarM=
-----END CERTIFICATE-----
Generated at Wed Jul 2 06:15:23 2025 by rpki-client