Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/oVZun4DWgoF19ND4-_Dv0_qpKP8.roa
File: oVZun4DWgoF19ND4-_Dv0_qpKP8.roa (raw, json)
Hash identifier: SzuvbHmsUfKJvAq6jHLnp6Osyk3SkcVPJNGdOpKeUh0=
Subject key identifier: A1:56:6E:9F:80:D6:82:81:75:F4:D0:F8:FB:F0:EF:D3:FA:A9:28:FF
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 0198A866B69282BF947A73FB345CCDF2440F
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/oVZun4DWgoF19ND4-_Dv0_qpKP8.roa
Signing time: Thu 14 Aug 2025 11:46:00 +0000
ROA not before: Thu 14 Aug 2025 11:46:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25291
IP address blocks: 37.44.0.0/21 maxlen: 24
37.49.152.0/21 maxlen: 24
37.123.104.0/21 maxlen: 24
77.247.80.0/21 maxlen: 24
109.68.224.0/21 maxlen: 24
147.93.208.0/22 maxlen: 24
151.252.40.0/21 maxlen: 24
176.74.56.0/21 maxlen: 24
185.46.136.0/22 maxlen: 24
185.54.232.0/22 maxlen: 24
185.56.104.0/23 maxlen: 24
185.56.128.0/21 maxlen: 24
195.192.128.0/18 maxlen: 24
2a00:13c8::/32 maxlen: 48
2a00:7fc0::/32 maxlen: 48
2a00:7fc0::/33 maxlen: 48
2a04:d480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:66:b6:92:82:bf:94:7a:73:fb:34:5c:cd:f2:44:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Aug 14 11:46:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1566e9f80d6828175f4d0f8fbf0efd3faa928ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4c:72:07:5d:88:4d:5d:da:b2:ef:86:7c:7b:
b5:25:be:46:65:1a:be:bd:f5:c0:2f:1b:0d:18:10:
bc:8f:58:c8:4b:fe:d7:e2:40:a8:f8:6f:78:b8:81:
83:cb:93:fe:6c:65:17:d4:8d:18:c5:19:6a:d1:d9:
11:c8:f7:2f:1e:46:43:2c:74:5f:1d:80:ed:99:c4:
c1:82:65:d5:7a:cc:b5:f6:94:cb:44:e6:79:b1:c6:
bd:9b:87:c7:cc:9a:5c:f4:ff:4b:19:4c:f8:d3:23:
03:76:7c:3c:2c:95:68:10:d3:e6:47:fc:fe:2b:6e:
38:df:20:04:58:36:cd:14:f2:11:27:7a:e5:91:2a:
e1:67:3e:a5:c5:fb:ef:b5:e1:23:ca:2b:24:c3:f0:
84:39:d0:e1:28:74:83:e8:41:17:b9:63:94:3c:85:
c3:9f:59:f1:f8:ed:6c:eb:59:df:d8:36:8c:b8:d5:
a1:32:64:25:02:71:2b:1e:1e:65:aa:42:2c:71:b1:
94:90:3a:6a:e3:d3:6b:a5:73:be:25:3d:e5:03:0e:
74:a8:87:78:c8:8a:3c:85:f0:55:2b:2c:6e:bd:1d:
47:99:03:4b:8b:7c:a0:f4:92:48:86:c2:a7:54:de:
80:08:41:75:0b:db:2b:31:0c:e2:1c:57:92:2e:44:
25:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:56:6E:9F:80:D6:82:81:75:F4:D0:F8:FB:F0:EF:D3:FA:A9:28:FF
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/oVZun4DWgoF19ND4-_Dv0_qpKP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.0.0/21
37.49.152.0/21
37.123.104.0/21
77.247.80.0/21
109.68.224.0/21
147.93.208.0/22
151.252.40.0/21
176.74.56.0/21
185.46.136.0/22
185.54.232.0/22
185.56.104.0/23
185.56.128.0/21
195.192.128.0/18
IPv6:
2a00:13c8::/32
2a00:7fc0::/32
2a04:d480::/29
Signature Algorithm: sha256WithRSAEncryption
17:ff:c0:db:ba:b6:b9:2d:96:77:41:16:e8:51:6f:34:79:b1:
9b:8e:e9:30:78:2c:a3:17:d3:85:72:81:4f:87:15:52:13:df:
76:c3:fa:e4:7d:c0:82:cc:e0:59:20:9f:51:df:7f:70:cb:69:
6a:d8:25:d9:71:e3:9c:89:03:32:03:7e:d2:82:d3:11:bf:de:
24:d0:08:c1:7a:75:67:0e:6c:52:98:30:bb:a4:70:55:35:63:
b6:82:60:19:f2:8c:c5:6a:c4:4f:89:b3:7d:9b:b1:31:74:05:
d7:b2:ab:ab:63:67:d1:e7:c8:e7:a2:ed:f2:4a:52:05:d8:45:
f8:a4:98:80:c8:55:09:93:91:43:9d:9d:c2:de:47:7e:af:d3:
4c:fa:e4:3b:13:bd:9b:9f:9b:b1:93:c7:17:e2:25:73:a4:2f:
8e:31:0e:1d:8d:09:46:0c:45:0b:1b:4c:d9:53:43:16:01:b2:
d0:d9:02:9c:e9:9a:6f:66:b2:9b:6b:1b:08:39:29:3f:84:dc:
a6:36:7e:99:08:39:5f:5b:1f:ae:cc:c9:3f:96:ce:75:92:f9:
b6:51:91:01:5d:e7:b2:7d:e0:8c:61:59:18:63:5d:cd:94:3c:
34:6b:d0:14:b7:a3:1d:fb:69:7a:34:f5:07:3e:8c:51:18:7d:
38:4a:c6:d7
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZioZraSgr+UenP7NFzN8kQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjUwODE0MTE0NjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU2NmU5ZjgwZDY4MjgxNzVmNGQwZjhmYmYwZWZkM2ZhYTkyOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UxyB12ITV3asu+GfHu1Jb5GZRq+
vfXALxsNGBC8j1jIS/7X4kCo+G94uIGDy5P+bGUX1I0YxRlq0dkRyPcvHkZDLHRf
HYDtmcTBgmXVesy19pTLROZ5sca9m4fHzJpc9P9LGUz40yMDdnw8LJVoENPmR/z+
K2443yAEWDbNFPIRJ3rlkSrhZz6lxfvvteEjyiskw/CEOdDhKHSD6EEXuWOUPIXD
n1nx+O1s61nf2DaMuNWhMmQlAnErHh5lqkIscbGUkDpq49NrpXO+JT3lAw50qId4
yIo8hfBVKyxuvR1HmQNLi3yg9JJIhsKnVN6ACEF1C9srMQziHFeSLkQlXwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFKFWbp+A1oKBdfTQ+Pvw79P6qSj/MB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvb1ZadW40RFdnb0YxOU5ENC1fRHYwX3FwS1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAyUsAAME
AyUxmAMEAyV7aAMEA033UAMEA21E4AMEApNd0AMEA5f8KAMEA7BKOAMEArkuiAME
Ark26AMEAbk4aAMEA7k4gAMEBsPAgDAbBAIAAjAVAwUAKgATyAMFACoAf8ADBQMq
BNSAMA0GCSqGSIb3DQEBCwUAA4IBAQAX/8Dbura5LZZ3QRboUW80ebGbjukweCyj
F9OFcoFPhxVSE992w/rkfcCCzOBZIJ9R339wy2lq2CXZceOciQMyA37SgtMRv94k
0AjBenVnDmxSmDC7pHBVNWO2gmAZ8ozFasRPibN9m7ExdAXXsqurY2fR58jnou3y
SlIF2EX4pJiAyFUJk5FDnZ3C3kd+r9NM+uQ7E72bn5uxk8cX4iVzpC+OMQ4djQlG
DEULG0zZU0MWAbLQ2QKc6ZpvZrKbaxsIOSk/hNymNn6ZCDlfWx+uzMk/ls51kvm2
UZEBXeeyfeCMYVkYY13NlDw0a9AUt6Md+2l6NPUHPoxRGH04SsbX
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:13:22 2025 by rpki-client