Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/aFZ78voZPw_HjG5VUfFtkb2EJFk.roa
File: aFZ78voZPw_HjG5VUfFtkb2EJFk.roa (raw, json)
Hash identifier: +Y4W8Argmc0adZv7T82onfiJAWoBq3HUgx6/oJb9nes=
Subject key identifier: 68:56:7B:F2:FA:19:3F:0F:C7:8C:6E:55:51:F1:6D:91:BD:84:24:59
Certificate issuer: /CN=7c67ee3de881562eea7df2e3232cdb32b54fe037
Certificate serial: 0198D074AD2CF756B2C58D810E1C42B9AA4E
Authority key identifier: 7C:67:EE:3D:E8:81:56:2E:EA:7D:F2:E3:23:2C:DB:32:B5:4F:E0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fGfuPeiBVi7qffLjIyzbMrVP4Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/aFZ78voZPw_HjG5VUfFtkb2EJFk.roa
Signing time: Fri 22 Aug 2025 06:26:04 +0000
ROA not before: Fri 22 Aug 2025 06:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39642
IP address blocks: 37.75.160.0/19 maxlen: 19
77.68.128.0/17 maxlen: 17
78.156.96.0/19 maxlen: 19
83.137.120.0/21 maxlen: 21
95.138.208.0/20 maxlen: 20
139.45.0.0/17 maxlen: 17
217.198.208.0/20 maxlen: 20
2a00:1f98::/29 maxlen: 32
2a02:25c8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/fGfuPeiBVi7qffLjIyzbMrVP4Dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/fGfuPeiBVi7qffLjIyzbMrVP4Dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fGfuPeiBVi7qffLjIyzbMrVP4Dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:74:ad:2c:f7:56:b2:c5:8d:81:0e:1c:42:b9:aa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c67ee3de881562eea7df2e3232cdb32b54fe037
Validity
Not Before: Aug 22 06:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68567bf2fa193f0fc78c6e5551f16d91bd842459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:04:f1:e7:c7:36:57:14:04:06:0e:ba:6a:
1b:9f:2f:01:51:52:9f:0e:22:4b:7f:f9:e9:98:c9:
af:9b:ef:5d:00:b9:5f:23:39:57:b8:bc:d1:ff:51:
1d:43:5b:a0:0f:d7:6d:7c:7c:d5:22:45:37:a6:a3:
5b:cf:5b:64:cc:5e:8f:29:12:23:54:7f:43:30:9c:
c7:d1:ea:e8:fb:61:1b:99:ea:30:10:c6:79:da:c6:
d3:90:1b:24:0a:e1:8e:de:5d:c7:e6:97:f0:f2:87:
ac:5f:55:ba:4f:85:be:90:47:8e:a7:d8:58:04:b9:
b8:4d:da:43:d0:76:3d:43:e7:ef:1b:5e:7e:ac:63:
b5:cb:f4:03:b8:c7:9f:e5:b6:43:9b:fd:32:bd:ec:
29:83:1e:2d:f0:ae:34:36:f3:5b:da:36:ed:c0:ec:
4b:1b:56:69:28:2f:29:a9:2f:2f:7d:eb:cb:15:18:
78:2e:2e:5e:28:56:21:99:24:2d:c6:f9:74:a0:02:
e1:21:b9:d2:57:64:ad:4f:a0:3a:e0:45:31:5d:54:
7f:be:f5:f9:9f:5a:82:a2:a6:b8:b6:71:cc:a0:a4:
63:ed:54:88:01:fd:fa:f3:22:a6:82:7d:4f:43:2d:
29:10:12:3d:c5:9e:d1:70:9c:76:5f:d4:ae:7c:f7:
2d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:56:7B:F2:FA:19:3F:0F:C7:8C:6E:55:51:F1:6D:91:BD:84:24:59
X509v3 Authority Key Identifier:
keyid:7C:67:EE:3D:E8:81:56:2E:EA:7D:F2:E3:23:2C:DB:32:B5:4F:E0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fGfuPeiBVi7qffLjIyzbMrVP4Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/aFZ78voZPw_HjG5VUfFtkb2EJFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/5fab75-5f35-464d-9f0d-3ed2eceb4f6c/1/fGfuPeiBVi7qffLjIyzbMrVP4Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.160.0/19
77.68.128.0/17
78.156.96.0/19
83.137.120.0/21
95.138.208.0/20
139.45.0.0/17
217.198.208.0/20
IPv6:
2a00:1f98::/29
2a02:25c8::/29
Signature Algorithm: sha256WithRSAEncryption
1d:3c:89:46:d1:4b:93:ec:a9:dc:6f:0e:31:11:8b:5e:97:69:
68:8e:00:06:07:2e:d7:0f:19:12:ae:65:70:12:95:ea:3e:1b:
fb:07:86:8f:d0:3f:75:fd:92:3a:7e:ec:90:14:90:79:c4:78:
be:3f:19:7b:91:cc:d4:eb:2c:e2:7a:7c:12:de:fd:a6:eb:37:
9f:a7:f3:e5:60:ef:2a:bc:99:ae:56:96:02:77:2f:97:1b:11:
c9:48:73:3d:23:69:3b:c6:20:c5:ae:62:a4:ee:78:5d:37:2b:
6b:1a:15:e2:b1:df:8c:42:dc:0a:3b:74:06:67:8d:40:05:f3:
81:fd:8b:cd:18:25:22:a9:38:97:59:8b:bc:c5:6d:42:97:f0:
a4:d7:fe:4a:31:b6:a1:2f:ca:67:66:6e:77:2c:f6:7d:70:2f:
f1:b4:38:eb:f1:4a:c4:b4:01:59:de:0d:ce:42:da:f5:3d:39:
9c:cb:7f:8f:35:19:2c:7b:85:b2:64:49:30:9a:fa:39:b8:08:
8a:79:86:0c:ec:a7:45:0b:3c:b6:4f:c2:76:14:62:24:a1:48:
79:eb:1d:a7:8d:2d:cd:53:10:55:b6:dd:d7:3f:7f:cb:7c:c5:
f5:79:94:87:ac:71:45:3a:ae:f5:0d:a2:0a:e2:6e:fd:e3:7f:
c3:59:0c:55
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZjQdK0s91ayxY2BDhxCuapOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNjdlZTNkZTg4MTU2MmVlYTdkZjJlMzIzMmNkYjMyYjU0
ZmUwMzcwHhcNMjUwODIyMDYyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU2N2JmMmZhMTkzZjBmYzc4YzZlNTU1MWYxNmQ5MWJkODQyNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSYE8efHNlcUBAYOumobny8BUVKf
DiJLf/npmMmvm+9dALlfIzlXuLzR/1EdQ1ugD9dtfHzVIkU3pqNbz1tkzF6PKRIj
VH9DMJzH0ero+2EbmeowEMZ52sbTkBskCuGO3l3H5pfw8oesX1W6T4W+kEeOp9hY
BLm4TdpD0HY9Q+fvG15+rGO1y/QDuMef5bZDm/0yvewpgx4t8K40NvNb2jbtwOxL
G1ZpKC8pqS8vfevLFRh4Li5eKFYhmSQtxvl0oALhIbnSV2StT6A64EUxXVR/vvX5
n1qCoqa4tnHMoKRj7VSIAf368yKmgn1PQy0pEBI9xZ7RcJx2X9SufPct9QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGhWe/L6GT8Px4xuVVHxbZG9hCRZMB8GA1UdIwQY
MBaAFHxn7j3ogVYu6n3y4yMs2zK1T+A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkdmdVBlaUJWaTdxZmZMakl5emJNclZQNERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81ZmFiNzUtNWYzNS00NjRkLTlmMGQt
M2VkMmVjZWI0ZjZjLzEvYUZaNzh2b1pQd19Iakc1VlVmRnRrYjJFSkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81ZmFiNzUtNWYzNS00NjRkLTlmMGQtM2VkMmVjZWI0ZjZj
LzEvZkdmdVBlaUJWaTdxZmZMakl5emJNclZQNERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFJUugAwQH
TUSAAwQFTpxgAwQDU4l4AwQEX4rQAwQHiy0AAwQE2cbQMBQEAgACMA4DBQMqAB+Y
AwUDKgIlyDANBgkqhkiG9w0BAQsFAAOCAQEAHTyJRtFLk+yp3G8OMRGLXpdpaI4A
Bgcu1w8ZEq5lcBKV6j4b+weGj9A/df2SOn7skBSQecR4vj8Ze5HM1Oss4np8Et79
pus3n6fz5WDvKryZrlaWAncvlxsRyUhzPSNpO8Ygxa5ipO54XTcraxoV4rHfjELc
Cjt0BmeNQAXzgf2LzRglIqk4l1mLvMVtQpfwpNf+SjG2oS/KZ2Zudyz2fXAv8bQ4
6/FKxLQBWd4NzkLa9T05nMt/jzUZLHuFsmRJMJr6ObgIinmGDOynRQs8tk/CdhRi
JKFIeesdp40tzVMQVbbd1z9/y3zF9XmUh6xxRTqu9Q2iCuJu/eN/w1kMVQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:19:28 2025 by rpki-client