Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/_13oaI6Mh2-cQfOXbAE2zjMBR68.roa
File: _13oaI6Mh2-cQfOXbAE2zjMBR68.roa (raw, json)
Hash identifier: ndo9/32z0xvpElRzHlOESlFA8gnATqtQoHQeDfaaBWY=
Subject key identifier: FF:5D:E8:68:8E:8C:87:6F:9C:41:F3:97:6C:01:36:CE:33:01:47:AF
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 0197B55DAE5BAC11006C78D761A27C0BC9A0
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/_13oaI6Mh2-cQfOXbAE2zjMBR68.roa
Signing time: Sat 28 Jun 2025 07:08:24 +0000
ROA not before: Sat 28 Jun 2025 07:08:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
37.233.82.0/23 maxlen: 24
37.233.84.0/23 maxlen: 24
37.233.86.0/24 maxlen: 24
45.130.212.0/22 maxlen: 24
45.137.188.0/24 maxlen: 24
45.145.163.0/24 maxlen: 24
46.173.20.0/24 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
83.222.20.0/23 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
185.77.231.0/24 maxlen: 24
212.74.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 01:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:5d:ae:5b:ac:11:00:6c:78:d7:61:a2:7c:0b:c9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jun 28 07:08:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff5de8688e8c876f9c41f3976c0136ce330147af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:16:d3:19:2f:d2:d1:d9:1f:cd:ad:d3:1e:d7:
ae:16:82:c4:c7:21:11:51:85:12:7b:4e:cf:2e:e8:
5f:cb:ed:2e:cb:df:aa:d5:6e:de:f7:f3:1d:49:94:
9a:d5:fb:5d:8b:99:78:b3:e0:ae:86:2f:c8:06:f8:
fc:47:a2:d1:52:4b:f1:84:21:0b:79:9c:4a:a5:75:
bf:e9:af:b9:94:29:6b:da:90:17:3f:e6:1d:a8:96:
f8:e9:00:a0:fe:8b:6b:a2:e5:fa:97:c9:ab:ef:44:
ed:e2:00:90:b0:15:0e:08:6f:1c:8f:fa:82:4d:9e:
4a:ba:c2:e2:7a:fa:e0:32:b5:a4:b9:a8:34:e1:58:
0f:f5:ff:42:0d:18:7c:75:86:51:fc:82:8c:d9:ca:
83:5a:13:51:8e:6d:58:4b:cb:7b:ce:06:a5:cb:f5:
e4:a9:f0:ce:a5:e9:a6:fa:ad:55:0a:b1:e1:57:df:
b8:11:6b:1a:c7:87:f2:e0:4d:20:dd:8b:7a:f8:8e:
f2:67:3f:a8:b3:95:1f:d1:c6:7e:24:72:2c:53:ec:
65:63:24:75:ab:a9:03:ec:b5:73:d2:50:dc:67:0d:
71:af:09:44:c7:e5:e9:c9:9a:ad:69:6d:ca:b9:da:
0f:b3:8f:da:80:ae:7e:c5:a3:18:5d:0f:cf:c9:67:
f1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5D:E8:68:8E:8C:87:6F:9C:41:F3:97:6C:01:36:CE:33:01:47:AF
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/_13oaI6Mh2-cQfOXbAE2zjMBR68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
37.233.82.0-37.233.86.255
45.130.212.0/22
45.137.188.0/24
45.145.163.0/24
46.173.20.0/24
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
83.222.20.0/23
90.156.254.0/23
91.218.142.0/23
185.77.231.0/24
212.74.231.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:86:4b:e1:f0:62:3c:25:ec:72:31:5a:d7:1d:7c:85:be:d1:
73:b4:1d:0d:b3:68:cd:39:f8:3b:62:9c:1f:43:25:f1:7d:f7:
70:1c:1f:80:88:da:15:1e:25:70:bd:78:bd:3c:34:b4:5e:e4:
9c:04:3b:60:47:e7:0e:3a:79:2b:ae:9b:59:ce:e0:30:45:21:
31:3f:e3:1a:b2:4b:cf:6e:14:78:e0:02:86:f8:0d:2f:44:06:
bc:18:66:9b:78:54:f6:dd:46:9b:99:06:2a:29:1c:51:eb:e2:
c8:41:75:f8:dd:a6:d6:93:1d:16:0e:4b:63:03:27:01:51:20:
58:6c:f0:a0:08:e2:91:15:18:a0:6c:07:2a:f5:84:72:3d:61:
09:77:6c:6b:00:b0:00:38:1f:1e:b7:20:c2:fa:13:61:23:88:
ab:36:12:10:c2:24:53:6c:3f:db:58:ba:6f:6e:28:ac:b6:1d:
09:7e:6e:9c:0e:23:ae:de:da:8b:ab:9e:cf:a3:c4:f2:ec:ad:
54:c4:9e:b6:0b:a6:f0:13:40:b8:53:2a:c6:6f:5c:bc:d0:c6:
f2:a3:29:37:ed:b3:67:c3:83:91:f7:c3:e6:11:0d:ab:95:0d:
0f:ed:20:df:23:43:d0:6a:d6:1d:8b:99:c1:40:6a:37:15:34:
22:88:e5:48
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZe1Xa5brBEAbHjXYaJ8C8mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwNjI4MDcwODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVkZTg2ODhlOGM4NzZmOWM0MWYzOTc2YzAxMzZjZTMzMDE0N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RbTGS/S0dkfza3THteuFoLExyER
UYUSe07PLuhfy+0uy9+q1W7e9/MdSZSa1ftdi5l4s+Cuhi/IBvj8R6LRUkvxhCEL
eZxKpXW/6a+5lClr2pAXP+YdqJb46QCg/otrouX6l8mr70Tt4gCQsBUOCG8cj/qC
TZ5KusLievrgMrWkuag04VgP9f9CDRh8dYZR/IKM2cqDWhNRjm1YS8t7zgaly/Xk
qfDOpemm+q1VCrHhV9+4EWsax4fy4E0g3Yt6+I7yZz+os5Uf0cZ+JHIsU+xlYyR1
q6kD7LVz0lDcZw1xrwlEx+XpyZqtaW3KudoPs4/agK5+xaMYXQ/PyWfxdwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFP9d6GiOjIdvnEHzl2wBNs4zAUevMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvXzEzb2FJNk1oMi1jUWZPWGJBRTJ6ak1CUjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCH4AgMAwD
BAEl6VIDBAAl6VYDBAItgtQDBAAtibwDBAAtkaMDBAAurRQDBABNSekDBABNSesD
BABNSe4DBAFT3hQDBAFanP4DBAFb2o4DBAC5TecDBADUSucwDQYJKoZIhvcNAQEL
BQADggEBAC6GS+HwYjwl7HIxWtcdfIW+0XO0HQ2zaM05+DtinB9DJfF993AcH4CI
2hUeJXC9eL08NLRe5JwEO2BH5w46eSuum1nO4DBFITE/4xqyS89uFHjgAob4DS9E
BrwYZpt4VPbdRpuZBiopHFHr4shBdfjdptaTHRYOS2MDJwFRIFhs8KAI4pEVGKBs
Byr1hHI9YQl3bGsAsAA4Hx63IML6E2EjiKs2EhDCJFNsP9tYum9uKKy2HQl+bpwO
I67e2ourns+jxPLsrVTEnrYLpvATQLhTKsZvXLzQxvKjKTfts2fDg5H3w+YRDauV
DQ/tIN8jQ9Bq1h2LmcFAajcVNCKI5Ug=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:01:07 2025 by rpki-client