Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/da0UD-kuGXFD_ci4pN6yO25XCis.roa
File: da0UD-kuGXFD_ci4pN6yO25XCis.roa (raw, json)
Hash identifier: ntqBnVu4I5mhNnat1Dpr7d+NbSZRHCzSrhmPk41TZ2w=
Subject key identifier: 75:AD:14:0F:E9:2E:19:71:43:FD:C8:B8:A4:DE:B2:3B:6E:57:0A:2B
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0198B54FD4CE4DB4261B8D9699B866EB0D10
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/da0UD-kuGXFD_ci4pN6yO25XCis.roa
Signing time: Sat 16 Aug 2025 23:56:04 +0000
ROA not before: Sat 16 Aug 2025 23:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23532
IP address blocks: 178.255.244.0/22 maxlen: 23
192.200.192.0/19 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b5:4f:d4:ce:4d:b4:26:1b:8d:96:99:b8:66:eb:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 16 23:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75ad140fe92e197143fdc8b8a4deb23b6e570a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:40:b1:da:40:dd:e8:02:4c:24:d0:34:bf:07:
85:b2:27:99:f6:4a:6c:80:e0:54:59:82:6f:62:17:
07:49:f2:fe:9c:c3:82:ea:d1:58:9e:a2:38:ff:0b:
9b:35:61:65:7d:07:9b:de:b7:88:35:7a:87:04:cd:
f1:f8:b6:cd:3a:65:b6:99:10:6b:dc:f3:9a:79:70:
b6:ba:7a:98:91:06:fb:9d:eb:6d:0c:9e:c0:f2:8f:
3a:8a:1c:93:21:8e:fb:b3:89:ad:bc:3e:a3:78:ab:
5e:5a:a9:06:8c:36:66:d2:0c:8a:5c:c5:85:a0:3e:
07:12:f4:10:18:8c:0f:71:fb:0d:71:4b:de:f9:3e:
b5:5c:27:e9:f0:35:5e:a2:49:8c:61:69:ef:5a:2e:
17:b4:82:ab:fd:ba:75:56:15:8f:f0:8a:5d:f4:76:
8f:cd:a4:61:0b:70:db:ea:d3:78:01:f5:cd:a0:9b:
45:24:57:c4:1d:7d:4e:db:2c:b8:fa:24:27:1e:6d:
c1:27:c8:cd:79:00:6b:31:f3:f2:c4:af:10:76:7e:
04:02:66:ee:04:71:1d:6f:81:a3:fa:bd:f0:3a:95:
97:f7:aa:91:90:36:d4:4a:42:c1:c9:9f:62:bc:46:
8a:fd:fd:25:c5:c4:1a:d3:06:a7:f0:43:d5:0e:6a:
03:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AD:14:0F:E9:2E:19:71:43:FD:C8:B8:A4:DE:B2:3B:6E:57:0A:2B
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/da0UD-kuGXFD_ci4pN6yO25XCis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.244.0/22
192.200.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:cd:db:64:64:68:6b:8e:45:38:95:42:a0:5b:dd:ac:ac:a8:
6d:55:e3:7d:9f:56:a7:a6:91:b6:ac:87:70:e1:d4:ee:6a:46:
84:06:01:06:96:2c:21:43:06:77:cf:30:7a:e9:67:92:4e:3e:
5e:96:d3:6b:5a:9c:e0:1c:40:2e:d2:85:55:77:14:3f:b7:15:
e6:0f:d9:30:de:59:52:b5:19:5c:7c:ff:5a:23:e1:3d:60:d5:
f4:74:57:37:ac:27:9e:84:4b:cc:2d:7a:48:ad:06:5c:3f:c7:
0e:da:6f:b3:8d:e7:24:d1:5f:96:ac:43:35:1c:72:de:41:57:
81:8b:ba:82:61:df:5c:f1:7c:c3:aa:f6:5f:cd:5a:dd:d1:5c:
c5:c2:ef:ce:99:ce:c4:33:75:51:f1:b1:f4:28:33:ac:d6:0e:
ff:4f:3a:8d:fb:5f:9f:cc:59:28:6d:2a:b0:dc:8a:d2:8f:b8:
a2:56:46:49:0e:95:8f:d3:5a:3b:7e:eb:c8:0e:b3:67:0a:f1:
8c:c5:95:16:3c:73:ea:3a:77:29:23:78:a3:46:fc:a5:0b:df:
f9:79:05:33:3f:54:07:ab:81:bf:1c:83:aa:b6:3b:63:81:3b:
7b:74:97:ea:ab:85:bc:a4:74:bc:a2:67:04:ba:59:9f:5a:aa:
38:d8:e6:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZi1T9TOTbQmG42Wmbhm6w0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwODE2MjM1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFkMTQwZmU5MmUxOTcxNDNmZGM4YjhhNGRlYjIzYjZlNTcwYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkECx2kDd6AJMJNA0vweFsieZ9kps
gOBUWYJvYhcHSfL+nMOC6tFYnqI4/wubNWFlfQeb3reINXqHBM3x+LbNOmW2mRBr
3POaeXC2unqYkQb7nettDJ7A8o86ihyTIY77s4mtvD6jeKteWqkGjDZm0gyKXMWF
oD4HEvQQGIwPcfsNcUve+T61XCfp8DVeokmMYWnvWi4XtIKr/bp1VhWP8Ipd9HaP
zaRhC3Db6tN4AfXNoJtFJFfEHX1O2yy4+iQnHm3BJ8jNeQBrMfPyxK8Qdn4EAmbu
BHEdb4Gj+r3wOpWX96qRkDbUSkLByZ9ivEaK/f0lxcQa0wan8EPVDmoDiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHWtFA/pLhlxQ/3IuKTesjtuVworMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZGEwVUQta3VHWEZEX2NpNHBONnlPMjVYQ2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsv/0AwQF
wMjAMA0GCSqGSIb3DQEBCwUAA4IBAQB+zdtkZGhrjkU4lUKgW92srKhtVeN9n1an
ppG2rIdw4dTuakaEBgEGliwhQwZ3zzB66WeSTj5eltNrWpzgHEAu0oVVdxQ/txXm
D9kw3llStRlcfP9aI+E9YNX0dFc3rCeehEvMLXpIrQZcP8cO2m+zjeck0V+WrEM1
HHLeQVeBi7qCYd9c8XzDqvZfzVrd0VzFwu/Omc7EM3VR8bH0KDOs1g7/TzqN+1+f
zFkobSqw3IrSj7iiVkZJDpWP01o7fuvIDrNnCvGMxZUWPHPqOncpI3ijRvylC9/5
eQUzP1QHq4G/HIOqtjtjgTt7dJfqq4W8pHS8omcEulmfWqo42OaB
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:46:36 2025 by rpki-client