Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/VDnBdgFWMM1LxU1PKL4keKIi1hQ.roa
File: VDnBdgFWMM1LxU1PKL4keKIi1hQ.roa (raw, json)
Hash identifier: pFF6/EaIU2jd4TokFYS7L1V2pJZYvr3XFihQLRQM1mg=
Subject key identifier: 54:39:C1:76:01:56:30:CD:4B:C5:4D:4F:28:BE:24:78:A2:22:D6:14
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 01977E129AB29C50640E8F1A76F856C61B33
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/VDnBdgFWMM1LxU1PKL4keKIi1hQ.roa
Signing time: Tue 17 Jun 2025 13:27:17 +0000
ROA not before: Tue 17 Jun 2025 13:27:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 37.75.8.0/21 maxlen: 24
185.28.0.0/22 maxlen: 24
185.28.0.0/24 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
185.155.148.0/22 maxlen: 24
185.155.148.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
195.142.0.0/22 maxlen: 24
195.142.104.0/21 maxlen: 24
195.142.105.0/24 maxlen: 24
195.142.132.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
2a05:8a00:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:12:9a:b2:9c:50:64:0e:8f:1a:76:f8:56:c6:1b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jun 17 13:27:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5439c176015630cd4bc54d4f28be2478a222d614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:91:1b:fe:23:be:c3:d2:c9:05:b0:fb:06:
d1:de:21:10:69:c8:27:33:99:0d:50:96:3d:fe:fc:
70:e1:64:ba:01:60:f7:51:fc:88:e3:8c:3e:38:4c:
db:33:40:39:7a:d2:40:fd:46:25:96:8a:81:a1:38:
2c:31:af:21:2d:dd:87:ae:a8:99:cb:23:20:25:9e:
99:80:06:0e:17:94:a5:43:1f:0c:65:ce:6f:01:c8:
3e:59:94:c2:e0:aa:02:bc:65:a7:b7:b6:72:49:84:
84:a7:d2:2a:bc:84:53:b6:f8:16:30:d1:ee:3d:1a:
94:fc:09:0f:b6:08:a9:c9:59:f0:44:6d:7c:5d:82:
74:e0:d7:18:c8:ba:3f:4b:cf:44:98:d9:16:36:fb:
35:d1:d3:f2:df:67:4f:ba:f5:a1:db:f3:46:29:df:
6c:c2:00:f3:86:9a:c6:38:c5:9e:81:d0:c3:3e:73:
a7:da:f0:4a:a6:ca:11:69:6e:45:0a:b0:02:3c:2b:
38:98:7c:d0:64:0c:48:93:40:6f:e3:4a:b9:90:e7:
4c:1a:5f:e1:df:bf:0e:2e:1d:b6:62:1b:08:ff:ab:
0f:8a:8f:05:82:b8:61:ea:53:96:bb:14:ef:93:24:
b3:53:c5:a4:b1:22:03:fa:50:a4:c7:59:b7:1e:55:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:39:C1:76:01:56:30:CD:4B:C5:4D:4F:28:BE:24:78:A2:22:D6:14
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/VDnBdgFWMM1LxU1PKL4keKIi1hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.8.0/21
185.28.0.0/22
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
195.142.0.0/22
195.142.104.0/21
195.142.132.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
88:68:33:26:70:39:3f:b5:07:83:16:aa:3e:be:fb:32:4f:9b:
e7:9b:34:20:f2:5b:49:67:2d:f7:7e:b1:36:61:3a:33:51:25:
b7:49:41:f7:1f:7b:9c:a0:44:c1:0d:85:c6:f4:63:d2:5b:eb:
0b:37:4c:16:c2:5f:10:08:a8:d3:7f:9f:f0:c9:72:51:71:c4:
df:3f:a7:75:96:d1:35:5d:c1:79:1a:9a:72:a5:47:f0:31:6c:
5f:1a:a6:d6:3e:ab:01:47:58:9c:f5:e5:8c:34:12:91:df:6c:
f7:22:bf:eb:34:79:06:94:ff:38:c6:b7:06:d0:50:7f:a1:d3:
0d:cc:51:e9:1e:b5:31:29:67:b2:dc:fb:b5:07:97:9d:59:a3:
93:dd:68:ba:08:6d:7c:0c:ea:32:e0:21:a4:53:1c:83:2f:3c:
9e:e7:9b:2e:29:fb:d3:8c:81:1d:60:f7:ee:f6:85:dd:50:27:
d9:a1:8b:c2:e3:af:25:af:00:8e:8c:39:7b:de:b2:25:c6:c5:
69:e3:a2:73:8a:66:ab:a1:c1:bd:a7:69:df:e0:27:b6:d0:95:
c7:78:1f:e9:71:94:a8:47:d3:5a:b1:ae:f4:4f:fd:aa:5c:45:
60:5c:40:e4:0a:cf:ff:e7:a8:4b:11:68:fa:b3:f3:ee:5a:bf:
de:42:4e:7e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZd+EpqynFBkDo8advhWxhszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjUwNjE3MTMyNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM5YzE3NjAxNTYzMGNkNGJjNTRkNGYyOGJlMjQ3OGEyMjJkNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyGRG/4jvsPSyQWw+wbR3iEQacgn
M5kNUJY9/vxw4WS6AWD3UfyI44w+OEzbM0A5etJA/UYlloqBoTgsMa8hLd2HrqiZ
yyMgJZ6ZgAYOF5SlQx8MZc5vAcg+WZTC4KoCvGWnt7ZySYSEp9IqvIRTtvgWMNHu
PRqU/AkPtgipyVnwRG18XYJ04NcYyLo/S89EmNkWNvs10dPy32dPuvWh2/NGKd9s
wgDzhprGOMWegdDDPnOn2vBKpsoRaW5FCrACPCs4mHzQZAxIk0Bv40q5kOdMGl/h
378OLh22YhsI/6sPio8Fgrhh6lOWuxTvkySzU8WksSID+lCkx1m3HlVRwwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFQ5wXYBVjDNS8VNTyi+JHiiItYUMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvVkRuQmRnRldNTTFMeFUxUEtMNGtlS0lpMWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJUsIAwQC
uRwAAwQCuVHsAwQCuZn4AwQCuZuUAwQCw44AAwQDw45oAwQCw46EMA0EAgACMAcD
BQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQCIaDMmcDk/tQeDFqo+vvsyT5vnmzQg
8ltJZy33frE2YTozUSW3SUH3H3ucoETBDYXG9GPSW+sLN0wWwl8QCKjTf5/wyXJR
ccTfP6d1ltE1XcF5GppypUfwMWxfGqbWPqsBR1ic9eWMNBKR32z3Ir/rNHkGlP84
xrcG0FB/odMNzFHpHrUxKWey3Pu1B5edWaOT3Wi6CG18DOoy4CGkUxyDLzye55su
KfvTjIEdYPfu9oXdUCfZoYvC468lrwCOjDl73rIlxsVp46JzimarocG9p2nf4Ce2
0JXHeB/pcZSoR9Nasa70T/2qXEVgXEDkCs//56hLEWj6s/PuWr/eQk5+
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:18:51 2025 by rpki-client