Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/9wVDQpp0z04zwfoESc_S5u9etZ0.roa
File: 9wVDQpp0z04zwfoESc_S5u9etZ0.roa (raw, json)
Hash identifier: +x8r2JMNLKJOL0pGTh/MSwGY9V5+DOeggrdlCFNLMkg=
Subject key identifier: F7:05:43:42:9A:74:CF:4E:33:C1:FA:04:49:CF:D2:E6:EF:5E:B5:9D
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 01968556A5D82AF37B7E61F907014BA6C008
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/9wVDQpp0z04zwfoESc_S5u9etZ0.roa
Signing time: Wed 30 Apr 2025 06:16:10 +0000
ROA not before: Wed 30 Apr 2025 06:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42109
IP address blocks: 31.7.160.0/21 maxlen: 21
31.7.160.0/24 maxlen: 24
31.7.161.0/24 maxlen: 24
31.7.163.0/24 maxlen: 24
31.7.164.0/24 maxlen: 24
31.7.165.0/24 maxlen: 24
77.95.188.0/22 maxlen: 22
77.95.189.0/24 maxlen: 24
91.103.24.0/21 maxlen: 21
91.103.24.0/24 maxlen: 24
91.103.25.0/24 maxlen: 24
91.103.26.0/24 maxlen: 24
91.103.27.0/24 maxlen: 24
91.103.28.0/24 maxlen: 24
91.103.29.0/24 maxlen: 24
91.103.30.0/24 maxlen: 24
91.103.56.0/21 maxlen: 21
91.103.56.0/24 maxlen: 24
91.103.57.0/24 maxlen: 24
91.103.59.0/24 maxlen: 24
91.103.60.0/24 maxlen: 24
91.103.61.0/24 maxlen: 24
91.103.62.0/24 maxlen: 24
91.103.63.0/24 maxlen: 24
93.94.216.0/21 maxlen: 21
93.94.217.0/24 maxlen: 24
93.94.219.0/24 maxlen: 24
93.94.221.0/24 maxlen: 24
95.140.192.0/20 maxlen: 20
95.140.192.0/24 maxlen: 24
95.140.194.0/24 maxlen: 24
95.140.195.0/24 maxlen: 24
95.140.196.0/24 maxlen: 24
95.140.197.0/24 maxlen: 24
95.140.198.0/23 maxlen: 23
95.140.200.0/24 maxlen: 24
95.140.201.0/24 maxlen: 24
95.140.202.0/24 maxlen: 24
95.140.203.0/24 maxlen: 24
95.140.204.0/22 maxlen: 22
185.79.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:56:a5:d8:2a:f3:7b:7e:61:f9:07:01:4b:a6:c0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Apr 30 06:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f70543429a74cf4e33c1fa0449cfd2e6ef5eb59d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:e7:cb:e3:b5:f5:b4:2f:56:17:8b:39:e0:
9b:37:f9:bd:6f:49:5e:c2:e1:ff:7f:31:47:cb:11:
d0:35:52:c7:08:e7:3d:82:c8:99:f4:13:a8:19:20:
fd:4c:d8:f2:a5:7a:fa:74:d1:71:7a:d5:7c:16:9c:
60:15:3b:e4:f3:98:0a:22:7e:37:29:cd:46:d3:7a:
c9:ad:09:28:b2:16:39:cf:7e:14:17:a5:a6:04:a5:
3a:2d:47:fa:e8:f8:0d:88:fb:66:4d:ce:fe:d6:b6:
80:70:48:49:ba:11:57:25:3b:71:1d:d8:a7:36:8a:
8e:13:20:45:84:ac:85:cb:97:c0:74:8a:2c:cf:a3:
cc:28:8b:87:97:8b:ba:25:c1:d0:4b:e3:17:f3:1e:
52:46:fd:88:f1:a1:ea:90:b5:a9:25:64:be:76:32:
4a:e6:50:1b:13:06:3d:91:54:14:e4:6d:e9:c5:fa:
00:93:1d:f9:fa:6f:e1:e2:30:9b:c8:98:c3:c1:89:
60:68:4d:5d:72:9d:b6:ca:6f:1d:e2:b8:e6:49:a0:
44:ae:8e:59:cf:e6:05:39:d3:b0:b6:7c:4e:0a:b1:
53:4d:c0:07:5b:65:5c:cc:70:1f:e7:36:81:1d:af:
b4:d2:0d:c4:2c:9f:21:7e:dd:dd:ca:9b:f2:ac:d5:
18:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:05:43:42:9A:74:CF:4E:33:C1:FA:04:49:CF:D2:E6:EF:5E:B5:9D
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/9wVDQpp0z04zwfoESc_S5u9etZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.160.0/21
77.95.188.0/22
91.103.24.0/21
91.103.56.0/21
93.94.216.0/21
95.140.192.0/20
185.79.0.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:26:2a:fe:42:67:2e:35:ae:b8:bd:89:fe:dd:4e:6f:f5:b5:
d7:94:c2:91:cf:be:01:b2:79:5f:ef:df:86:c3:7a:bd:92:80:
13:8c:77:5f:71:27:c7:87:1e:52:1b:df:5f:6e:5a:c0:c4:47:
2f:3f:8a:74:dc:80:3b:67:d3:35:1b:75:ce:d6:71:f7:e6:23:
fa:e6:59:68:8f:2a:4d:3c:e4:94:1e:90:15:d9:f5:4f:47:79:
f3:0d:dd:1e:24:15:35:be:ed:7f:c7:89:f3:d9:0b:c6:38:f7:
a2:88:af:05:74:36:be:5a:b8:0f:2c:fd:8f:f9:59:f7:eb:35:
17:d0:86:45:e4:d6:fc:cb:24:90:a5:90:c1:c5:38:24:2b:96:
10:88:5a:b7:1a:08:74:55:99:6f:f8:93:c7:dd:63:10:85:f9:
58:b4:d0:bd:79:3e:18:ae:0f:92:46:f3:83:57:a4:80:3e:f2:
30:5d:81:f0:0d:6c:29:3b:29:0a:98:d1:f8:e1:bd:1e:19:bd:
f4:46:3d:3d:41:fa:57:44:a6:14:22:c3:86:99:95:58:2b:97:
dd:ca:4d:46:eb:99:d0:2e:ce:aa:f8:03:2d:ba:fb:d9:58:dc:
74:2d:8a:d8:17:e1:61:23:ed:9f:c1:de:2f:12:08:32:80:89:
50:a7:0e:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaFVqXYKvN7fmH5BwFLpsAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNDMwMDYxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA1NDM0MjlhNzRjZjRlMzNjMWZhMDQ0OWNmZDJlNmVmNWViNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUHny+O19bQvVheLOeCbN/m9b0le
wuH/fzFHyxHQNVLHCOc9gsiZ9BOoGSD9TNjypXr6dNFxetV8FpxgFTvk85gKIn43
Kc1G03rJrQkoshY5z34UF6WmBKU6LUf66PgNiPtmTc7+1raAcEhJuhFXJTtxHdin
NoqOEyBFhKyFy5fAdIosz6PMKIuHl4u6JcHQS+MX8x5SRv2I8aHqkLWpJWS+djJK
5lAbEwY9kVQU5G3pxfoAkx35+m/h4jCbyJjDwYlgaE1dcp22ym8d4rjmSaBEro5Z
z+YFOdOwtnxOCrFTTcAHW2VczHAf5zaBHa+00g3ELJ8hft3dypvyrNUY+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPcFQ0KadM9OM8H6BEnP0ubvXrWdMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvOXdWRFFwcDB6MDR6d2ZvRVNjX1M1dTlldFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDHwegAwQC
TV+8AwQDW2cYAwQDW2c4AwQDXV7YAwQEX4zAAwQAuU8AMA0GCSqGSIb3DQEBCwUA
A4IBAQCfJir+QmcuNa64vYn+3U5v9bXXlMKRz74Bsnlf79+Gw3q9koATjHdfcSfH
hx5SG99fblrAxEcvP4p03IA7Z9M1G3XO1nH35iP65llojypNPOSUHpAV2fVPR3nz
Dd0eJBU1vu1/x4nz2QvGOPeiiK8FdDa+WrgPLP2P+Vn36zUX0IZF5Nb8yySQpZDB
xTgkK5YQiFq3Ggh0VZlv+JPH3WMQhflYtNC9eT4Yrg+SRvODV6SAPvIwXYHwDWwp
OykKmNH44b0eGb30Rj09QfpXRKYUIsOGmZVYK5fdyk1G65nQLs6q+AMtuvvZWNx0
LYrYF+FhI+2fwd4vEggygIlQpw5C
-----END CERTIFICATE-----
Generated at Sat May 10 16:46:06 2025 by rpki-client