Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D16ZHogTlgRT8PxDQdDsbFYTitE.roa
File: D16ZHogTlgRT8PxDQdDsbFYTitE.roa (raw, json)
Hash identifier: 9Pd/cbA5jb9CKWSLB9DutetbzCBRnVp9AgMw+IGa8yY=
Subject key identifier: 0F:5E:99:1E:88:13:96:04:53:F0:FC:43:41:D0:EC:6C:56:13:8A:D1
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 019898D2E2C4A6DB7F2FCEB0ABA882396246
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D16ZHogTlgRT8PxDQdDsbFYTitE.roa
Signing time: Mon 11 Aug 2025 11:10:14 +0000
ROA not before: Mon 11 Aug 2025 11:10:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44395
IP address blocks: 5.77.128.0/17 maxlen: 24
37.157.208.0/20 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.220.0/22 maxlen: 24
37.252.64.0/19 maxlen: 24
46.36.112.0/20 maxlen: 24
46.162.192.0/18 maxlen: 24
46.162.240.0/20 maxlen: 24
46.241.128.0/17 maxlen: 24
81.16.0.0/20 maxlen: 24
82.199.192.0/20 maxlen: 21
82.199.192.0/21 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.140.0/22 maxlen: 24
109.75.34.0/23 maxlen: 24
109.75.36.0/22 maxlen: 24
109.75.40.0/21 maxlen: 24
141.136.64.0/19 maxlen: 24
178.78.128.0/18 maxlen: 24
185.59.68.0/22 maxlen: 24
185.86.195.0/24 maxlen: 24
188.115.192.0/18 maxlen: 24
212.34.224.0/19 maxlen: 24
212.34.232.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
212.34.240.0/21 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:d2:e2:c4:a6:db:7f:2f:ce:b0:ab:a8:82:39:62:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Aug 11 11:10:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5e991e8813960453f0fc4341d0ec6c56138ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fd:6c:b6:86:43:c8:26:ac:8e:3b:9c:f3:11:
c8:52:07:e8:31:65:b7:08:2a:0d:38:35:10:8f:50:
c1:2f:9d:df:98:d5:c7:20:b1:c9:05:1c:15:cb:60:
2a:eb:c6:ec:8c:c9:04:77:4c:01:59:9f:98:97:6a:
a7:6e:07:9d:25:35:ff:58:88:09:f5:1a:a5:e1:16:
29:c9:c7:45:af:1c:61:6f:43:a9:7d:fc:6a:20:32:
f6:62:2c:99:b4:2e:70:4b:25:b3:89:80:ee:bc:67:
9b:39:9c:6e:6c:21:5a:f4:ee:ed:28:ce:ae:15:28:
b4:f6:66:71:2f:6e:ac:6b:45:0a:d5:f2:ca:a7:e8:
01:86:64:20:72:fd:f7:07:3c:0f:90:c8:f2:ef:e1:
87:b0:d0:00:37:38:33:f2:f9:7d:b8:8a:18:77:21:
3b:9a:12:e0:ad:79:e6:d2:7c:5c:66:ea:fd:db:19:
cb:ca:52:cd:2b:80:0b:23:c4:3a:2c:52:73:55:23:
6c:b7:a0:ef:79:b4:96:d0:d4:33:28:09:90:21:5c:
61:74:d9:8b:da:82:b8:32:1f:1f:88:1d:a4:1e:8f:
86:fa:1f:04:9e:cb:a6:30:11:7e:7c:d4:db:74:35:
35:7c:53:58:7b:cc:d3:41:14:15:52:17:5d:2a:2e:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5E:99:1E:88:13:96:04:53:F0:FC:43:41:D0:EC:6C:56:13:8A:D1
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D16ZHogTlgRT8PxDQdDsbFYTitE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
b9:78:84:d8:a4:83:7b:28:6d:42:3a:34:c8:18:e2:57:ed:c1:
44:84:32:13:78:fe:86:32:9e:d5:e4:4d:4c:fd:2c:73:29:dd:
d2:6e:6d:9b:cb:54:85:3c:26:b9:89:fa:f9:cd:34:ec:6b:55:
7e:99:10:e8:e7:40:ac:a6:d6:93:43:0e:d9:46:10:0d:3c:a0:
00:6b:3d:09:eb:33:b3:e8:52:ab:15:c7:ae:54:1d:09:7e:83:
f2:21:dd:38:5b:24:95:5d:06:62:94:9c:35:4f:fd:24:99:87:
98:8f:3c:8c:18:78:6d:6a:de:6e:1f:62:55:4a:05:d2:78:72:
69:e4:c8:61:5e:14:96:aa:de:71:ff:fe:c3:a8:2a:72:f2:7e:
57:27:3c:4c:e1:ed:df:cc:29:6d:36:47:f0:9d:e1:07:01:23:
08:02:f6:13:b3:d9:29:35:50:b4:47:34:07:6b:cd:cb:81:ef:
42:b6:7c:32:4f:e1:00:03:4e:ec:29:e5:ac:76:6c:c6:75:9f:
06:19:f6:ec:40:25:dc:e4:71:d1:9b:3a:7a:04:14:97:31:41:
4b:bb:3d:fc:91:6e:dc:57:80:43:1c:5a:45:7a:6e:26:0a:e2:
8f:f4:16:9d:76:15:12:ab:91:01:34:7a:ed:9c:d6:ce:7e:ff:
38:45:99:16
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZiY0uLEptt/L86wq6iCOWJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjUwODExMTExMDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjVlOTkxZTg4MTM5NjA0NTNmMGZjNDM0MWQwZWM2YzU2MTM4YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f1stoZDyCasjjuc8xHIUgfoMWW3
CCoNODUQj1DBL53fmNXHILHJBRwVy2Aq68bsjMkEd0wBWZ+Yl2qnbgedJTX/WIgJ
9Rql4RYpycdFrxxhb0OpffxqIDL2YiyZtC5wSyWziYDuvGebOZxubCFa9O7tKM6u
FSi09mZxL26sa0UK1fLKp+gBhmQgcv33BzwPkMjy7+GHsNAANzgz8vl9uIoYdyE7
mhLgrXnm0nxcZur92xnLylLNK4ALI8Q6LFJzVSNst6DvebSW0NQzKAmQIVxhdNmL
2oK4Mh8fiB2kHo+G+h8EnsumMBF+fNTbdDU1fFNYe8zTQRQVUhddKi745wIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFA9emR6IE5YEU/D8Q0HQ7GxWE4rRMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvRDE2WkhvZ1RsZ1JUOFB4RFFkRHNiRllUaXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBuBAIAATBoAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEADBAayToADBAK5O0QDBAC5VsMDBAa8c8ADBAXU
IuAwGwQCAAIwFQMFAyoAzEADBQAqAUoAAwUAKgMQgDANBgkqhkiG9w0BAQsFAAOC
AQEAuXiE2KSDeyhtQjo0yBjiV+3BRIQyE3j+hjKe1eRNTP0scynd0m5tm8tUhTwm
uYn6+c007GtVfpkQ6OdArKbWk0MO2UYQDTygAGs9Ceszs+hSqxXHrlQdCX6D8iHd
OFsklV0GYpScNU/9JJmHmI88jBh4bWrebh9iVUoF0nhyaeTIYV4Ulqrecf/+w6gq
cvJ+Vyc8TOHt38wpbTZH8J3hBwEjCAL2E7PZKTVQtEc0B2vNy4HvQrZ8Mk/hAANO
7CnlrHZsxnWfBhn27EAl3ORx0Zs6egQUlzFBS7s9/JFu3FeAQxxaRXpuJgrij/QW
nXYVEquRATR67ZzWzn7/OEWZFg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:41:29 2025 by rpki-client