Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/N395374_mmN2AD-ofI4gXJ3cQpU.roa
File: N395374_mmN2AD-ofI4gXJ3cQpU.roa (raw, json)
Hash identifier: Zf59hxbYn2Mwx3RShNxnNZI4f8JDWVmUB1iW/NWH/74=
Subject key identifier: 37:7F:79:DF:BE:3F:9A:63:76:00:3F:A8:7C:8E:20:5C:9D:DC:42:95
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 0198A2D59B1F0FF6F74B5362BCBE86F9AFF2
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/N395374_mmN2AD-ofI4gXJ3cQpU.roa
Signing time: Wed 13 Aug 2025 09:49:24 +0000
ROA not before: Wed 13 Aug 2025 09:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43545
IP address blocks: 77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
78.40.144.0/21 maxlen: 21
78.40.144.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
80.84.80.0/21 maxlen: 21
80.84.86.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.90.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
185.113.216.0/22 maxlen: 24
185.113.216.0/24 maxlen: 24
185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
212.84.64.0/21 maxlen: 24
212.84.68.0/24 maxlen: 24
212.84.72.0/21 maxlen: 24
212.84.80.0/21 maxlen: 24
212.84.88.0/21 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:d5:9b:1f:0f:f6:f7:4b:53:62:bc:be:86:f9:af:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Aug 13 09:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=377f79dfbe3f9a6376003fa87c8e205c9ddc4295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:b9:26:7c:12:19:1a:f2:cb:ff:12:66:3a:
18:40:b4:05:89:28:76:ff:21:db:11:ea:cd:3f:bd:
8c:77:e5:aa:9f:68:f5:e1:c6:06:f1:41:57:91:b1:
ba:ba:b4:98:88:6f:14:3c:64:58:ce:e1:90:ad:5c:
d4:fb:0c:84:3a:35:85:02:14:07:f2:18:b5:7d:2b:
3e:e0:2d:08:5f:3f:99:bd:70:29:c2:76:72:7a:b2:
b0:73:16:f5:b9:63:17:88:24:9b:58:87:dd:ca:65:
24:60:fb:b3:31:71:3b:d0:03:e3:cb:c9:d8:0b:ae:
16:d4:be:c0:73:6c:b1:85:5d:4f:b5:01:72:7d:51:
39:3d:3c:6a:16:11:ab:22:4c:33:cf:2c:6d:76:94:
7e:d6:3a:e3:be:7b:ac:78:8d:a8:fc:5d:31:e0:c2:
6f:d0:79:72:6e:ea:d7:86:13:29:ea:74:e6:81:27:
9b:48:d7:40:54:a3:4a:e7:12:04:af:fa:8f:28:b2:
50:0e:17:f3:5f:89:fa:7a:60:5c:a4:28:4d:a8:b2:
7a:17:69:25:64:2e:ac:0c:1c:3f:64:63:84:5c:d5:
61:32:bc:ec:ae:11:aa:be:4b:1e:7d:78:32:24:c9:
f3:3b:e2:69:44:94:2f:38:50:a4:4d:2f:63:53:ee:
c7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7F:79:DF:BE:3F:9A:63:76:00:3F:A8:7C:8E:20:5C:9D:DC:42:95
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/N395374_mmN2AD-ofI4gXJ3cQpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.80.0/20
185.113.216.0/22
212.84.64.0/19
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
73:1d:05:8a:cf:64:a1:55:e5:87:42:d8:2d:f4:03:6d:e3:76:
e6:4f:47:9b:d1:ac:3d:dc:09:e5:e1:1b:df:a0:e9:45:28:f6:
83:6c:9b:ed:ed:45:60:6d:6b:10:9c:be:60:c8:f0:73:f8:df:
5b:c7:6a:c6:04:68:05:a9:9d:51:ed:2c:f3:2a:ca:8b:53:d2:
19:fa:ca:c1:c8:97:c8:c8:73:25:17:5e:52:7e:d4:1f:ff:98:
60:da:49:8c:60:b4:ce:d3:04:3e:89:58:2a:c6:b0:93:60:a1:
a7:ff:c1:76:a9:49:2e:2b:1a:ef:9b:81:d6:42:ea:6c:91:f5:
8a:bf:cb:f6:e3:19:4f:7a:fc:21:86:cb:be:dc:97:e0:ab:a9:
a5:13:06:65:28:f9:a7:d3:29:f3:e8:19:0a:c6:c7:cd:1e:7f:
78:48:2e:b9:77:ff:45:f4:77:28:a6:ed:31:97:79:bf:05:ca:
46:2c:82:c1:5c:a0:6f:30:c4:70:7b:52:c9:ad:ab:34:ca:cb:
66:f6:9e:19:52:83:1a:54:28:9c:eb:74:45:cf:12:ab:69:ec:
39:71:b4:76:a5:25:d0:bb:ca:fd:91:a7:17:ad:f7:03:d5:37:
02:f6:6e:e0:76:a0:81:15:49:72:46:f8:5e:74:e9:9b:3c:5d:
ba:d4:cd:45
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZii1ZsfD/b3S1NivL6G+a/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjUwODEzMDk0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzdmNzlkZmJlM2Y5YTYzNzYwMDNmYTg3YzhlMjA1YzlkZGM0Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOm5JnwSGRryy/8SZjoYQLQFiSh2
/yHbEerNP72Md+Wqn2j14cYG8UFXkbG6urSYiG8UPGRYzuGQrVzU+wyEOjWFAhQH
8hi1fSs+4C0IXz+ZvXApwnZyerKwcxb1uWMXiCSbWIfdymUkYPuzMXE70APjy8nY
C64W1L7Ac2yxhV1PtQFyfVE5PTxqFhGrIkwzzyxtdpR+1jrjvnuseI2o/F0x4MJv
0HlyburXhhMp6nTmgSebSNdAVKNK5xIEr/qPKLJQDhfzX4n6emBcpChNqLJ6F2kl
ZC6sDBw/ZGOEXNVhMrzsrhGqvksefXgyJMnzO+JpRJQvOFCkTS9jU+7HRwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDd/ed++P5pjdgA/qHyOIFyd3EKVMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvTjM5NTM3NF9tbU4yQUQtb2ZJNGdYSjNjUXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUpoAwQD
TiiQAwQEUFRQAwQCuXHYAwQF1FRAMA0EAgACMAcDBQAqAiTQMA0GCSqGSIb3DQEB
CwUAA4IBAQBzHQWKz2ShVeWHQtgt9ANt43bmT0eb0aw93Anl4RvfoOlFKPaDbJvt
7UVgbWsQnL5gyPBz+N9bx2rGBGgFqZ1R7SzzKsqLU9IZ+srByJfIyHMlF15SftQf
/5hg2kmMYLTO0wQ+iVgqxrCTYKGn/8F2qUkuKxrvm4HWQupskfWKv8v24xlPevwh
hsu+3Jfgq6mlEwZlKPmn0ynz6BkKxsfNHn94SC65d/9F9Hcopu0xl3m/BcpGLILB
XKBvMMRwe1LJras0ystm9p4ZUoMaVCic63RFzxKraew5cbR2pSXQu8r9kacXrfcD
1TcC9m7gdqCBFUlyRvhedOmbPF261M1F
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:23:42 2025 by rpki-client