Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/pmuiV6clv5cyPr-qmq6jzEdLMWQ.roa
File: pmuiV6clv5cyPr-qmq6jzEdLMWQ.roa (raw, json)
Hash identifier: srm5oNyQOx3QPSYnmbGrcGEVNYLHmnUcdWkSoqLkAho=
Subject key identifier: A6:6B:A2:57:A7:25:BF:97:32:3E:BF:AA:9A:AE:A3:CC:47:4B:31:64
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0198C782082BD33D0DCF4CB3292B3BD05201
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/pmuiV6clv5cyPr-qmq6jzEdLMWQ.roa
Signing time: Wed 20 Aug 2025 12:44:04 +0000
ROA not before: Wed 20 Aug 2025 12:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.142.9.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
83.222.190.0/23 maxlen: 23
84.201.224.0/20 maxlen: 20
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/24 maxlen: 24
91.148.187.0/24 maxlen: 24
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:82:08:2b:d3:3d:0d:cf:4c:b3:29:2b:3b:d0:52:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Aug 20 12:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a66ba257a725bf97323ebfaa9aaea3cc474b3164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d9:1d:ac:2c:a1:56:79:55:43:6d:34:0a:b5:
2f:c1:6f:5d:c4:05:c3:13:a6:fe:2a:3c:6b:d7:f9:
cc:84:55:4b:cf:27:03:27:44:0d:cd:8c:d8:84:70:
6e:85:4e:f4:3e:47:a6:89:2f:e1:53:46:39:0a:a2:
30:4a:3d:b2:ca:e6:84:b4:08:52:32:32:d2:14:05:
9b:1c:7e:44:68:75:2c:ff:55:b8:ee:3b:22:17:66:
aa:6f:bd:a3:e4:0e:13:14:57:45:06:51:71:ca:90:
5f:cd:4b:b4:5b:2f:6f:25:b7:7e:00:a7:f3:e6:cf:
44:f6:dc:30:34:84:4f:5a:6e:34:bd:1c:b5:75:46:
22:c5:ed:b4:29:c0:d2:a0:67:0b:43:56:e5:1e:0a:
f8:e3:82:92:1e:e9:06:19:45:10:1c:ec:35:64:bc:
99:c5:5c:85:5b:ba:cf:62:ca:6a:6b:31:99:fb:41:
5d:26:74:27:fc:dc:fe:2f:33:fa:be:48:be:ea:72:
5d:14:c0:7d:c9:9a:b8:4b:3d:cc:49:7e:06:a5:41:
cf:76:de:e0:99:23:4f:2b:dc:cc:55:a0:83:70:5b:
ec:e1:4a:0e:c7:52:96:8c:9c:fb:e0:a0:92:0a:08:
cb:17:a4:3a:4b:be:80:3a:80:f7:eb:5e:ad:36:82:
e8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6B:A2:57:A7:25:BF:97:32:3E:BF:AA:9A:AE:A3:CC:47:4B:31:64
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/pmuiV6clv5cyPr-qmq6jzEdLMWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.142.9.0-78.142.15.255
78.142.30.0/23
83.222.190.0/23
84.201.224.0/20
91.148.162.0-91.148.165.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:b2:f0:fa:0a:c2:33:2e:cf:e5:f8:dc:20:00:c7:21:6a:e1:
1c:40:fa:df:3d:40:36:7c:56:cd:d0:05:8d:eb:02:2b:79:84:
47:5d:76:ce:4e:a9:da:66:dd:fb:f7:e5:ec:4f:73:d0:72:99:
82:22:1b:79:19:33:eb:cf:79:74:e9:4d:f6:2b:8c:86:27:ef:
6f:4e:3d:9f:95:d8:a1:12:fe:83:bf:11:2e:70:93:92:68:6c:
41:e7:1b:b8:37:2a:4f:2e:3c:36:86:2c:53:bd:a6:35:8f:6a:
d4:aa:8b:32:9e:2f:ec:19:1f:56:5c:0e:fb:4f:1f:b2:6c:57:
48:63:44:cc:af:2c:a5:f9:d5:f0:66:da:71:e7:1f:d0:4e:f5:
2f:a9:dc:7d:70:c9:3b:67:da:4d:85:63:49:c5:47:64:07:81:
ec:e8:b1:31:39:e9:a5:62:65:9b:91:49:bf:8b:cd:7d:66:e3:
8c:94:ac:c6:d5:0f:3e:88:85:64:ed:dd:a2:26:e9:fe:f1:5a:
73:75:6f:8c:d3:8d:b2:80:30:3c:ab:17:23:f2:71:6f:e2:16:
0e:1f:50:dd:2a:ae:c0:21:67:b4:05:78:30:dc:76:6f:20:9c:
27:21:0e:63:25:23:6d:ee:69:9d:d3:21:5e:22:16:aa:0d:69:
db:0f:0e:56
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZjHgggr0z0Nz0yzKSs70FIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwODIwMTI0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZiYTI1N2E3MjViZjk3MzIzZWJmYWE5YWFlYTNjYzQ3NGIzMTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitkdrCyhVnlVQ200CrUvwW9dxAXD
E6b+Kjxr1/nMhFVLzycDJ0QNzYzYhHBuhU70PkemiS/hU0Y5CqIwSj2yyuaEtAhS
MjLSFAWbHH5EaHUs/1W47jsiF2aqb72j5A4TFFdFBlFxypBfzUu0Wy9vJbd+AKfz
5s9E9twwNIRPWm40vRy1dUYixe20KcDSoGcLQ1blHgr444KSHukGGUUQHOw1ZLyZ
xVyFW7rPYspqazGZ+0FdJnQn/Nz+LzP6vki+6nJdFMB9yZq4Sz3MSX4GpUHPdt7g
mSNPK9zMVaCDcFvs4UoOx1KWjJz74KCSCgjLF6Q6S76AOoD3616tNoLo4QIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKZrolenJb+XMj6/qpquo8xHSzFkMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvcG11aVY2Y2x2NWN5UHItcW1xNmp6RWRMTVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAJN
TAQwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJOgDQDBAJOgDgwDAME
AU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0MAwDBABOjgkDBARO
jgADBAFOjh4DBAFT3r4DBARUyeAwDAMEAVuUogMEAVuUpDAMAwQAW5SpAwQDW5Sw
AwQBW5S6AwQAgrnjAwQCwRjwAwQBwcgOMA0GCSqGSIb3DQEBCwUAA4IBAQB7svD6
CsIzLs/l+NwgAMchauEcQPrfPUA2fFbN0AWN6wIreYRHXXbOTqnaZt379+XsT3PQ
cpmCIht5GTPrz3l06U32K4yGJ+9vTj2fldihEv6DvxEucJOSaGxB5xu4NypPLjw2
hixTvaY1j2rUqosyni/sGR9WXA77Tx+ybFdIY0TMryyl+dXwZtpx5x/QTvUvqdx9
cMk7Z9pNhWNJxUdkB4Hs6LExOemlYmWbkUm/i819ZuOMlKzG1Q8+iIVk7d2iJun+
8VpzdW+M042ygDA8qxcj8nFv4hYOH1DdKq7AIWe0BXgw3HZvIJwnIQ5jJSNt7mmd
0yFeIhaqDWnbDw5W
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:10:43 2025 by rpki-client