Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/5xtV36wWP_bS1NEiRKe92fTVa2Y.roa
File: 5xtV36wWP_bS1NEiRKe92fTVa2Y.roa (raw, json)
Hash identifier: mi2HnN7cH74bvu1lEwLndA7z41JqUc9pgJEQ25fZQMk=
Subject key identifier: E7:1B:55:DF:AC:16:3F:F6:D2:D4:D1:22:44:A7:BD:D9:F4:D5:6B:66
Certificate issuer: /CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Certificate serial: 0197875105CE86D6C546FE388EED37EB039D
Authority key identifier: 2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/5xtV36wWP_bS1NEiRKe92fTVa2Y.roa
Signing time: Thu 19 Jun 2025 08:32:03 +0000
ROA not before: Thu 19 Jun 2025 08:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208800
IP address blocks: 77.242.240.0/21 maxlen: 21
77.242.240.0/22 maxlen: 22
77.242.240.0/23 maxlen: 23
77.242.240.0/24 maxlen: 24
77.242.241.0/24 maxlen: 24
77.242.242.0/23 maxlen: 23
77.242.242.0/24 maxlen: 24
77.242.243.0/24 maxlen: 24
77.242.244.0/22 maxlen: 22
77.242.244.0/23 maxlen: 23
77.242.244.0/24 maxlen: 24
77.242.245.0/24 maxlen: 24
77.242.246.0/23 maxlen: 23
77.242.246.0/24 maxlen: 24
77.242.247.0/24 maxlen: 24
77.242.248.0/24 maxlen: 24
77.242.249.0/24 maxlen: 24
77.242.250.0/24 maxlen: 24
77.242.251.0/24 maxlen: 24
77.242.252.0/24 maxlen: 24
77.242.253.0/24 maxlen: 24
77.242.254.0/23 maxlen: 23
77.242.254.0/24 maxlen: 24
77.242.255.0/24 maxlen: 24
91.201.4.0/22 maxlen: 22
91.201.4.0/24 maxlen: 24
91.201.5.0/24 maxlen: 24
91.201.6.0/24 maxlen: 24
91.201.7.0/24 maxlen: 24
188.116.28.0/22 maxlen: 22
188.116.28.0/24 maxlen: 24
188.116.29.0/24 maxlen: 24
188.116.30.0/24 maxlen: 24
188.116.31.0/24 maxlen: 24
2a0e:6e80::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/LED81TmHsgn4rznKEhHycGCokC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/LED81TmHsgn4rznKEhHycGCokC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:51:05:ce:86:d6:c5:46:fe:38:8e:ed:37:eb:03:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Validity
Not Before: Jun 19 08:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e71b55dfac163ff6d2d4d12244a7bdd9f4d56b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:20:59:b0:10:3d:50:f8:7c:2f:b8:e7:d4:46:
9a:8d:40:3c:e5:37:f5:6d:2c:1b:9b:ab:83:03:ab:
be:02:4b:ea:d0:87:89:d6:80:2d:73:11:ee:b4:47:
a2:f2:6f:c0:7f:cc:70:18:47:b8:a8:90:34:2c:44:
1f:a0:65:cf:72:4b:26:c8:b6:d5:04:ee:21:8b:65:
91:e2:12:34:4c:90:b0:bf:a9:95:d5:e0:3e:b8:eb:
26:c5:66:a8:2f:48:fa:e9:a7:be:38:17:8f:9f:d5:
bd:57:58:e5:b1:34:31:05:15:bb:df:0f:36:6f:b7:
9f:95:81:ae:ce:9d:e6:5b:8c:a2:f3:1f:ea:53:8d:
00:be:2a:4e:e2:00:ea:a9:21:74:15:ab:ef:39:97:
d6:93:ee:da:5c:60:2a:0b:cf:4a:bc:4c:a8:fb:d7:
d1:91:5f:22:0c:21:9c:fd:33:89:15:97:c6:42:aa:
47:d3:9c:78:db:a4:33:11:3d:6d:61:e7:b2:36:77:
47:19:73:4b:60:d1:85:0e:82:11:1f:08:f3:25:75:
44:3e:6b:09:49:c4:6c:81:79:b5:40:7e:f4:40:ef:
26:57:bd:78:cf:b0:09:42:df:1f:ff:d0:3c:72:7f:
e2:7d:00:7d:13:9b:52:39:0a:35:b2:87:cc:27:5a:
8c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1B:55:DF:AC:16:3F:F6:D2:D4:D1:22:44:A7:BD:D9:F4:D5:6B:66
X509v3 Authority Key Identifier:
keyid:2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/5xtV36wWP_bS1NEiRKe92fTVa2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/LED81TmHsgn4rznKEhHycGCokC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.240.0/20
91.201.4.0/22
188.116.28.0/22
IPv6:
2a0e:6e80::/44
Signature Algorithm: sha256WithRSAEncryption
4e:58:0c:3e:00:91:8a:d0:e6:d9:b8:e1:6d:27:1c:51:c5:bb:
6e:5a:ae:cd:09:3b:2d:15:32:22:02:4b:0f:e2:20:d3:ad:e6:
1e:ff:36:40:a5:d1:6d:d1:01:5c:f5:ab:8a:ce:fd:b4:28:fc:
29:7a:b7:b1:76:e7:cc:56:54:a1:c0:99:4a:45:8c:8f:da:4a:
d0:9d:2a:97:17:7b:f2:51:30:fc:eb:3e:f6:68:77:29:cc:f0:
81:57:c3:4f:f9:6c:3d:c5:8b:dc:4d:a6:54:00:8c:1e:89:ed:
20:dd:66:55:16:78:28:c7:18:bf:7f:9f:bd:9a:a4:96:80:31:
29:7a:17:97:9e:66:17:05:5c:cf:bf:c4:db:d0:25:af:df:e5:
f7:57:37:96:ea:da:90:4a:e3:4a:de:b4:36:b8:8d:37:13:48:
42:e7:f5:7d:1e:0b:0a:f4:86:74:bc:c2:b6:ab:21:fb:90:c8:
e2:18:00:41:8c:87:e7:39:c6:a9:1d:97:5d:de:86:85:0d:b7:
ea:83:e9:70:12:4f:74:fd:4f:bf:6a:b5:ac:77:67:2e:d1:c0:
65:a8:61:9c:80:c7:0a:28:5f:25:91:87:7b:8f:88:05:43:48:
71:bf:ee:8b:06:58:e8:b2:76:7b:0c:7f:f3:cc:30:fc:67:84:
34:80:7c:e8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZeHUQXOhtbFRv44ju036wOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNDBmY2Q1Mzk4N2IyMDlmOGFmMzljYTEyMTFmMjcwNjBh
ODkwMmUwHhcNMjUwNjE5MDgzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzFiNTVkZmFjMTYzZmY2ZDJkNGQxMjI0NGE3YmRkOWY0ZDU2YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyBZsBA9UPh8L7jn1EaajUA85Tf1
bSwbm6uDA6u+Akvq0IeJ1oAtcxHutEei8m/Af8xwGEe4qJA0LEQfoGXPcksmyLbV
BO4hi2WR4hI0TJCwv6mV1eA+uOsmxWaoL0j66ae+OBePn9W9V1jlsTQxBRW73w82
b7eflYGuzp3mW4yi8x/qU40AvipO4gDqqSF0FavvOZfWk+7aXGAqC89KvEyo+9fR
kV8iDCGc/TOJFZfGQqpH05x426QzET1tYeeyNndHGXNLYNGFDoIRHwjzJXVEPmsJ
ScRsgXm1QH70QO8mV714z7AJQt8f/9A8cn/ifQB9E5tSOQo1sofMJ1qMmQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOcbVd+sFj/20tTRIkSnvdn01WtmMB8GA1UdIwQY
MBaAFCxA/NU5h7IJ+K85yhIR8nBgqJAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEVEODFUbUhzZ240cnpuS0VoSHljR0Nva0M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy83MDlmYzktNjhlZi00MTFlLWExY2Mt
ZTFlODA3ZWNkNGRmLzEvNXh0VjM2d1dQX2JTMU5FaVJLZTkyZlRWYTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy83MDlmYzktNjhlZi00MTFlLWExY2MtZTFlODA3ZWNkNGRm
LzEvTEVEODFUbUhzZ240cnpuS0VoSHljR0Nva0M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQETfLwAwQC
W8kEAwQCvHQcMA8EAgACMAkDBwQqDm6AAAAwDQYJKoZIhvcNAQELBQADggEBAE5Y
DD4AkYrQ5tm44W0nHFHFu25ars0JOy0VMiICSw/iINOt5h7/NkCl0W3RAVz1q4rO
/bQo/Cl6t7F258xWVKHAmUpFjI/aStCdKpcXe/JRMPzrPvZodynM8IFXw0/5bD3F
i9xNplQAjB6J7SDdZlUWeCjHGL9/n72apJaAMSl6F5eeZhcFXM+/xNvQJa/f5fdX
N5bq2pBK40retDa4jTcTSELn9X0eCwr0hnS8wrarIfuQyOIYAEGMh+c5xqkdl13e
hoUNt+qD6XAST3T9T79qtax3Zy7RwGWoYZyAxwooXyWRh3uPiAVDSHG/7osGWOiy
dnsMf/PMMPxnhDSAfOg=
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:03:43 2025 by rpki-client