Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/7CgbMHxuJajLgebxzNfnlB8hYAs.roa
File: 7CgbMHxuJajLgebxzNfnlB8hYAs.roa (raw, json)
Hash identifier: 9Cs5URgUgIByAdH61MOA1mCVhVWDEosP+T03kfLMOlI=
Subject key identifier: EC:28:1B:30:7C:6E:25:A8:CB:81:E6:F1:CC:D7:E7:94:1F:21:60:0B
Certificate issuer: /CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Certificate serial: 019899065012B369B2F90130A69F0E975391
Authority key identifier: 22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/7CgbMHxuJajLgebxzNfnlB8hYAs.roa
Signing time: Mon 11 Aug 2025 12:06:24 +0000
ROA not before: Mon 11 Aug 2025 12:06:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48399
IP address blocks: 45.15.254.0/24 maxlen: 24
45.93.13.0/24 maxlen: 24
45.147.195.0/24 maxlen: 24
77.83.72.0/24 maxlen: 24
85.193.70.0/23 maxlen: 23
91.188.246.0/23 maxlen: 23
178.170.223.0/24 maxlen: 24
185.190.116.0/23 maxlen: 23
185.190.118.0/23 maxlen: 23
192.70.196.0/23 maxlen: 23
192.70.198.0/23 maxlen: 23
2a07:ecc0::/30 maxlen: 30
2a07:ecc4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:99:06:50:12:b3:69:b2:f9:01:30:a6:9f:0e:97:53:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Validity
Not Before: Aug 11 12:06:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec281b307c6e25a8cb81e6f1ccd7e7941f21600b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f6:e1:ae:3d:0c:b0:c2:79:5a:ee:d5:c4:22:
11:25:f3:0d:ea:b3:7d:58:74:13:64:1f:85:b7:05:
5b:a2:b9:3a:b8:c2:27:52:ef:4b:33:7b:cd:dd:15:
ad:70:89:47:df:f8:10:57:9b:57:92:00:57:8b:aa:
75:07:2a:f5:c5:ef:a2:f2:84:81:9a:3a:d2:1c:38:
f1:20:7d:08:6b:fb:d5:ec:f6:75:6d:68:5a:fa:fc:
69:46:79:07:dd:36:48:ee:41:78:17:a1:20:bc:6f:
2b:42:05:e5:66:01:91:ca:f0:01:9a:cd:25:29:6f:
95:d9:2e:ff:56:f7:51:1d:08:66:f7:b2:19:f6:70:
57:de:79:3d:f1:3b:69:5e:19:52:7d:fc:f4:a9:29:
80:68:bb:dd:a7:e0:07:b5:16:d8:27:bd:27:34:bc:
ce:1d:ad:f0:75:db:22:3a:0f:18:e3:6a:87:04:d9:
63:dd:12:73:aa:3f:1d:58:96:3c:6a:cd:5e:05:49:
c5:48:16:5a:13:8b:30:f9:cd:72:7e:8d:42:19:3c:
be:2a:96:e9:2d:a8:5b:15:99:2a:83:18:eb:60:b1:
23:46:f7:b6:57:97:15:8c:55:fb:c9:ed:db:f5:3f:
a5:81:fc:61:63:cf:b8:15:7c:c8:bb:d6:5c:f3:5a:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:1B:30:7C:6E:25:A8:CB:81:E6:F1:CC:D7:E7:94:1F:21:60:0B
X509v3 Authority Key Identifier:
keyid:22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/7CgbMHxuJajLgebxzNfnlB8hYAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.254.0/24
45.93.13.0/24
45.147.195.0/24
77.83.72.0/24
85.193.70.0/23
91.188.246.0/23
178.170.223.0/24
185.190.116.0/22
192.70.196.0/22
IPv6:
2a07:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:45:f0:fb:a9:a1:ea:65:35:ca:09:d8:91:b8:4f:f9:7b:5e:
25:63:ba:6b:5b:0c:fb:78:7d:0d:d7:63:28:39:fb:9b:41:01:
b8:76:51:b0:d0:63:a4:eb:2a:92:9e:2c:dd:d0:f1:5e:4c:9f:
59:ae:cc:52:57:44:a7:48:5d:1f:cb:16:f3:6d:12:b2:33:a5:
c9:cf:74:f9:cd:51:42:ca:e8:81:82:ad:db:00:c5:c8:ab:a8:
02:b1:0d:90:ec:45:f3:0a:35:2f:ae:ca:f9:8d:23:46:78:3f:
94:ff:de:a6:fb:ac:c7:ab:df:cb:5d:2b:77:21:3d:9f:73:7a:
be:c9:76:63:c2:36:0d:23:da:9b:74:51:a5:e4:a4:fc:ec:6f:
74:4a:c6:d6:d8:1a:59:08:e2:94:0c:8c:00:0b:85:1f:ba:39:
7c:93:91:c3:c1:b9:9d:bf:8f:51:f1:3c:ce:03:e5:8e:b9:2d:
c1:ce:69:e1:e9:1a:7c:1a:b8:e7:d8:0f:df:ab:30:1f:37:1a:
f9:16:5b:76:23:a1:41:ea:56:2d:a8:6a:73:5c:33:84:6c:93:
09:9f:14:46:19:a3:c5:55:57:a7:34:b1:90:33:03:66:0f:b6:
0f:81:e9:d0:ec:68:0d:5b:a5:27:0e:c0:d4:9d:78:a9:41:86:
e3:d3:b2:33
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZiZBlASs2my+QEwpp8Ol1ORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzVmZWIyZDI1ZmFjNGRkOGJhYTRmNzFkOGRjMjI2ODE4
NmEwMzkwHhcNMjUwODExMTIwNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzI4MWIzMDdjNmUyNWE4Y2I4MWU2ZjFjY2Q3ZTc5NDFmMjE2MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/bhrj0MsMJ5Wu7VxCIRJfMN6rN9
WHQTZB+FtwVbork6uMInUu9LM3vN3RWtcIlH3/gQV5tXkgBXi6p1Byr1xe+i8oSB
mjrSHDjxIH0Ia/vV7PZ1bWha+vxpRnkH3TZI7kF4F6EgvG8rQgXlZgGRyvABms0l
KW+V2S7/VvdRHQhm97IZ9nBX3nk98TtpXhlSffz0qSmAaLvdp+AHtRbYJ70nNLzO
Ha3wddsiOg8Y42qHBNlj3RJzqj8dWJY8as1eBUnFSBZaE4sw+c1yfo1CGTy+Kpbp
LahbFZkqgxjrYLEjRve2V5cVjFX7ye3b9T+lgfxhY8+4FXzIu9Zc81r9hwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOwoGzB8biWoy4Hm8czX55QfIWALMB8GA1UdIwQY
MBaAFCLF/rLSX6xN2Lqk9x2NwiaBhqA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTkt
NDY4ZjQ5OGZhZjFjLzEvN0NnYk1IeHVKYWpMZ2VieHpOZm5sQjhoWUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTktNDY4ZjQ5OGZhZjFj
LzEvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALQ/+AwQA
LV0NAwQALZPDAwQATVNIAwQBVcFGAwQBW7z2AwQAsqrfAwQCub50AwQCwEbEMA0E
AgACMAcDBQMqB+zAMA0GCSqGSIb3DQEBCwUAA4IBAQCuRfD7qaHqZTXKCdiRuE/5
e14lY7prWwz7eH0N12MoOfubQQG4dlGw0GOk6yqSnizd0PFeTJ9ZrsxSV0SnSF0f
yxbzbRKyM6XJz3T5zVFCyuiBgq3bAMXIq6gCsQ2Q7EXzCjUvrsr5jSNGeD+U/96m
+6zHq9/LXSt3IT2fc3q+yXZjwjYNI9qbdFGl5KT87G90SsbW2BpZCOKUDIwAC4Uf
ujl8k5HDwbmdv49R8TzOA+WOuS3Bzmnh6Rp8Grjn2A/fqzAfNxr5Flt2I6FB6lYt
qGpzXDOEbJMJnxRGGaPFVVenNLGQMwNmD7YPgenQ7GgNW6UnDsDUnXipQYbj07Iz
-----END CERTIFICATE-----
Generated at Sun Aug 24 08:02:31 2025 by rpki-client