Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/dRZPS3rs-hWzMDlczYkRUwtGaGw.roa
File: dRZPS3rs-hWzMDlczYkRUwtGaGw.roa (raw, json)
Hash identifier: JG/JfRSVwBPsm5cDJaTLP2R3sGhruPS/YToSJOwZOkQ=
Subject key identifier: 75:16:4F:4B:7A:EC:FA:15:B3:30:39:5C:CD:89:11:53:0B:46:68:6C
Certificate issuer: /CN=d3ff9749ee22f009257b89d8340cc64fb40bfc91
Certificate serial: 0199290084F2B9E77A45D698466705770102
Authority key identifier: D3:FF:97:49:EE:22:F0:09:25:7B:89:D8:34:0C:C6:4F:B4:0B:FC:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0_-XSe4i8Akle4nYNAzGT7QL_JE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/dRZPS3rs-hWzMDlczYkRUwtGaGw.roa
Signing time: Mon 08 Sep 2025 11:05:23 +0000
ROA not before: Mon 08 Sep 2025 11:05:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213473
IP address blocks: 77.92.160.0/21 maxlen: 21
77.92.160.0/24 maxlen: 24
77.92.161.0/24 maxlen: 24
77.92.162.0/24 maxlen: 24
77.92.163.0/24 maxlen: 24
77.92.164.0/24 maxlen: 24
77.92.165.0/24 maxlen: 24
77.92.166.0/24 maxlen: 24
77.92.167.0/24 maxlen: 24
185.225.56.0/22 maxlen: 22
185.225.56.0/24 maxlen: 24
185.225.57.0/24 maxlen: 24
185.225.58.0/24 maxlen: 24
185.225.59.0/24 maxlen: 24
2a14:e500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/0_-XSe4i8Akle4nYNAzGT7QL_JE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/0_-XSe4i8Akle4nYNAzGT7QL_JE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0_-XSe4i8Akle4nYNAzGT7QL_JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:00:84:f2:b9:e7:7a:45:d6:98:46:67:05:77:01:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3ff9749ee22f009257b89d8340cc64fb40bfc91
Validity
Not Before: Sep 8 11:05:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75164f4b7aecfa15b330395ccd8911530b46686c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:67:2a:f2:72:75:bd:93:c7:54:5a:34:11:
33:92:3f:e7:d4:79:2b:75:d6:1f:fe:4b:fb:e7:60:
68:22:a8:1d:60:17:a0:ba:61:2c:16:72:27:40:f2:
32:a3:49:16:68:fd:a4:f8:64:2a:eb:85:4f:26:28:
16:ad:0f:6f:ff:4f:da:81:b0:cf:2c:ca:43:cd:12:
b3:95:5b:96:66:09:b2:2f:d6:1c:18:90:fc:a8:24:
d8:46:bd:95:a6:65:be:4d:bb:11:06:10:c4:48:3a:
79:0f:c9:e6:84:fe:47:60:f9:fd:7f:e9:ca:fc:1c:
03:69:fc:ca:c6:10:a2:2d:06:3d:be:0a:b8:c4:c4:
71:7f:47:a5:9f:33:e9:7e:0d:b0:40:6f:bf:66:90:
9a:4e:4a:ee:e5:56:87:dd:13:c0:13:d2:b1:b6:1b:
eb:47:71:46:bd:a0:79:d0:49:f0:fc:0a:07:1e:be:
40:90:0c:9f:0d:1b:18:54:ae:14:32:8f:f4:9e:23:
f2:7f:99:83:64:0c:f7:89:c1:01:0c:8b:9b:cf:65:
75:ef:4e:4e:11:20:72:bf:fc:17:e3:5e:65:ad:1f:
86:03:58:7a:9e:f2:c0:80:5d:fd:bc:48:a3:f4:30:
a2:37:b4:3d:5f:f9:6a:c1:e8:27:10:e8:1e:62:5f:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:16:4F:4B:7A:EC:FA:15:B3:30:39:5C:CD:89:11:53:0B:46:68:6C
X509v3 Authority Key Identifier:
keyid:D3:FF:97:49:EE:22:F0:09:25:7B:89:D8:34:0C:C6:4F:B4:0B:FC:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_-XSe4i8Akle4nYNAzGT7QL_JE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/dRZPS3rs-hWzMDlczYkRUwtGaGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/59577d-2d4d-411d-86fb-00faecac7deb/1/0_-XSe4i8Akle4nYNAzGT7QL_JE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.160.0/21
185.225.56.0/22
IPv6:
2a14:e500::/29
Signature Algorithm: sha256WithRSAEncryption
9f:c4:0c:c9:62:01:5f:cb:0e:83:b1:c9:27:2e:8a:fc:2d:a6:
10:a6:2e:06:ee:fd:0b:2f:41:0a:17:e8:df:73:d9:1f:f3:bb:
07:c9:fb:c5:d5:b9:1f:bf:7b:9a:33:56:ee:00:7e:d2:6c:18:
c6:61:11:38:f2:a5:45:8e:d2:93:6a:00:f0:f7:aa:0b:a6:6a:
01:5f:6a:6c:8b:92:1b:73:fe:37:ea:d7:47:68:f1:a7:d2:1f:
8d:c9:bb:c6:90:a4:a1:37:07:ef:d3:8f:c2:d3:02:a9:af:42:
9d:88:d5:f7:1a:7e:44:d2:b1:c2:f3:2c:2e:99:02:01:4d:12:
f5:81:7d:cb:c7:c7:c9:b7:c7:ee:f7:38:cf:04:8e:37:b1:72:
ce:fa:12:e1:b5:22:4f:39:7d:97:da:1f:16:ee:24:b2:47:2c:
58:fc:ad:50:14:99:f6:cf:8e:b9:dd:31:be:1b:21:9f:ec:cf:
02:6e:80:71:a3:ac:be:78:ca:7f:63:6d:a8:eb:f4:bd:c6:8f:
ed:a1:2d:f1:67:d4:b7:2a:0d:17:70:f9:05:d4:af:4b:af:2d:
b8:d6:62:c2:f0:b6:36:cf:4a:75:b8:bb:3b:3c:9c:c6:06:8d:
26:3c:ae:bb:b2:27:9c:1b:b5:b7:3d:e1:37:81:0e:97:ab:97:
42:69:5c:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZkpAITyued6RdaYRmcFdwECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZmY5NzQ5ZWUyMmYwMDkyNTdiODlkODM0MGNjNjRmYjQw
YmZjOTEwHhcNMjUwOTA4MTEwNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE2NGY0YjdhZWNmYTE1YjMzMDM5NWNjZDg5MTE1MzBiNDY2ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK1nKvJydb2Tx1RaNBEzkj/n1Hkr
ddYf/kv752BoIqgdYBegumEsFnInQPIyo0kWaP2k+GQq64VPJigWrQ9v/0/agbDP
LMpDzRKzlVuWZgmyL9YcGJD8qCTYRr2VpmW+TbsRBhDESDp5D8nmhP5HYPn9f+nK
/BwDafzKxhCiLQY9vgq4xMRxf0elnzPpfg2wQG+/ZpCaTkru5VaH3RPAE9Kxthvr
R3FGvaB50Enw/AoHHr5AkAyfDRsYVK4UMo/0niPyf5mDZAz3icEBDIubz2V1705O
ESByv/wX415lrR+GA1h6nvLAgF39vEij9DCiN7Q9X/lqwegnEOgeYl+ruwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHUWT0t67PoVszA5XM2JEVMLRmhsMB8GA1UdIwQY
MBaAFNP/l0nuIvAJJXuJ2DQMxk+0C/yRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF8tWFNlNGk4QWtsZTRuWU5BekdUN1FMX0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81OTU3N2QtMmQ0ZC00MTFkLTg2ZmIt
MDBmYWVjYWM3ZGViLzEvZFJaUFMzcnMtaFd6TURsY3pZa1JVd3RHYUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81OTU3N2QtMmQ0ZC00MTFkLTg2ZmItMDBmYWVjYWM3ZGVi
LzEvMF8tWFNlNGk4QWtsZTRuWU5BekdUN1FMX0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTVygAwQC
ueE4MA0EAgACMAcDBQMqFOUAMA0GCSqGSIb3DQEBCwUAA4IBAQCfxAzJYgFfyw6D
scknLor8LaYQpi4G7v0LL0EKF+jfc9kf87sHyfvF1bkfv3uaM1buAH7SbBjGYRE4
8qVFjtKTagDw96oLpmoBX2psi5Ibc/436tdHaPGn0h+NybvGkKShNwfv04/C0wKp
r0KdiNX3Gn5E0rHC8ywumQIBTRL1gX3Lx8fJt8fu9zjPBI43sXLO+hLhtSJPOX2X
2h8W7iSyRyxY/K1QFJn2z4653TG+GyGf7M8CboBxo6y+eMp/Y22o6/S9xo/toS3x
Z9S3Kg0XcPkF1K9Lry241mLC8LY2z0p1uLs7PJzGBo0mPK67siecG7W3PeE3gQ6X
q5dCaVwX
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:29:05 2025 by rpki-client