
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vxwcAJ-qOTUrO-2SqZhxZutNFbQ.roa
File: vxwcAJ-qOTUrO-2SqZhxZutNFbQ.roa (raw, json)
Hash identifier: PvTRjk9c9O6pw4VBfWFJMay0O4Yn9eZaLuWX7/UYCAE=
Subject key identifier: BF:1C:1C:00:9F:AA:39:35:2B:3B:ED:92:A9:98:71:66:EB:4D:15:B4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0197C71BE21CB3137A109B1F414D967AED93
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vxwcAJ-qOTUrO-2SqZhxZutNFbQ.roa
Signing time: Tue 01 Jul 2025 17:49:42 +0000
ROA not before: Tue 01 Jul 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.229.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:1b:e2:1c:b3:13:7a:10:9b:1f:41:4d:96:7a:ed:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 1 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf1c1c009faa39352b3bed92a9987166eb4d15b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:57:6f:e2:3c:45:9d:11:11:95:e5:7d:47:
75:1d:96:12:75:6b:d2:09:37:52:e8:af:f7:98:a2:
1e:0d:76:85:e6:1e:92:0d:d4:c7:17:a5:fd:2d:df:
7c:f8:24:2b:48:3b:7d:4e:c3:b6:23:e2:c8:e4:df:
1e:dd:aa:a7:ac:2f:99:8f:b1:e0:bb:dc:f8:c4:3f:
39:f4:32:fa:41:b4:dd:e6:0b:73:40:c8:82:70:e9:
e3:ad:e0:ab:2e:b7:00:d6:3f:e4:63:b1:42:13:9c:
3e:ad:2f:68:4c:2c:16:0b:72:6b:c0:c7:db:f3:5a:
81:ca:24:64:71:ab:b7:16:27:83:a1:25:71:72:22:
6a:9a:43:84:7d:17:40:63:36:5b:5a:d9:22:aa:58:
d4:45:44:c2:f3:42:33:fd:49:d6:24:a7:28:43:cb:
4a:22:5f:18:6d:54:82:c1:53:35:10:f4:fd:ff:0b:
84:03:58:07:dd:dc:23:27:ed:81:40:fb:70:75:42:
ca:27:55:79:88:dd:33:96:2e:ec:12:50:d7:9c:38:
88:bf:e0:54:06:6a:3c:dc:3d:d8:e6:f4:c7:2b:4f:
d2:e7:a1:5a:92:b3:a4:c6:a9:2a:4b:1c:c2:ac:da:
75:9e:d1:86:aa:03:7e:c6:de:4c:6a:9a:b3:57:d8:
4e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1C:1C:00:9F:AA:39:35:2B:3B:ED:92:A9:98:71:66:EB:4D:15:B4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vxwcAJ-qOTUrO-2SqZhxZutNFbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.229.0/24
193.124.4.0/24
193.124.7.0/24
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
194.87.228.0/24
194.135.24.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.0.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
52:55:5c:6c:97:ea:7b:36:b6:64:b8:04:dc:56:67:b6:36:80:
71:d6:1b:b9:3d:f2:e9:8c:77:91:ae:2b:08:80:e3:30:8f:3a:
6a:e6:a9:1a:37:3f:0e:d9:00:16:b7:6c:cf:0b:3e:de:b9:2a:
83:99:a7:03:a3:91:0b:07:4a:62:c5:45:b3:f6:0b:f4:00:78:
6f:2b:cc:3f:21:af:44:f1:e0:8d:5b:9c:58:08:25:a8:aa:9b:
97:db:f2:38:87:ae:e6:93:2e:18:46:de:cd:a0:8f:1c:f8:26:
e8:90:bf:ec:b3:70:f0:c9:29:1d:29:9f:d8:fa:e2:ef:fd:97:
d4:22:4e:98:9a:c0:59:9a:87:da:13:c7:a5:35:1c:bf:51:6b:
a8:f8:d0:c4:26:ae:aa:91:91:e1:dc:7f:e2:45:a3:a3:ce:48:
7a:c1:35:a9:0a:26:a3:69:87:b3:e2:68:4b:9a:47:48:8c:8a:
1f:89:a2:26:28:80:83:89:34:76:5d:42:3c:42:3b:3b:d5:61:
b6:3a:c6:52:6f:65:7f:4e:58:db:c6:f3:64:60:52:ac:ac:73:
89:81:fb:1f:1a:82:5e:67:02:0c:91:6d:d8:77:a0:8b:42:fb:
90:68:09:64:51:b5:48:08:8b:28:70:a4:1f:65:65:d8:f3:c7:
ad:3f:97:c6
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZfHG+IcsxN6EJsfQU2Weu2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNzAxMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFjMWMwMDlmYWEzOTM1MmIzYmVkOTJhOTk4NzE2NmViNGQxNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHVXb+I8RZ0REZXlfUd1HZYSdWvS
CTdS6K/3mKIeDXaF5h6SDdTHF6X9Ld98+CQrSDt9TsO2I+LI5N8e3aqnrC+Zj7Hg
u9z4xD859DL6QbTd5gtzQMiCcOnjreCrLrcA1j/kY7FCE5w+rS9oTCwWC3JrwMfb
81qByiRkcau3FieDoSVxciJqmkOEfRdAYzZbWtkiqljURUTC80Iz/UnWJKcoQ8tK
Il8YbVSCwVM1EPT9/wuEA1gH3dwjJ+2BQPtwdULKJ1V5iN0zli7sElDXnDiIv+BU
Bmo83D3Y5vTHK0/S56FakrOkxqkqSxzCrNp1ntGGqgN+xt5MapqzV9hOBQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFL8cHACfqjk1KzvtkqmYcWbrTRW0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdnh3Y0FKLXFPVFVyTy0yU3FaaHhadXRORmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQAPkzl
AwQAwXwEAwQAwXwHAwQAwjqbAwQAwlc1AwQAwld3AwQAwlepAwQAwlezAwQAwlfk
AwQAwocYAwQBw4UYAwQAw4UdAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDxAwQA1MEA
AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA
UlVcbJfqeza2ZLgE3FZntjaAcdYbuT3y6Yx3ka4rCIDjMI86auapGjc/DtkAFrds
zws+3rkqg5mnA6ORCwdKYsVFs/YL9AB4byvMPyGvRPHgjVucWAglqKqbl9vyOIeu
5pMuGEbezaCPHPgm6JC/7LNw8MkpHSmf2Pri7/2X1CJOmJrAWZqH2hPHpTUcv1Fr
qPjQxCauqpGR4dx/4kWjo85IesE1qQomo2mHs+JoS5pHSIyKH4miJiiAg4k0dl1C
PEI7O9VhtjrGUm9lf05Y28bzZGBSrKxziYH7HxqCXmcCDJFt2Hegi0L7kGgJZFG1
SAiLKHCkH2Vl2PPHrT+Xxg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:56:33 2025 by rpki-client