Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/PwMQ2FB61zxu5sQ2E09luTqKMvk.roa
File: PwMQ2FB61zxu5sQ2E09luTqKMvk.roa (raw, json)
Hash identifier: izn212mH5oYV5cpl26pTxpZxIsUMzoPkaD7C7yvNm8E=
Subject key identifier: 3F:03:10:D8:50:7A:D7:3C:6E:E6:C4:36:13:4F:65:B9:3A:8A:32:F9
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 0197EB08C1ADEFA89FEDBC9F6160A5472EB9
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/PwMQ2FB61zxu5sQ2E09luTqKMvk.roa
Signing time: Tue 08 Jul 2025 17:15:09 +0000
ROA not before: Tue 08 Jul 2025 17:15:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39582
IP address blocks: 37.77.0.0/19 maxlen: 24
37.77.1.0/24 maxlen: 24
37.77.2.0/24 maxlen: 24
37.77.3.0/24 maxlen: 24
37.77.4.0/24 maxlen: 24
37.77.5.0/24 maxlen: 24
37.77.6.0/24 maxlen: 24
37.77.7.0/24 maxlen: 24
37.77.8.0/24 maxlen: 24
37.77.9.0/24 maxlen: 24
37.77.10.0/24 maxlen: 24
37.77.12.0/24 maxlen: 24
37.77.13.0/24 maxlen: 24
37.77.14.0/24 maxlen: 24
37.77.15.0/24 maxlen: 24
37.77.16.0/24 maxlen: 24
37.77.17.0/24 maxlen: 24
37.77.18.0/24 maxlen: 24
37.77.20.0/24 maxlen: 24
37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.23.0/24 maxlen: 24
37.77.24.0/24 maxlen: 24
37.77.26.0/24 maxlen: 24
2a02:4300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:eb:08:c1:ad:ef:a8:9f:ed:bc:9f:61:60:a5:47:2e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Jul 8 17:15:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f0310d8507ad73c6ee6c436134f65b93a8a32f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:88:3b:21:32:d4:55:2e:3c:50:c5:97:83:12:
82:20:e0:dc:72:fa:cf:cf:08:d6:a1:ea:e9:1d:cd:
85:2a:b8:47:b7:32:64:62:d7:8c:a1:bc:55:dc:69:
89:78:b2:71:51:0c:b8:71:b7:e5:9b:33:50:1d:a1:
a7:53:e4:00:28:f6:93:ea:9a:0e:75:74:15:23:a9:
40:cb:c7:49:84:aa:bf:98:2f:d0:f0:6b:1e:7e:d5:
1a:0a:bc:7c:53:5b:44:b6:52:78:80:eb:dd:ce:e5:
20:18:e3:50:a0:bd:9e:44:a3:ad:1e:31:96:ad:80:
88:f8:c8:d1:48:a8:95:f1:c9:8a:0b:14:58:6c:4c:
fe:78:fa:73:24:a7:d4:0c:a8:52:04:a9:dc:0d:79:
01:47:f7:cf:ce:41:ae:f1:4a:4f:21:a7:a2:39:ec:
d3:3c:6e:fc:78:93:22:aa:a7:7b:13:17:ac:52:bf:
aa:3c:13:a6:73:e1:94:80:5d:20:cd:af:21:df:56:
d9:b5:50:41:33:4b:82:0a:de:00:86:fa:4b:fc:9e:
6f:f4:69:43:d3:34:d6:f1:d2:d5:74:06:11:34:77:
e7:4d:95:1c:bf:be:e0:0d:13:1c:6d:8b:ee:62:8e:
9a:8b:46:53:44:ab:b3:b5:b8:7a:fe:c2:f4:bd:d1:
76:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:03:10:D8:50:7A:D7:3C:6E:E6:C4:36:13:4F:65:B9:3A:8A:32:F9
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/PwMQ2FB61zxu5sQ2E09luTqKMvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.0.0/19
IPv6:
2a02:4300::/32
Signature Algorithm: sha256WithRSAEncryption
3a:dd:b7:8b:ee:92:38:28:ff:cb:75:e9:7b:41:c8:00:65:69:
b5:19:94:57:0c:48:fa:24:38:99:e5:67:6e:1c:45:b1:25:72:
e5:6d:8a:46:e7:bb:a9:0a:03:c4:8d:3a:8f:83:97:4b:1e:ff:
25:98:1c:dc:0a:d4:c4:2a:9c:a2:53:50:0c:02:ed:4e:80:74:
11:c8:9b:83:d7:fb:f1:f2:fd:7f:53:4d:15:ca:38:eb:cd:e4:
da:be:e1:72:93:8c:c5:85:aa:7e:69:7b:f2:a4:5c:24:39:46:
6c:d4:97:ed:04:1d:16:8d:75:78:00:92:c7:02:e3:22:e8:bf:
e9:aa:b5:12:29:98:09:c1:73:57:53:3d:ca:86:a0:d8:f1:03:
1f:64:cf:f8:f1:cd:2a:8a:6e:02:e7:59:9d:fc:a9:e6:c2:fc:
fa:a9:6a:34:7d:50:07:fe:19:83:26:7b:34:f6:11:00:d8:51:
2e:5e:33:e6:9a:e0:90:2b:98:12:f0:66:a9:59:74:f7:b1:9c:
7f:23:8c:3d:6d:d2:25:56:ac:35:b6:59:53:9d:ac:eb:0d:f8:
36:33:ee:96:1a:f6:1e:97:1f:8b:eb:52:b4:b3:d6:07:f0:64:
27:b3:e6:23:6f:df:c0:24:9c:69:65:57:88:34:17:4a:8a:38:
b9:c2:a6:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfrCMGt76if7byfYWClRy65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUwNzA4MTcxNTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAzMTBkODUwN2FkNzNjNmVlNmM0MzYxMzRmNjViOTNhOGEzMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmog7ITLUVS48UMWXgxKCIODccvrP
zwjWoerpHc2FKrhHtzJkYteMobxV3GmJeLJxUQy4cbflmzNQHaGnU+QAKPaT6poO
dXQVI6lAy8dJhKq/mC/Q8GseftUaCrx8U1tEtlJ4gOvdzuUgGONQoL2eRKOtHjGW
rYCI+MjRSKiV8cmKCxRYbEz+ePpzJKfUDKhSBKncDXkBR/fPzkGu8UpPIaeiOezT
PG78eJMiqqd7ExesUr+qPBOmc+GUgF0gza8h31bZtVBBM0uCCt4AhvpL/J5v9GlD
0zTW8dLVdAYRNHfnTZUcv77gDRMcbYvuYo6ai0ZTRKuztbh6/sL0vdF2IwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD8DENhQetc8bubENhNPZbk6ijL5MB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvUHdNUTJGQjYxenh1NXNRMkUwOWx1VHFLTXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFJU0AMA0E
AgACMAcDBQAqAkMAMA0GCSqGSIb3DQEBCwUAA4IBAQA63beL7pI4KP/Ldel7QcgA
ZWm1GZRXDEj6JDiZ5WduHEWxJXLlbYpG57upCgPEjTqPg5dLHv8lmBzcCtTEKpyi
U1AMAu1OgHQRyJuD1/vx8v1/U00VyjjrzeTavuFyk4zFhap+aXvypFwkOUZs1Jft
BB0WjXV4AJLHAuMi6L/pqrUSKZgJwXNXUz3KhqDY8QMfZM/48c0qim4C51md/Knm
wvz6qWo0fVAH/hmDJns09hEA2FEuXjPmmuCQK5gS8GapWXT3sZx/I4w9bdIlVqw1
tllTnazrDfg2M+6WGvYelx+L61K0s9YH8GQns+Yjb9/AJJxpZVeINBdKiji5wqZ0
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:39:44 2025 by rpki-client