Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/chSUy_WX_Mse1L_Zh-GnPPV45Wk.roa
File: chSUy_WX_Mse1L_Zh-GnPPV45Wk.roa (raw, json)
Hash identifier: BdzlPc3HpSD69LQhKLGFCf7tQNLnvI967xxASmmhAH4=
Subject key identifier: 72:14:94:CB:F5:97:FC:CB:1E:D4:BF:D9:87:E1:A7:3C:F5:78:E5:69
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 0197B137F061E852AE176D35C82C789D2770
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/chSUy_WX_Mse1L_Zh-GnPPV45Wk.roa
Signing time: Fri 27 Jun 2025 11:48:42 +0000
ROA not before: Fri 27 Jun 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201642
IP address blocks: 77.111.66.0/23 maxlen: 23
185.143.237.0/24 maxlen: 24
185.249.100.0/22 maxlen: 22
194.164.0.0/23 maxlen: 23
2a14:3200:2a14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:37:f0:61:e8:52:ae:17:6d:35:c8:2c:78:9d:27:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Jun 27 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=721494cbf597fccb1ed4bfd987e1a73cf578e569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:dc:d1:54:0c:49:17:d8:e1:22:8c:40:85:
f3:77:88:bf:bd:e6:ab:83:62:c6:50:82:68:d3:3e:
71:f0:c7:5f:29:e3:bc:60:27:a5:d0:73:71:a9:ba:
8b:da:fe:71:4b:3d:25:6a:10:6b:8b:a4:98:83:a6:
06:0e:eb:19:b6:f0:b3:00:4a:72:b3:77:4b:84:5a:
b2:5c:8d:9f:48:01:49:34:ee:a3:11:bd:a9:2c:c5:
2e:64:64:83:eb:2d:2f:73:85:35:b1:05:f9:cd:c1:
1d:5b:28:50:6b:29:a2:69:30:32:37:50:23:2e:d2:
e2:21:7b:33:ea:07:39:c9:c0:f1:8f:bb:be:21:0f:
51:fc:c4:3e:82:3d:8d:24:6e:2a:2e:d4:a2:9f:e6:
74:57:53:3a:d4:7d:73:b9:41:e0:a6:2b:b6:5c:14:
f8:06:ba:4f:da:f2:15:c5:4f:eb:72:06:4f:ae:9c:
00:a1:4f:37:84:f5:a8:30:d3:18:bc:fc:89:2a:9c:
75:85:24:c2:89:59:39:12:12:18:45:45:99:e3:a6:
84:d1:ff:88:2d:af:74:4a:9f:4d:4d:90:96:58:14:
a1:f0:6a:58:cb:34:a6:11:47:2a:bb:c0:6a:57:31:
ec:58:74:82:47:9c:2b:fd:f8:f9:f5:ba:a2:71:27:
81:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:14:94:CB:F5:97:FC:CB:1E:D4:BF:D9:87:E1:A7:3C:F5:78:E5:69
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/chSUy_WX_Mse1L_Zh-GnPPV45Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.66.0/23
185.143.237.0/24
185.249.100.0/22
194.164.0.0/23
IPv6:
2a14:3200:2a14::/48
Signature Algorithm: sha256WithRSAEncryption
07:66:14:80:46:d8:3d:77:3c:f8:63:d6:9f:3c:70:e4:58:e8:
be:54:5e:65:52:72:46:5b:8a:7c:3c:2f:25:d0:1e:51:7d:7d:
fe:9e:e5:0a:a9:da:2f:ae:35:4a:d3:2e:4a:b6:28:2e:0d:81:
8d:5c:33:91:9c:21:1f:30:78:b0:be:ee:53:b0:6e:f3:2b:0d:
54:47:0e:17:48:e3:f8:33:6d:49:e5:47:16:81:dd:0e:3a:ae:
c6:7d:c7:fe:ed:7b:f4:f7:f1:bf:7a:a1:e5:37:d9:2b:8b:e0:
69:76:77:14:0e:05:14:64:b3:a5:37:21:3f:ad:ab:8a:98:7d:
7c:f4:08:ca:6c:d1:fc:f7:45:56:66:c4:bc:56:25:08:29:4d:
16:87:87:ce:33:d1:c3:7a:8b:d1:dd:9f:bb:f1:48:fa:f9:75:
6f:63:3a:bc:37:6a:6a:25:a1:1b:d8:ad:f2:13:b6:74:91:7b:
01:7c:92:e3:c7:ac:96:8b:06:29:44:62:1d:97:ec:90:13:ba:
91:44:d2:8b:f0:b3:c9:46:71:c4:26:26:df:15:14:1c:72:1f:
9a:1b:df:4d:bd:4d:8a:b2:86:45:de:19:5d:86:4c:51:17:f1:
ba:c4:16:13:ea:9f:64:a9:57:ef:b5:07:7c:18:e5:3a:5b:97:
9f:a5:04:63
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZexN/Bh6FKuF201yCx4nSdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjUwNjI3MTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE0OTRjYmY1OTdmY2NiMWVkNGJmZDk4N2UxYTczY2Y1NzhlNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKjc0VQMSRfY4SKMQIXzd4i/vear
g2LGUIJo0z5x8MdfKeO8YCel0HNxqbqL2v5xSz0lahBri6SYg6YGDusZtvCzAEpy
s3dLhFqyXI2fSAFJNO6jEb2pLMUuZGSD6y0vc4U1sQX5zcEdWyhQaymiaTAyN1Aj
LtLiIXsz6gc5ycDxj7u+IQ9R/MQ+gj2NJG4qLtSin+Z0V1M61H1zuUHgpiu2XBT4
BrpP2vIVxU/rcgZPrpwAoU83hPWoMNMYvPyJKpx1hSTCiVk5EhIYRUWZ46aE0f+I
La90Sp9NTZCWWBSh8GpYyzSmEUcqu8BqVzHsWHSCR5wr/fj59bqicSeB5wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHIUlMv1l/zLHtS/2Yfhpzz1eOVpMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvY2hTVXlfV1hfTXNlMUxfWmgtR25QUFY0NVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBTW9CAwQA
uY/tAwQCuflkAwQBwqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQAD
ggEBAAdmFIBG2D13PPhj1p88cORY6L5UXmVSckZbinw8LyXQHlF9ff6e5Qqp2i+u
NUrTLkq2KC4NgY1cM5GcIR8weLC+7lOwbvMrDVRHDhdI4/gzbUnlRxaB3Q46rsZ9
x/7te/T38b96oeU32SuL4Gl2dxQOBRRks6U3IT+tq4qYfXz0CMps0fz3RVZmxLxW
JQgpTRaHh84z0cN6i9Hdn7vxSPr5dW9jOrw3amoloRvYrfITtnSRewF8kuPHrJaL
BilEYh2X7JATupFE0ovws8lGccQmJt8VFBxyH5ob3029TYqyhkXeGV2GTFEX8brE
FhPqn2SpV++1B3wY5Tpbl5+lBGM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:42:29 2025 by rpki-client