Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/R23zeQRDOen9HPSmR-eKHeta0HU.roa
File: R23zeQRDOen9HPSmR-eKHeta0HU.roa (raw, json)
Hash identifier: lKe4syLzRE8BrGtoS0ZImyw7G/jxJEgSU5WDE02BXs8=
Subject key identifier: 47:6D:F3:79:04:43:39:E9:FD:1C:F4:A6:47:E7:8A:1D:EB:5A:D0:75
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 0197EED24B5F66C1D9539DE4D765D23989C6
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/R23zeQRDOen9HPSmR-eKHeta0HU.roa
Signing time: Wed 09 Jul 2025 10:54:08 +0000
ROA not before: Wed 09 Jul 2025 10:54:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12338
IP address blocks: 77.26.0.0/18 maxlen: 18
77.26.64.0/18 maxlen: 18
77.26.128.0/18 maxlen: 18
77.26.192.0/18 maxlen: 18
77.27.0.0/18 maxlen: 18
77.27.64.0/18 maxlen: 18
77.27.128.0/18 maxlen: 18
77.27.192.0/18 maxlen: 18
83.165.0.0/18 maxlen: 18
83.165.64.0/18 maxlen: 18
83.165.128.0/18 maxlen: 18
83.165.192.0/18 maxlen: 18
85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
91.116.64.0/18 maxlen: 18
91.116.128.0/18 maxlen: 18
91.116.192.0/18 maxlen: 18
91.117.0.0/18 maxlen: 18
91.117.64.0/18 maxlen: 18
91.117.128.0/18 maxlen: 18
91.117.192.0/18 maxlen: 18
92.53.192.0/19 maxlen: 19
178.60.0.0/18 maxlen: 18
178.60.128.0/18 maxlen: 18
178.60.192.0/18 maxlen: 18
178.60.197.0/24 maxlen: 24
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
212.51.32.0/19 maxlen: 19
212.89.1.0/24 maxlen: 24
213.60.0.0/18 maxlen: 18
213.60.64.0/18 maxlen: 18
213.60.128.0/18 maxlen: 18
213.60.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:d2:4b:5f:66:c1:d9:53:9d:e4:d7:65:d2:39:89:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Jul 9 10:54:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=476df379044339e9fd1cf4a647e78a1deb5ad075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:98:f4:99:73:5e:c4:ea:0e:42:0e:ee:f8:
31:e0:8b:dd:1a:34:c1:b4:85:c4:18:52:c6:c8:8d:
66:30:fe:01:55:ad:54:4c:3a:5c:5b:d0:03:6e:ad:
37:88:eb:b7:e3:bc:b6:14:5d:35:ea:e2:0b:5a:58:
5b:cb:b6:9e:a5:4c:15:fd:33:45:25:4c:93:95:ae:
8c:2c:80:c0:4e:00:82:4e:91:73:49:98:a5:5e:cd:
32:01:a8:84:03:80:17:e0:be:02:5e:55:05:b7:a2:
f6:5a:b0:ea:d0:73:40:66:fe:e6:72:0d:1d:e2:4e:
75:86:f3:aa:c3:8b:46:46:bd:b1:cf:97:9f:02:5b:
5c:e0:64:46:4f:f0:2c:7f:22:02:58:85:c3:7a:b9:
34:9f:aa:95:cb:9e:34:63:4a:fe:09:f8:df:75:15:
60:da:e9:5c:30:13:dd:ea:83:84:ee:2f:80:ed:43:
99:58:e3:77:bb:90:7e:41:12:c2:14:3e:7c:6e:9d:
94:11:f5:e6:80:db:45:b8:33:1e:46:32:46:9c:5d:
6a:9e:28:8d:dc:40:c2:d2:2d:1e:2e:81:ef:19:6e:
76:f6:90:68:59:3e:c1:f4:0e:e8:91:9f:49:2b:0e:
94:28:d2:75:cf:ea:14:53:9d:3b:1f:f1:1a:0a:a0:
4d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6D:F3:79:04:43:39:E9:FD:1C:F4:A6:47:E7:8A:1D:EB:5A:D0:75
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/R23zeQRDOen9HPSmR-eKHeta0HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/15
83.165.0.0/16
85.152.104.0/22
85.152.124.0/22
91.116.64.0-91.117.255.255
92.53.192.0/19
178.60.0.0/18
178.60.128.0/17
188.171.234.0/24
188.171.240.0/20
212.51.32.0/19
212.89.1.0/24
213.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:ba:03:6e:bd:24:63:8b:6b:4e:00:53:52:95:e8:20:d7:cf:
b6:ec:86:bb:74:09:2a:90:c5:c8:bf:b2:4c:a5:13:8d:a8:8a:
e5:7f:49:e6:7e:80:cd:18:2a:de:97:13:e0:89:ed:9f:67:1c:
cd:b9:ba:27:c1:29:04:38:02:0e:96:b4:67:39:c1:ba:b7:6b:
5c:bd:97:06:0b:de:bc:b1:f6:57:9b:3e:ec:18:aa:df:6c:4a:
93:3a:fd:c4:2e:90:41:bc:a2:dd:56:9b:20:79:96:9b:fc:24:
06:4e:4a:78:70:bf:cf:ec:01:7f:01:93:45:58:cb:31:ba:02:
24:12:8a:49:10:62:2a:00:a6:d7:c5:8c:82:bf:cf:4d:6d:68:
a3:b9:98:09:77:c2:81:9b:c8:76:ee:af:c2:3a:63:27:bf:9c:
39:8d:8b:8a:8b:77:65:10:2f:fb:e2:d0:a2:17:56:1e:74:ad:
86:1c:62:74:ba:15:98:63:62:86:14:0f:cc:e0:19:7b:c8:d4:
ef:c4:15:cc:31:4a:8a:77:bf:28:78:d1:e5:ce:3b:82:0e:37:
77:d6:79:43:45:73:65:db:2f:42:95:ff:fc:13:32:cb:8a:9c:
b2:5b:ca:cc:b5:f7:bd:ec:e9:82:b8:9f:2a:c0:91:14:ca:08:
f3:bc:88:9b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZfu0ktfZsHZU53k12XSOYnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNzA5MTA1NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZkZjM3OTA0NDMzOWU5ZmQxY2Y0YTY0N2U3OGExZGViNWFkMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNWY9JlzXsTqDkIO7vgx4IvdGjTB
tIXEGFLGyI1mMP4BVa1UTDpcW9ADbq03iOu347y2FF016uILWlhby7aepUwV/TNF
JUyTla6MLIDATgCCTpFzSZilXs0yAaiEA4AX4L4CXlUFt6L2WrDq0HNAZv7mcg0d
4k51hvOqw4tGRr2xz5efAltc4GRGT/AsfyICWIXDerk0n6qVy540Y0r+CfjfdRVg
2ulcMBPd6oOE7i+A7UOZWON3u5B+QRLCFD58bp2UEfXmgNtFuDMeRjJGnF1qniiN
3EDC0i0eLoHvGW529pBoWT7B9A7okZ9JKw6UKNJ1z+oUU507H/EaCqBNjwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFEdt83kEQznp/Rz0pkfnih3rWtB1MB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvUjIzemVRUkRPZW45SFBTbVItZUtIZXRhMEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwMBTRoDAwBT
pQMEAlWYaAMEAlWYfDALAwQGW3RAAwMBW3QDBAVcNcADBAayPAADBAeyPIADBAC8
q+oDBAS8q/ADBAXUMyADBADUWQEDAwDVPDANBgkqhkiG9w0BAQsFAAOCAQEAGLoD
br0kY4trTgBTUpXoINfPtuyGu3QJKpDFyL+yTKUTjaiK5X9J5n6AzRgq3pcT4Int
n2cczbm6J8EpBDgCDpa0ZznBurdrXL2XBgvevLH2V5s+7Biq32xKkzr9xC6QQbyi
3VabIHmWm/wkBk5KeHC/z+wBfwGTRVjLMboCJBKKSRBiKgCm18WMgr/PTW1oo7mY
CXfCgZvIdu6vwjpjJ7+cOY2Liot3ZRAv++LQohdWHnSthhxidLoVmGNihhQPzOAZ
e8jU78QVzDFKine/KHjR5c47gg43d9Z5Q0VzZdsvQpX//BMyy4qcslvKzLX3vezp
grifKsCRFMoI87yImw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:32:51 2025 by rpki-client