Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A91JOKLe7WwtG82_nq5dPeZsgDo.roa
File: A91JOKLe7WwtG82_nq5dPeZsgDo.roa (raw, json)
Hash identifier: N83dLsuh6PHmr+o3yVTcp8PT02B+ESrfHgdv/9Eafco=
Subject key identifier: 03:DD:49:38:A2:DE:ED:6C:2D:1B:CD:BF:9E:AE:5D:3D:E6:6C:80:3A
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019832EFB18F4E67A49D474DAE1EF0AAB677
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A91JOKLe7WwtG82_nq5dPeZsgDo.roa
Signing time: Tue 22 Jul 2025 16:20:26 +0000
ROA not before: Tue 22 Jul 2025 16:20:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
45.90.147.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
85.202.161.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:ef:b1:8f:4e:67:a4:9d:47:4d:ae:1e:f0:aa:b6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jul 22 16:20:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03dd4938a2deed6c2d1bcdbf9eae5d3de66c803a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cb:55:d3:44:bc:36:06:83:a0:f7:c7:47:6d:
cb:f0:2d:87:99:e9:0d:cc:df:61:c2:eb:ba:7b:d6:
a7:65:a3:29:a8:f9:a7:1d:c8:d1:e8:04:16:58:65:
ea:85:7b:4b:db:32:40:97:b8:9b:be:ff:e3:aa:cc:
cd:bc:2e:c7:7a:9b:15:2a:2b:78:e5:d2:0e:26:d7:
21:51:d5:28:7f:a0:c3:a4:09:22:eb:29:1b:05:5d:
b9:b3:0f:9a:d8:f3:2a:c5:ff:47:23:8e:66:19:fd:
c4:a9:9c:12:63:43:ee:91:8f:db:67:19:1f:6c:2c:
ce:ba:bc:aa:97:d3:a8:e1:b8:20:d8:a4:9a:1a:19:
3d:58:04:29:be:4a:40:c9:0f:4e:1c:58:28:24:01:
b8:90:50:26:65:ca:ed:42:de:ba:ca:a5:48:72:7d:
2c:bc:25:5a:76:0c:9c:f1:27:54:46:ba:3e:c7:5f:
d2:33:08:cb:46:3f:35:f1:72:1a:75:de:4d:05:2f:
8e:c0:3c:0d:ae:c0:26:4e:51:f1:eb:51:13:d9:43:
4e:25:fb:17:e8:0d:90:40:44:2e:ed:f1:5f:3e:14:
e2:87:6d:9c:9e:97:f8:73:18:76:1f:1e:18:ac:4d:
96:9e:1b:8f:b2:36:60:f8:c8:a9:64:55:46:32:5d:
28:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DD:49:38:A2:DE:ED:6C:2D:1B:CD:BF:9E:AE:5D:3D:E6:6C:80:3A
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A91JOKLe7WwtG82_nq5dPeZsgDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0-45.90.147.255
45.140.220.0/23
77.83.241.0/24
85.202.161.0/24
185.227.71.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
19:d9:ab:2b:02:8b:04:af:54:7d:b6:b5:5a:c2:22:05:b6:aa:
51:d1:33:20:a1:6d:26:d9:d1:95:ab:ab:e1:35:0e:d1:b3:3c:
7c:c9:c9:7c:4f:bb:f8:c8:2b:c9:fd:73:b1:07:99:b5:c9:b6:
4d:4f:5e:3a:12:25:7e:42:ef:78:15:a4:7f:ba:9b:df:8b:e4:
5d:06:29:0f:06:68:fa:28:3e:fa:bf:6d:8f:d2:0e:1e:a0:7b:
a6:7a:2a:f8:80:0a:15:01:bb:4b:f3:59:70:ff:53:64:65:e4:
38:6e:af:47:7e:82:ec:34:14:58:a8:11:26:02:a0:b6:2e:84:
b2:29:ab:62:9a:f5:41:4e:f0:cd:99:67:36:25:69:c3:86:3a:
78:70:32:7c:5d:ee:65:b2:bd:4c:b2:50:55:5a:b6:8b:c5:51:
52:14:6c:a2:b7:8e:b7:8a:cb:12:65:2f:e9:fb:37:89:6b:6a:
e8:41:3b:ef:ce:1b:5b:87:a4:cd:72:a5:f6:c9:30:d8:fa:51:
91:27:e1:09:3e:d2:c2:2e:b0:28:11:de:8f:57:5c:da:7c:9b:
1d:fc:cd:bd:4c:7e:2e:85:95:83:c3:5f:76:86:d1:9f:23:5e:
fb:47:7c:09:58:82:fc:78:f1:f0:8e:f6:fe:04:a5:19:a7:2c:
1f:14:d0:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZgy77GPTmeknUdNrh7wqrZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNzIyMTYyMDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RkNDkzOGEyZGVlZDZjMmQxYmNkYmY5ZWFlNWQzZGU2NmM4MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvctV00S8NgaDoPfHR23L8C2HmekN
zN9hwuu6e9anZaMpqPmnHcjR6AQWWGXqhXtL2zJAl7ibvv/jqszNvC7HepsVKit4
5dIOJtchUdUof6DDpAki6ykbBV25sw+a2PMqxf9HI45mGf3EqZwSY0PukY/bZxkf
bCzOuryql9Oo4bgg2KSaGhk9WAQpvkpAyQ9OHFgoJAG4kFAmZcrtQt66yqVIcn0s
vCVadgyc8SdURro+x1/SMwjLRj818XIadd5NBS+OwDwNrsAmTlHx61ET2UNOJfsX
6A2QQEQu7fFfPhTih22cnpf4cxh2Hx4YrE2WnhuPsjZg+MipZFVGMl0oqQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAPdSTii3u1sLRvNv56uXT3mbIA6MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQTkxSk9LTGU3V3d0RzgyX25xNWRQZVpzZ0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAAjimMAwD
BAAtWpEDBAItWpADBAEtjNwDBABNU/EDBABVyqEDBAC540cDBAC56koDBADCH4wD
BADCOOEwDQYJKoZIhvcNAQELBQADggEBABnZqysCiwSvVH22tVrCIgW2qlHRMyCh
bSbZ0ZWrq+E1DtGzPHzJyXxPu/jIK8n9c7EHmbXJtk1PXjoSJX5C73gVpH+6m9+L
5F0GKQ8GaPooPvq/bY/SDh6ge6Z6KviAChUBu0vzWXD/U2Rl5Dhur0d+guw0FFio
ESYCoLYuhLIpq2Ka9UFO8M2ZZzYlacOGOnhwMnxd7mWyvUyyUFVatovFUVIUbKK3
jreKyxJlL+n7N4lrauhBO+/OG1uHpM1ypfbJMNj6UZEn4Qk+0sIusCgR3o9XXNp8
mx38zb1Mfi6FlYPDX3aG0Z8jXvtHfAlYgvx48fCO9v4EpRmnLB8U0LM=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:15:51 2025 by rpki-client