Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/phgdvuDIYy_goUCyzQBfZp_mR9M.roa
File: phgdvuDIYy_goUCyzQBfZp_mR9M.roa (raw, json)
Hash identifier: k9I4r1Ni5T1KIlDeup8IjeMbYSjPKo4/8uvvro2RGP8=
Subject key identifier: A6:18:1D:BE:E0:C8:63:2F:E0:A1:40:B2:CD:00:5F:66:9F:E6:47:D3
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 01980849C4BCCCEF34B055091ADF2B8EF48A
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/phgdvuDIYy_goUCyzQBfZp_mR9M.roa
Signing time: Mon 14 Jul 2025 09:35:08 +0000
ROA not before: Mon 14 Jul 2025 09:35:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48500
IP address blocks: 37.99.224.0/20 maxlen: 20
94.230.64.0/21 maxlen: 21
109.104.224.0/21 maxlen: 21
134.90.224.0/20 maxlen: 20
185.46.100.0/22 maxlen: 22
217.196.128.0/21 maxlen: 21
217.196.140.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 15:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:49:c4:bc:cc:ef:34:b0:55:09:1a:df:2b:8e:f4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Jul 14 09:35:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6181dbee0c8632fe0a140b2cd005f669fe647d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:48:93:84:c9:09:4b:1d:a0:1d:19:63:43:5e:
89:91:bb:3e:5f:89:e9:ac:63:9a:3f:be:29:6d:24:
16:7a:a8:fb:6e:8b:9f:06:e5:38:2d:5e:38:79:7e:
cf:99:a9:20:73:fc:cb:63:6c:76:6d:e7:83:b7:76:
5c:1f:7f:51:50:15:98:0b:d3:94:1f:91:fc:fa:13:
5e:42:56:99:ef:b9:73:65:65:43:f1:47:8b:5e:e1:
c0:d0:7a:12:d0:10:c4:27:2d:a3:96:61:d9:13:aa:
7b:21:9b:d3:67:4a:75:98:a2:87:32:86:6a:4a:d9:
6a:ef:1f:4f:eb:8f:1a:6f:dd:b0:c1:fa:d9:88:d8:
d6:53:81:10:85:68:2e:10:44:cc:82:b9:00:ce:51:
dd:fa:53:23:2a:0d:7a:05:b9:ea:05:c8:6a:f2:76:
50:a5:0f:bf:ce:20:69:54:9a:dd:2c:9d:db:d0:02:
a9:f8:29:11:e5:d1:e3:da:e5:3d:dd:05:7a:6c:ef:
0f:2e:72:9b:48:cc:66:df:2c:95:78:3d:92:23:c5:
28:05:85:f5:e6:a8:7e:4f:8a:be:fd:f4:84:f7:57:
8e:61:e5:04:e9:d7:a1:ca:44:75:36:ea:b2:06:9b:
76:d9:a3:df:cb:fb:60:35:70:f3:1a:be:89:4e:c7:
f9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:18:1D:BE:E0:C8:63:2F:E0:A1:40:B2:CD:00:5F:66:9F:E6:47:D3
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/phgdvuDIYy_goUCyzQBfZp_mR9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.224.0/20
94.230.64.0/21
109.104.224.0/21
134.90.224.0/20
185.46.100.0/22
217.196.128.0/21
217.196.140.0/23
Signature Algorithm: sha256WithRSAEncryption
27:57:3e:5f:f0:5b:96:2c:33:21:27:bb:8d:22:67:61:f0:b3:
52:e1:d1:55:bd:0e:bb:39:f5:6c:21:b9:14:a1:31:72:44:ad:
90:a0:5f:44:7a:a7:fe:5c:c6:7c:85:27:c5:f7:d9:33:d3:05:
c6:a0:a0:b1:ab:a5:f9:6b:c8:d5:45:58:9c:d0:35:54:9f:bc:
4b:2a:dc:b5:71:7f:ad:14:98:de:8b:9d:83:d8:3c:30:2e:72:
01:77:f1:31:a8:6a:a4:41:15:fa:8c:4e:60:44:c0:69:14:a3:
c5:57:9d:97:16:f3:ab:ea:4b:45:2a:e8:10:1d:d8:d6:76:2c:
63:ac:28:43:b0:48:b3:6c:24:2a:c4:ab:b3:9e:bc:09:d2:7f:
46:66:72:5a:1a:06:47:e4:01:e7:bb:04:d5:47:6d:96:49:ab:
90:07:10:a4:71:6a:fe:9a:71:67:0d:06:ee:89:41:46:83:f8:
a6:b3:62:01:b0:0c:85:a6:5a:61:eb:40:20:ec:56:dd:38:25:
93:3c:31:4e:f3:0a:56:41:d2:89:24:89:57:0a:f3:49:a1:0f:
92:01:f6:78:38:09:6f:54:8e:cc:75:2e:ce:71:81:8a:0c:b8:
50:d7:c2:d9:09:42:17:c9:82:2e:6d:67:73:a0:46:ee:60:1e:
81:3d:6b:44
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgIScS8zO80sFUJGt8rjvSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjUwNzE0MDkzNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE4MWRiZWUwYzg2MzJmZTBhMTQwYjJjZDAwNWY2NjlmZTY0N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kiThMkJSx2gHRljQ16Jkbs+X4np
rGOaP74pbSQWeqj7boufBuU4LV44eX7Pmakgc/zLY2x2beeDt3ZcH39RUBWYC9OU
H5H8+hNeQlaZ77lzZWVD8UeLXuHA0HoS0BDEJy2jlmHZE6p7IZvTZ0p1mKKHMoZq
Stlq7x9P648ab92wwfrZiNjWU4EQhWguEETMgrkAzlHd+lMjKg16BbnqBchq8nZQ
pQ+/ziBpVJrdLJ3b0AKp+CkR5dHj2uU93QV6bO8PLnKbSMxm3yyVeD2SI8UoBYX1
5qh+T4q+/fSE91eOYeUE6dehykR1NuqyBpt22aPfy/tgNXDzGr6JTsf5tQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKYYHb7gyGMv4KFAss0AX2af5kfTMB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvcGhnZHZ1RElZeV9nb1VDeXpRQmZacF9tUjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDctYzBmODlhZDM2YmNh
LzEveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEJWPgAwQD
XuZAAwQDbWjgAwQEhlrgAwQCuS5kAwQD2cSAAwQB2cSMMA0GCSqGSIb3DQEBCwUA
A4IBAQAnVz5f8FuWLDMhJ7uNImdh8LNS4dFVvQ67OfVsIbkUoTFyRK2QoF9Eeqf+
XMZ8hSfF99kz0wXGoKCxq6X5a8jVRVic0DVUn7xLKty1cX+tFJjei52D2DwwLnIB
d/ExqGqkQRX6jE5gRMBpFKPFV52XFvOr6ktFKugQHdjWdixjrChDsEizbCQqxKuz
nrwJ0n9GZnJaGgZH5AHnuwTVR22WSauQBxCkcWr+mnFnDQbuiUFGg/ims2IBsAyF
plph60Ag7FbdOCWTPDFO8wpWQdKJJIlXCvNJoQ+SAfZ4OAlvVI7MdS7OcYGKDLhQ
18LZCUIXyYIubWdzoEbuYB6BPWtE
-----END CERTIFICATE-----
Generated at Fri Jul 25 23:41:55 2025 by rpki-client