Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/2GddVKlLqDHz3jGINuxAaNndgi4.roa
File: 2GddVKlLqDHz3jGINuxAaNndgi4.roa (raw, json)
Hash identifier: NX+DTGci6J0ZuUfn1NcxftSpxOGbzEMso8wgVo2GWr0=
Subject key identifier: D8:67:5D:54:A9:4B:A8:31:F3:DE:31:88:36:EC:40:68:D9:DD:82:2E
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 01983E744B26E734AF99F46D6DA9ABFA1D2B
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/2GddVKlLqDHz3jGINuxAaNndgi4.roa
Signing time: Thu 24 Jul 2025 22:01:05 +0000
ROA not before: Thu 24 Jul 2025 22:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209505
IP address blocks: 78.41.136.0/24 maxlen: 24
2a13:3840:1000::/39 maxlen: 39
2a13:3840:2000::/48 maxlen: 48
2a13:3840:4000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 19:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3e:74:4b:26:e7:34:af:99:f4:6d:6d:a9:ab:fa:1d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Jul 24 22:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8675d54a94ba831f3de318836ec4068d9dd822e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:eb:cf:52:e7:82:57:d5:93:ef:82:df:72:37:
60:25:1e:61:4d:12:40:8f:02:78:1e:d3:db:a9:1e:
e9:03:c8:fd:1c:d4:41:74:75:5e:07:aa:db:f1:f7:
2e:22:18:2e:29:6f:a4:4e:37:be:f7:9c:3b:95:ad:
cf:71:90:93:1c:09:d4:81:55:a3:56:6b:e8:26:7d:
07:5d:65:c3:98:9b:38:e5:2a:fb:ec:ec:16:6b:31:
d1:1f:b1:f1:ce:e7:d3:e9:5a:c8:6b:4c:88:4e:66:
e2:4c:a8:fe:36:e5:cd:8f:6f:fb:a6:40:a0:b7:ff:
01:6f:b1:0e:4a:99:00:c6:af:33:b6:81:0d:93:10:
11:ee:23:18:b5:52:b1:32:61:3f:b3:83:fa:fb:eb:
57:29:6e:70:22:57:09:0c:33:56:56:c2:6e:03:83:
d9:14:2a:bd:83:db:c5:d6:30:99:4d:e4:b2:ff:ea:
f7:2b:06:76:8e:d6:b7:67:48:ba:ea:a3:30:83:0b:
c0:62:51:7d:8a:33:88:ca:0c:6c:b9:d4:52:b5:d7:
70:c6:33:f7:8a:a6:da:b7:9c:d6:d5:68:df:67:1d:
16:d8:83:d3:f1:d6:ff:e6:fc:3f:65:ff:80:1f:e1:
48:57:d4:e0:29:70:f4:1b:4b:71:95:ee:5f:4a:bc:
fd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:67:5D:54:A9:4B:A8:31:F3:DE:31:88:36:EC:40:68:D9:DD:82:2E
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/2GddVKlLqDHz3jGINuxAaNndgi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.136.0/24
IPv6:
2a13:3840:1000::/39
2a13:3840:2000::/48
2a13:3840:4000::/34
Signature Algorithm: sha256WithRSAEncryption
37:d9:51:0c:6b:e1:fb:0e:41:32:12:df:38:48:b8:90:e1:4a:
76:38:e6:0e:d5:4f:87:ca:80:bd:9a:fc:51:f3:51:14:2e:54:
11:e8:16:b5:4f:6a:07:43:72:c0:59:ba:6b:66:2c:fe:05:96:
84:81:d4:6b:4c:02:9c:98:73:b7:b9:9e:d2:15:05:1c:93:de:
98:c8:f7:00:01:06:de:27:e9:9c:9d:08:f9:de:93:dc:6e:fc:
84:71:a0:e8:9e:8e:45:c5:bd:b0:5f:e3:16:f7:4b:a7:24:b6:
73:99:da:15:52:7a:c2:0c:2c:4a:44:ea:32:ab:ac:68:c9:5c:
d7:3d:c9:12:c1:9d:66:70:e7:5d:56:f6:e6:17:b0:f1:c5:fb:
35:56:d8:ee:01:9a:64:80:00:1c:a6:59:da:85:10:fe:98:ae:
ac:02:b5:c3:7c:6d:b5:bc:ab:64:fe:84:d9:3e:3f:ff:0d:94:
da:11:eb:39:71:67:a0:58:95:19:09:ac:52:3b:22:23:50:6b:
62:3d:65:fe:b0:ef:07:9b:53:58:09:46:c6:48:15:6b:a2:0a:
af:88:33:48:52:ba:42:df:1f:5f:33:5b:9e:27:7f:11:8a:02:
a8:dc:d8:7e:cd:da:f6:1b:53:d0:d6:03:27:5d:dc:b4:49:01:
41:f1:03:38
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZg+dEsm5zSvmfRtbamr+h0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjUwNzI0MjIwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY3NWQ1NGE5NGJhODMxZjNkZTMxODgzNmVjNDA2OGQ5ZGQ4MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+vPUueCV9WT74LfcjdgJR5hTRJA
jwJ4HtPbqR7pA8j9HNRBdHVeB6rb8fcuIhguKW+kTje+95w7la3PcZCTHAnUgVWj
VmvoJn0HXWXDmJs45Sr77OwWazHRH7HxzufT6VrIa0yITmbiTKj+NuXNj2/7pkCg
t/8Bb7EOSpkAxq8ztoENkxAR7iMYtVKxMmE/s4P6++tXKW5wIlcJDDNWVsJuA4PZ
FCq9g9vF1jCZTeSy/+r3KwZ2jta3Z0i66qMwgwvAYlF9ijOIygxsudRStddwxjP3
iqbat5zW1WjfZx0W2IPT8db/5vw/Zf+AH+FIV9TgKXD0G0txle5fSrz9uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNhnXVSpS6gx894xiDbsQGjZ3YIuMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvMkdkZFZLbExxREh6M2pHSU51eEFhTm5kZ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQATimIMB8E
AgACMBkDBgEqEzhAEAMHACoTOEAgAAMGBioTOEBAMA0GCSqGSIb3DQEBCwUAA4IB
AQA32VEMa+H7DkEyEt84SLiQ4Up2OOYO1U+HyoC9mvxR81EULlQR6Ba1T2oHQ3LA
WbprZiz+BZaEgdRrTAKcmHO3uZ7SFQUck96YyPcAAQbeJ+mcnQj53pPcbvyEcaDo
no5Fxb2wX+MW90unJLZzmdoVUnrCDCxKROoyq6xoyVzXPckSwZ1mcOddVvbmF7Dx
xfs1VtjuAZpkgAAcplnahRD+mK6sArXDfG21vKtk/oTZPj//DZTaEes5cWegWJUZ
CaxSOyIjUGtiPWX+sO8Hm1NYCUbGSBVrogqviDNIUrpC3x9fM1ueJ38RigKo3Nh+
zdr2G1PQ1gMnXdy0SQFB8QM4
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:01:36 2025 by rpki-client