Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/7WjSgMc07SzfT635zdA34HJuKpY.roa
File: 7WjSgMc07SzfT635zdA34HJuKpY.roa (raw, json)
Hash identifier: gHF3rjtW1hun8ETR5As505HwZP4tO+oLSUOaSw28d9o=
Subject key identifier: ED:68:D2:80:C7:34:ED:2C:DF:4F:AD:F9:CD:D0:37:E0:72:6E:2A:96
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 0197F3BD256A7D12A108021B6DEB8699BCC4
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/7WjSgMc07SzfT635zdA34HJuKpY.roa
Signing time: Thu 10 Jul 2025 09:49:08 +0000
ROA not before: Thu 10 Jul 2025 09:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 37.114.32.0/24 maxlen: 24
37.114.34.0/24 maxlen: 24
37.114.35.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.38.0/23 maxlen: 24
37.114.42.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.47.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.53.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.56.0/24 maxlen: 24
37.114.57.0/24 maxlen: 24
37.114.59.0/24 maxlen: 24
37.114.60.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
37.114.62.0/24 maxlen: 24
43.251.162.0/23 maxlen: 23
43.251.162.0/24 maxlen: 32
43.251.163.0/24 maxlen: 32
103.252.88.0/22 maxlen: 22
176.100.32.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
185.14.94.0/24 maxlen: 24
185.14.95.0/24 maxlen: 24
2a00:ccc1:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:bd:25:6a:7d:12:a1:08:02:1b:6d:eb:86:99:bc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jul 10 09:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed68d280c734ed2cdf4fadf9cdd037e0726e2a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:46:fc:84:b8:83:45:c5:18:eb:15:1f:25:5e:
87:6b:00:c4:e2:a3:54:86:9c:e6:f3:57:18:32:70:
ae:ba:2e:90:0d:cd:5e:04:6b:cb:08:e2:1d:43:a7:
df:24:97:6c:47:14:53:18:5f:6a:54:6b:84:43:a1:
60:98:e6:6e:3b:e2:7e:91:7b:93:74:9c:36:53:22:
11:51:6b:d1:72:a6:b4:2b:37:6c:e1:94:a4:dd:54:
ba:1d:ce:e1:2a:1a:4e:a6:9f:7c:1c:49:26:c3:f7:
1c:e5:7d:d1:bf:ad:a4:ed:ed:56:3d:c7:27:3e:d1:
45:bb:67:5b:39:f3:cc:89:1a:35:21:90:88:31:a4:
9f:86:02:25:c5:23:cc:15:d1:f1:1f:24:cd:c2:5f:
74:56:0f:9c:9f:ec:90:a7:2f:a5:00:59:e0:c3:ee:
ff:97:4f:bb:65:c0:9a:8f:c8:ec:4d:65:48:cb:2a:
06:63:31:bf:a8:9f:7a:2e:db:02:1f:4a:a3:93:80:
e2:50:2c:8a:78:74:02:50:94:1d:52:33:a5:19:0d:
36:88:86:6c:3e:4a:6a:98:c9:ae:8c:bb:a0:c0:19:
42:d6:ab:96:e5:1e:96:43:b8:84:32:f2:d6:2d:e4:
57:b4:cf:5e:51:73:c6:61:32:e4:d8:c4:f4:31:56:
a9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:68:D2:80:C7:34:ED:2C:DF:4F:AD:F9:CD:D0:37:E0:72:6E:2A:96
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/7WjSgMc07SzfT635zdA34HJuKpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/24
37.114.34.0-37.114.36.255
37.114.38.0/23
37.114.42.0/23
37.114.45.0/24
37.114.47.0-37.114.49.255
37.114.51.0-37.114.57.255
37.114.59.0-37.114.62.255
43.251.162.0/23
103.252.88.0/22
176.100.32.0/22
176.100.38.0/24
185.14.94.0/23
IPv6:
2a00:ccc1:100::/40
Signature Algorithm: sha256WithRSAEncryption
28:83:c6:b3:e8:2d:dc:4a:f6:76:b6:19:66:0d:4f:5d:e4:70:
d1:ec:27:87:f1:75:21:d9:4e:c4:41:74:86:ed:90:bd:8e:69:
ca:0a:e2:74:1a:b6:12:a0:ff:aa:c1:de:7f:b4:fa:9c:11:2c:
a3:78:c0:1c:40:93:33:25:19:83:73:5c:02:d7:f0:2d:a6:ca:
08:32:c5:7c:b6:f1:f9:c3:0f:25:38:ce:b9:e7:a3:bb:ab:39:
50:31:f5:16:39:7e:b5:09:f2:15:e7:ce:c5:54:95:37:1a:60:
18:57:08:a3:a1:04:49:d2:2e:fe:d7:07:a3:5f:aa:55:4a:f2:
70:c9:28:2e:c8:ba:bd:a6:45:ec:34:ae:3e:20:03:e3:c2:de:
cc:b2:a7:09:85:c2:28:82:c8:e0:e2:2a:08:60:ef:ac:e5:ac:
e9:7b:09:7d:1d:5a:50:0a:d9:df:63:ba:22:36:e6:61:49:de:
59:ed:e5:08:ab:83:a5:50:e4:18:d0:64:3b:95:17:b8:b9:b6:
f8:da:ef:c5:29:3d:a2:14:33:7d:47:e7:13:af:c3:4e:6f:36:
df:a7:40:78:c8:97:68:f4:c9:c8:75:95:62:7d:5b:68:b9:89:
82:fc:fe:f6:a8:9e:6b:9f:87:8b:f6:be:00:be:3c:4d:f4:17:
37:50:11:68
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZfzvSVqfRKhCAIbbeuGmbzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwNzEwMDk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDY4ZDI4MGM3MzRlZDJjZGY0ZmFkZjljZGQwMzdlMDcyNmUyYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0b8hLiDRcUY6xUfJV6HawDE4qNU
hpzm81cYMnCuui6QDc1eBGvLCOIdQ6ffJJdsRxRTGF9qVGuEQ6FgmOZuO+J+kXuT
dJw2UyIRUWvRcqa0Kzds4ZSk3VS6Hc7hKhpOpp98HEkmw/cc5X3Rv62k7e1WPccn
PtFFu2dbOfPMiRo1IZCIMaSfhgIlxSPMFdHxHyTNwl90Vg+cn+yQpy+lAFngw+7/
l0+7ZcCaj8jsTWVIyyoGYzG/qJ96LtsCH0qjk4DiUCyKeHQCUJQdUjOlGQ02iIZs
PkpqmMmujLugwBlC1quW5R6WQ7iEMvLWLeRXtM9eUXPGYTLk2MT0MVapOQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFO1o0oDHNO0s30+t+c3QN+BybiqWMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvN1dqU2dNYzA3U3pmVDYzNXpkQTM0SEp1S3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB0BAIAATBuAwQAJXIg
MAwDBAElciIDBAAlciQDBAElciYDBAElcioDBAAlci0wDAMEACVyLwMEASVyMDAM
AwQAJXIzAwQBJXI4MAwDBAAlcjsDBAAlcj4DBAEr+6IDBAJn/FgDBAKwZCADBACw
ZCYDBAG5Dl4wDgQCAAIwCAMGACoAzMEBMA0GCSqGSIb3DQEBCwUAA4IBAQAog8az
6C3cSvZ2thlmDU9d5HDR7CeH8XUh2U7EQXSG7ZC9jmnKCuJ0GrYSoP+qwd5/tPqc
ESyjeMAcQJMzJRmDc1wC1/AtpsoIMsV8tvH5ww8lOM6556O7qzlQMfUWOX61CfIV
587FVJU3GmAYVwijoQRJ0i7+1wejX6pVSvJwySguyLq9pkXsNK4+IAPjwt7MsqcJ
hcIogsjg4ioIYO+s5azpewl9HVpQCtnfY7oiNuZhSd5Z7eUIq4OlUOQY0GQ7lRe4
ubb42u/FKT2iFDN9R+cTr8NObzbfp0B4yJdo9MnIdZVifVtouYmC/P72qJ5rn4eL
9r4AvjxN9Bc3UBFo
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:08:20 2025 by rpki-client