Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/96IYlsp4IA-KTTHZ3pTDx-VNeHU.roa
File: 96IYlsp4IA-KTTHZ3pTDx-VNeHU.roa (raw, json)
Hash identifier: ZqK22S1k6BGr6bAFd1FQp8Ar8Ye9/k9Npbiv7ko9+2c=
Subject key identifier: F7:A2:18:96:CA:78:20:0F:8A:4D:31:D9:DE:94:C3:C7:E5:4D:78:75
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B367AA0EFCDEC0F5BA1BE0659B4FDC
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/96IYlsp4IA-KTTHZ3pTDx-VNeHU.roa
Signing time: Mon 14 Jul 2025 16:10:08 +0000
ROA not before: Mon 14 Jul 2025 16:10:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 82.115.220.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.204.1.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
185.217.196.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b3:67:aa:0e:fc:de:c0:f5:ba:1b:e0:65:9b:4f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:10:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7a21896ca78200f8a4d31d9de94c3c7e54d7875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:56:b5:3d:56:4b:1d:53:19:94:f2:cf:3f:
9a:60:d8:48:52:4a:39:01:0e:19:47:27:e3:e2:aa:
68:f1:5f:76:e0:e6:97:b9:63:e9:96:45:eb:42:af:
9f:59:ee:a2:99:c5:a3:d2:ee:3a:bc:1a:69:ef:10:
19:22:1d:ae:d2:18:da:92:2f:09:8b:82:f9:2b:a1:
df:ad:0e:0f:7b:39:6a:b2:70:c3:18:7b:bc:97:a8:
07:0c:24:fb:48:97:4a:1a:bc:46:f1:0f:62:e8:73:
53:02:e0:ae:90:5b:98:df:64:b0:50:d0:1c:54:33:
ec:dd:27:bd:ab:49:28:43:8e:2b:44:fa:16:88:55:
47:5d:d7:c9:f2:c8:c1:1f:d2:df:63:ad:93:a8:38:
82:ce:f4:54:63:bf:60:f1:b8:61:2a:a2:29:dd:d2:
71:0a:9e:65:39:95:b1:b3:fb:87:a0:f3:c6:8b:5a:
16:b0:e0:e7:47:46:22:08:ae:e6:04:cf:6c:00:e6:
f0:da:4f:35:d5:3c:34:4b:fc:35:8b:55:b3:8c:15:
31:6f:ec:16:c4:cd:d9:8c:59:71:ca:0c:8a:1f:b1:
01:43:12:73:a0:c1:71:f4:92:f1:5e:68:fd:b6:14:
28:f9:25:46:14:ae:5c:fa:cf:10:33:4c:12:5a:8f:
61:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A2:18:96:CA:78:20:0F:8A:4D:31:D9:DE:94:C3:C7:E5:4D:78:75
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/96IYlsp4IA-KTTHZ3pTDx-VNeHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/24
185.221.163.0/24
Signature Algorithm: sha256WithRSAEncryption
74:75:6e:4b:23:9d:e9:7d:33:c3:da:44:2e:80:9d:9c:0e:eb:
30:ab:97:4f:62:e5:bc:24:84:0e:b1:c2:b8:e4:78:68:57:e5:
a9:05:bf:0f:7e:c0:a7:e3:89:a4:7c:44:2f:a5:8d:b3:24:ff:
7e:77:24:a1:90:7a:6e:67:2e:1a:bf:3a:37:1c:24:2c:36:41:
a4:cf:38:87:c4:f3:bb:85:c4:49:57:4d:23:a1:db:a9:22:c3:
f7:f2:d5:fd:68:d5:8c:9f:6a:6f:cc:5f:59:77:a4:a3:04:8b:
90:c2:28:8a:9e:6d:8c:b4:f5:b0:67:eb:dc:44:75:ef:b1:66:
1b:22:29:ef:5a:f6:c4:77:e3:1e:d1:be:95:f7:52:94:3a:2d:
55:94:1f:df:77:f4:c0:b2:f9:50:59:c0:9c:23:58:48:5e:6d:
cc:76:b2:58:2f:57:47:da:50:cc:8e:3c:64:7b:ee:90:e8:6a:
8f:c5:80:84:b6:2f:11:d6:eb:19:f6:bf:b8:76:c7:15:bd:af:
e5:06:2d:5d:22:dc:ed:3c:27:87:65:98:40:ba:d1:33:39:3c:
41:8d:03:9f:24:2f:20:ff:7a:b7:1f:02:9a:d0:2a:6a:8c:af:
f6:38:ab:88:f9:e6:1b:2a:4c:37:c8:da:2d:15:83:69:f0:55:
78:bc:97:5d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgJs2eqDvzewPW6G+Blm0/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EyMTg5NmNhNzgyMDBmOGE0ZDMxZDlkZTk0YzNjN2U1NGQ3ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq95WtT1WSx1TGZTyzz+aYNhIUko5
AQ4ZRyfj4qpo8V924OaXuWPplkXrQq+fWe6imcWj0u46vBpp7xAZIh2u0hjaki8J
i4L5K6HfrQ4PezlqsnDDGHu8l6gHDCT7SJdKGrxG8Q9i6HNTAuCukFuY32SwUNAc
VDPs3Se9q0koQ44rRPoWiFVHXdfJ8sjBH9LfY62TqDiCzvRUY79g8bhhKqIp3dJx
Cp5lOZWxs/uHoPPGi1oWsODnR0YiCK7mBM9sAObw2k811Tw0S/w1i1WzjBUxb+wW
xM3ZjFlxygyKH7EBQxJzoMFx9JLxXmj9thQo+SVGFK5c+s8QM0wSWo9hDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPeiGJbKeCAPik0x2d6Uw8flTXh1MB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvOTZJWWxzcDRJQS1LVFRIWjNwVER4LVZOZUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQAudnEAwQAud2jMA0GCSqGSIb3
DQEBCwUAA4IBAQB0dW5LI53pfTPD2kQugJ2cDuswq5dPYuW8JIQOscK45HhoV+Wp
Bb8PfsCn44mkfEQvpY2zJP9+dyShkHpuZy4avzo3HCQsNkGkzziHxPO7hcRJV00j
odupIsP38tX9aNWMn2pvzF9Zd6SjBIuQwiiKnm2MtPWwZ+vcRHXvsWYbIinvWvbE
d+Me0b6V91KUOi1VlB/fd/TAsvlQWcCcI1hIXm3MdrJYL1dH2lDMjjxke+6Q6GqP
xYCEti8R1usZ9r+4dscVva/lBi1dItztPCeHZZhAutEzOTxBjQOfJC8g/3q3HwKa
0CpqjK/2OKuI+eYbKkw3yNotFYNp8FV4vJdd
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:18:05 2025 by rpki-client