Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/KV03Rnxi6WRZwO1a4oGeC3HanlY.roa
File: KV03Rnxi6WRZwO1a4oGeC3HanlY.roa (raw, json)
Hash identifier: 7zq8HVJc+s32NHnBgUroFGKyISFlCLE015+0grkcycE=
Subject key identifier: 29:5D:37:46:7C:62:E9:64:59:C0:ED:5A:E2:81:9E:0B:71:DA:9E:56
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 0198371DA03E4D9186899AE48EA83629F0CE
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/KV03Rnxi6WRZwO1a4oGeC3HanlY.roa
Signing time: Wed 23 Jul 2025 11:49:05 +0000
ROA not before: Wed 23 Jul 2025 11:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 77.105.146.0/24 maxlen: 24
77.105.147.0/24 maxlen: 24
77.105.166.0/24 maxlen: 24
77.105.167.0/24 maxlen: 24
185.225.200.0/24 maxlen: 24
185.225.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:1d:a0:3e:4d:91:86:89:9a:e4:8e:a8:36:29:f0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Jul 23 11:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=295d37467c62e96459c0ed5ae2819e0b71da9e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2d:51:ed:40:9c:c0:ba:bf:e3:59:60:10:a3:
1a:bb:17:bd:9f:73:c3:e1:13:e5:1c:18:2f:4e:d8:
fe:5b:d0:a0:51:5c:70:e0:ef:f8:25:4c:ae:bc:10:
05:b3:36:f3:fd:65:e5:35:81:09:36:83:39:81:1e:
de:20:77:81:0b:ca:fa:c3:18:8a:a4:e1:d4:3b:c4:
c6:8f:ed:c1:e4:02:e5:40:e4:a8:de:3d:1d:9c:c7:
38:dd:58:eb:52:ba:b9:db:69:62:83:cf:0e:a6:9b:
d6:14:da:28:39:2d:21:77:84:a7:8a:e4:30:e7:54:
c4:3d:10:69:5c:6c:fa:39:d6:52:b4:d5:69:2e:7d:
e6:0e:43:90:fc:e7:89:7e:3c:8e:55:c8:05:c7:32:
9a:b6:80:d2:94:b0:95:c9:fe:a7:47:9d:0d:ba:11:
94:c9:14:22:ae:69:61:3e:47:bb:a5:ef:d6:7e:90:
ee:8c:7c:ad:ab:31:67:d2:54:f0:da:fd:d7:01:04:
d1:6a:61:38:94:0c:92:f8:b7:1f:4a:81:36:27:87:
f9:5e:46:32:29:4c:ed:ec:e4:8e:0e:0d:fe:ab:6a:
ca:a5:72:8a:86:89:84:5e:78:f5:67:71:df:78:b0:
38:9e:f6:14:ac:65:1c:ca:5c:88:5e:57:02:49:76:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5D:37:46:7C:62:E9:64:59:C0:ED:5A:E2:81:9E:0B:71:DA:9E:56
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/KV03Rnxi6WRZwO1a4oGeC3HanlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.146.0/23
77.105.166.0/23
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:8d:0b:c4:55:21:4b:10:32:94:f7:13:a1:d3:5c:e3:b5:bb:
04:96:33:81:7c:a6:39:64:17:69:d2:e5:e5:1c:5c:53:8e:96:
a1:cb:86:9b:6d:b7:a0:eb:6b:c6:f5:3a:c5:ba:87:3d:55:a7:
56:ff:a1:d4:40:59:a1:ce:1e:e6:d5:70:f7:28:39:9b:4c:b5:
23:72:9e:6f:f3:bb:ae:2b:79:16:e9:28:bd:ff:8c:52:d9:df:
aa:f5:ba:2b:be:18:0f:ef:09:7c:74:7b:c1:46:b3:99:89:78:
a9:76:dd:52:2e:16:12:91:7b:a0:db:37:2d:c7:a5:ce:6e:94:
d3:f8:bc:39:5b:0e:62:3d:80:bd:f4:dc:b6:83:fa:03:16:8a:
9d:f5:fd:b6:ac:1b:2c:c6:ae:73:b7:c1:10:3a:28:5b:1b:3f:
d6:04:26:6d:1c:1e:52:cb:3c:63:4c:bb:84:61:82:11:78:98:
a6:77:2e:56:42:5a:96:71:4f:00:53:8c:cf:41:2e:ee:35:9a:
87:1b:43:fb:ba:b1:7f:1d:31:c5:88:74:b1:7c:70:33:d0:f3:
b7:8f:b3:3c:a0:43:a4:83:bb:57:23:0e:d5:be:9c:f3:81:e8:
2d:b5:cb:5f:04:09:f8:9f:bd:8e:58:44:63:c6:0f:1b:a4:73:
da:5a:65:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZg3HaA+TZGGiZrkjqg2KfDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjUwNzIzMTE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVkMzc0NjdjNjJlOTY0NTljMGVkNWFlMjgxOWUwYjcxZGE5ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui1R7UCcwLq/41lgEKMauxe9n3PD
4RPlHBgvTtj+W9CgUVxw4O/4JUyuvBAFszbz/WXlNYEJNoM5gR7eIHeBC8r6wxiK
pOHUO8TGj+3B5ALlQOSo3j0dnMc43VjrUrq522lig88OppvWFNooOS0hd4SniuQw
51TEPRBpXGz6OdZStNVpLn3mDkOQ/OeJfjyOVcgFxzKatoDSlLCVyf6nR50NuhGU
yRQirmlhPke7pe/WfpDujHytqzFn0lTw2v3XAQTRamE4lAyS+LcfSoE2J4f5XkYy
KUzt7OSODg3+q2rKpXKKhomEXnj1Z3HfeLA4nvYUrGUcylyIXlcCSXal3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCldN0Z8YulkWcDtWuKBngtx2p5WMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvS1YwM1JueGk2V1Jad08xYTRvR2VDM0hhbmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTWmSAwQB
TWmmAwQBueHIMA0GCSqGSIb3DQEBCwUAA4IBAQBKjQvEVSFLEDKU9xOh01zjtbsE
ljOBfKY5ZBdp0uXlHFxTjpahy4abbbeg62vG9TrFuoc9VadW/6HUQFmhzh7m1XD3
KDmbTLUjcp5v87uuK3kW6Si9/4xS2d+q9borvhgP7wl8dHvBRrOZiXipdt1SLhYS
kXug2zctx6XObpTT+Lw5Ww5iPYC99Ny2g/oDFoqd9f22rBssxq5zt8EQOihbGz/W
BCZtHB5SyzxjTLuEYYIReJimdy5WQlqWcU8AU4zPQS7uNZqHG0P7urF/HTHFiHSx
fHAz0PO3j7M8oEOkg7tXIw7VvpzzgegttctfBAn4n72OWERjxg8bpHPaWmUB
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:12:51 2025 by rpki-client