Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/dOqHThUM2v1z2-5jFBI454fc-gw.roa
File: dOqHThUM2v1z2-5jFBI454fc-gw.roa (raw, json)
Hash identifier: xxCWebTs41aTFclP27NA0Xx1t2zTfZ0jbn4L/4AJ5n8=
Subject key identifier: 74:EA:87:4E:15:0C:DA:FD:73:DB:EE:63:14:12:38:E7:87:DC:FA:0C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019808B3F8153575AE8F66368501B0F667A1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/dOqHThUM2v1z2-5jFBI454fc-gw.roa
Signing time: Mon 14 Jul 2025 11:31:08 +0000
ROA not before: Mon 14 Jul 2025 11:31:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:b3:f8:15:35:75:ae:8f:66:36:85:01:b0:f6:67:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 14 11:31:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74ea874e150cdafd73dbee63141238e787dcfa0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:00:8e:1a:3a:4d:dd:2e:16:81:88:b2:5b:20:
6e:be:e4:d6:5d:cc:a3:db:8d:84:6a:fd:f1:4e:a1:
ce:25:03:8a:0b:eb:44:ff:5d:90:55:7d:e7:1d:e9:
f9:d2:75:96:4a:c4:87:ee:3f:7c:81:1e:6e:23:4d:
cc:81:f6:00:b4:83:2b:31:20:04:00:4c:ba:c8:e2:
5d:44:5b:95:8e:bb:7f:0e:24:60:a9:3c:89:79:1b:
a9:94:25:4c:f4:49:e9:c0:bc:01:c5:d1:78:8c:ff:
c0:c4:08:21:87:31:8e:dd:ca:7e:3d:bf:02:76:9c:
be:f2:a8:9f:c6:c5:cf:54:02:c2:8a:34:15:a9:8f:
b9:9e:ea:17:65:71:44:cd:b5:ad:a7:72:92:ea:f0:
42:cb:9d:d1:1f:54:b5:0f:36:7f:c2:6b:d0:97:13:
0c:d2:cd:12:10:af:c5:27:71:e9:58:59:38:56:1b:
28:7a:85:b4:31:86:57:0a:45:29:1a:ea:5f:16:0c:
d6:67:63:c4:20:aa:cb:20:77:4a:de:e2:69:74:ff:
fe:74:81:8d:b3:ce:5c:b7:3f:62:9d:b3:37:c2:06:
11:0b:26:08:20:99:d0:de:3b:45:e6:e3:13:01:ee:
b7:74:25:a8:39:50:f4:70:30:6b:90:35:22:ca:22:
1c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EA:87:4E:15:0C:DA:FD:73:DB:EE:63:14:12:38:E7:87:DC:FA:0C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/dOqHThUM2v1z2-5jFBI454fc-gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
194.58.47.0/24
194.85.251.0/24
202.71.12.0/24
202.71.15.0/24
Signature Algorithm: sha256WithRSAEncryption
75:8f:30:ea:a2:22:1d:b8:e4:ed:b0:21:ce:af:5c:3a:47:14:
b3:88:c4:e9:c3:4e:28:b7:2f:30:f6:18:9c:f0:42:15:6e:f7:
e9:02:72:ec:ca:d5:4a:8d:01:fa:bd:f4:53:51:3d:51:49:4c:
6d:41:e1:49:66:bc:e1:a4:70:7f:f4:84:3b:0b:2f:49:3a:6e:
43:32:2d:30:de:a4:d9:0f:93:36:78:88:a0:a6:14:75:07:6a:
71:e0:0b:3e:53:76:30:17:13:99:9e:ab:5b:2d:b1:39:14:af:
9e:ed:c6:54:87:ae:b9:23:74:aa:4b:00:fe:6e:bd:7d:10:9c:
48:ec:62:ee:8d:e3:79:4e:fb:52:98:f0:29:ad:dd:3f:8d:d4:
c2:68:39:4c:ce:ae:ba:84:ec:c6:d8:05:d5:39:67:69:84:f6:
34:98:6d:c5:c7:bf:32:ba:6e:f2:aa:31:f2:1b:28:0b:c6:5e:
28:bf:35:1a:5e:8c:90:b2:fe:39:80:04:2c:9c:cb:b1:a2:ad:
fb:e7:f6:80:54:c8:c3:31:87:08:1c:31:5a:8f:d4:60:68:e4:
d6:b4:cb:62:cd:8d:9e:62:83:25:55:02:c1:b1:39:e7:0b:7e:
de:3f:11:62:de:01:df:c1:b8:88:25:f8:48:4b:63:10:d1:e4:
63:d7:1b:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZgIs/gVNXWuj2Y2hQGw9mehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNzE0MTEzMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGVhODc0ZTE1MGNkYWZkNzNkYmVlNjMxNDEyMzhlNzg3ZGNmYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QCOGjpN3S4WgYiyWyBuvuTWXcyj
242Eav3xTqHOJQOKC+tE/12QVX3nHen50nWWSsSH7j98gR5uI03MgfYAtIMrMSAE
AEy6yOJdRFuVjrt/DiRgqTyJeRuplCVM9EnpwLwBxdF4jP/AxAghhzGO3cp+Pb8C
dpy+8qifxsXPVALCijQVqY+5nuoXZXFEzbWtp3KS6vBCy53RH1S1DzZ/wmvQlxMM
0s0SEK/FJ3HpWFk4VhsoeoW0MYZXCkUpGupfFgzWZ2PEIKrLIHdK3uJpdP/+dIGN
s85ctz9inbM3wgYRCyYIIJnQ3jtF5uMTAe63dCWoOVD0cDBrkDUiyiIcnQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHTqh04VDNr9c9vuYxQSOOeH3PoMMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvZE9xSFRoVU0ydjF6Mi01akZCSTQ1NGZjLWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBLYe2AwQA
WSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAwjovAwQAwlX7AwQAykcMAwQA
ykcPMA0GCSqGSIb3DQEBCwUAA4IBAQB1jzDqoiIduOTtsCHOr1w6RxSziMTpw04o
ty8w9hic8EIVbvfpAnLsytVKjQH6vfRTUT1RSUxtQeFJZrzhpHB/9IQ7Cy9JOm5D
Mi0w3qTZD5M2eIigphR1B2px4As+U3YwFxOZnqtbLbE5FK+e7cZUh665I3SqSwD+
br19EJxI7GLujeN5TvtSmPAprd0/jdTCaDlMzq66hOzG2AXVOWdphPY0mG3Fx78y
um7yqjHyGygLxl4ovzUaXoyQsv45gAQsnMuxoq375/aAVMjDMYcIHDFaj9RgaOTW
tMtizY2eYoMlVQLBsTnnC37ePxFi3gHfwbiIJfhIS2MQ0eRj1xs5
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:20:31 2025 by rpki-client