Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/DPZDlwC5lvIBjZjDv4jWEsMDlMI.roa
File: DPZDlwC5lvIBjZjDv4jWEsMDlMI.roa (raw, json)
Hash identifier: JSJ9xva93NHEmD/GiUVFRsLxBb1tpR6rl5zNqgBI5EE=
Subject key identifier: 0C:F6:43:97:00:B9:96:F2:01:8D:98:C3:BF:88:D6:12:C3:03:94:C2
Certificate issuer: /CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Certificate serial: 0198370C3B377C6293D40E3271642FDF4CA7
Authority key identifier: 70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/DPZDlwC5lvIBjZjDv4jWEsMDlMI.roa
Signing time: Wed 23 Jul 2025 11:30:05 +0000
ROA not before: Wed 23 Jul 2025 11:30:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48309
IP address blocks: 188.136.136.0/24 maxlen: 24
188.136.137.0/24 maxlen: 24
188.136.138.0/24 maxlen: 24
188.136.139.0/24 maxlen: 24
2a02:5380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 17:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:0c:3b:37:7c:62:93:d4:0e:32:71:64:2f:df:4c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Validity
Not Before: Jul 23 11:30:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cf6439700b996f2018d98c3bf88d612c30394c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:01:ed:c4:75:a0:9d:f6:fc:ed:11:47:01:
61:b7:4f:a0:d1:17:c1:63:c2:39:5b:24:70:84:c0:
a2:81:bd:28:09:67:74:be:7f:23:ea:72:a0:bb:5e:
13:30:5c:88:f1:a9:9f:c3:66:fc:5e:26:ef:de:17:
50:a6:99:5a:f4:01:f0:c9:c3:fb:3e:9a:9e:07:d8:
70:4a:91:58:87:03:40:08:90:ed:9b:64:e5:fd:83:
7e:0e:b8:9b:05:cb:71:b9:ad:ec:8c:43:07:92:4c:
50:0d:a3:51:e5:65:65:1d:63:75:95:e8:c4:93:2d:
15:81:db:68:e5:73:e4:0d:75:e3:84:80:6b:c9:36:
3d:46:0b:0e:1a:65:1e:e0:db:82:db:89:f5:bd:c9:
64:a4:4a:7f:84:cf:cf:00:eb:9b:99:18:b9:79:cb:
23:20:f0:9e:45:40:0a:d2:09:ef:f7:dd:e5:eb:64:
cf:47:0c:09:6b:a0:79:0c:bb:52:25:68:c6:53:f3:
fb:e7:07:12:8b:58:39:2c:33:fd:c7:fb:5a:c6:a4:
31:71:d2:95:e4:4a:63:ca:c6:1f:5e:9a:72:bb:d4:
9e:75:e0:65:c2:99:6e:a6:41:18:1e:d6:54:f2:0b:
2e:2b:bc:dd:0a:12:68:50:69:67:97:01:62:e7:38:
e6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F6:43:97:00:B9:96:F2:01:8D:98:C3:BF:88:D6:12:C3:03:94:C2
X509v3 Authority Key Identifier:
keyid:70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/DPZDlwC5lvIBjZjDv4jWEsMDlMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.136.136.0/22
IPv6:
2a02:5380::/32
Signature Algorithm: sha256WithRSAEncryption
9f:fc:cb:3a:9d:be:b3:99:65:e7:99:53:36:45:db:9b:9b:3f:
6a:d8:5a:51:21:b9:bf:86:1d:64:86:e5:28:e7:1c:61:d6:9d:
00:42:1e:af:0b:08:2a:6d:87:0c:6c:3c:bb:22:51:4f:88:21:
03:10:ce:91:0a:8c:56:1a:92:38:17:a3:65:6e:8f:d9:74:48:
27:31:00:e7:40:8d:7d:9e:51:6d:4f:b3:bf:51:93:e6:42:8e:
2e:4f:fd:e7:18:6a:6c:21:7f:29:ff:78:d5:4e:79:63:af:30:
49:78:f7:a0:63:0d:ed:30:2b:cc:1c:38:0e:d2:87:a7:ae:84:
e1:64:33:a3:ac:57:2a:ea:d9:36:5d:a5:17:30:70:d7:8a:a7:
f6:5e:ff:cb:14:39:b0:52:94:3f:d4:d8:e6:f0:15:55:dd:6d:
d4:74:0d:31:1a:e5:66:de:eb:25:e9:98:98:2b:4b:0c:a6:63:
f3:ab:5e:93:45:44:ca:03:7c:a7:c1:45:96:d9:83:8f:0a:67:
99:b8:5d:aa:ca:62:5c:13:3c:bd:3b:93:99:56:fb:d5:68:f9:
8f:ad:74:08:06:18:ab:c3:77:bd:e3:98:17:6b:24:9a:e0:0a:
e7:dd:4a:2b:5a:5c:55:1a:e4:2d:35:11:dd:dd:39:cc:10:61:
a4:eb:78:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZg3DDs3fGKT1A4ycWQv30ynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWU3NWRiY2NlNWZjZGQ5MWQ4YTk5ZTVhMWIyYzk5NWI4
MTI3NzUwHhcNMjUwNzIzMTEzMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Y2NDM5NzAwYjk5NmYyMDE4ZDk4YzNiZjg4ZDYxMmMzMDM5NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr90B7cR1oJ32/O0RRwFht0+g0RfB
Y8I5WyRwhMCigb0oCWd0vn8j6nKgu14TMFyI8amfw2b8Xibv3hdQppla9AHwycP7
PpqeB9hwSpFYhwNACJDtm2Tl/YN+DribBctxua3sjEMHkkxQDaNR5WVlHWN1lejE
ky0Vgdto5XPkDXXjhIBryTY9RgsOGmUe4NuC24n1vclkpEp/hM/PAOubmRi5ecsj
IPCeRUAK0gnv993l62TPRwwJa6B5DLtSJWjGU/P75wcSi1g5LDP9x/taxqQxcdKV
5EpjysYfXppyu9SedeBlwplupkEYHtZU8gsuK7zdChJoUGlnlwFi5zjm+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAz2Q5cAuZbyAY2Yw7+I1hLDA5TCMB8GA1UdIwQY
MBaAFHBeddvM5fzdkdipnlobLJlbgSd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEt
ZjhiNDhiYWNjZDliLzEvRFBaRGx3QzVsdklCalpqRHY0aldFc01EbE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEtZjhiNDhiYWNjZDli
LzEvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCvIiIMA0E
AgACMAcDBQAqAlOAMA0GCSqGSIb3DQEBCwUAA4IBAQCf/Ms6nb6zmWXnmVM2Rdub
mz9q2FpRIbm/hh1khuUo5xxh1p0AQh6vCwgqbYcMbDy7IlFPiCEDEM6RCoxWGpI4
F6Nlbo/ZdEgnMQDnQI19nlFtT7O/UZPmQo4uT/3nGGpsIX8p/3jVTnljrzBJePeg
Yw3tMCvMHDgO0oenroThZDOjrFcq6tk2XaUXMHDXiqf2Xv/LFDmwUpQ/1Njm8BVV
3W3UdA0xGuVm3usl6ZiYK0sMpmPzq16TRUTKA3ynwUWW2YOPCmeZuF2qymJcEzy9
O5OZVvvVaPmPrXQIBhirw3e945gXaySa4Arn3UorWlxVGuQtNRHd3TnMEGGk63id
-----END CERTIFICATE-----
Generated at Tue Jul 29 00:57:38 2025 by rpki-client