Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/3dWrvfdk2lOprYs35ma5yv6Q6rc.roa
File: 3dWrvfdk2lOprYs35ma5yv6Q6rc.roa (raw, json)
Hash identifier: QEfTlDVAF7d4T61rI01qjNc/6EEThQ75e05z/96HAxs=
Subject key identifier: DD:D5:AB:BD:F7:64:DA:53:A9:AD:8B:37:E6:66:B9:CA:FE:90:EA:B7
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 01981301F691E90289EA70A0763DB81D09F9
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/3dWrvfdk2lOprYs35ma5yv6Q6rc.roa
Signing time: Wed 16 Jul 2025 11:32:32 +0000
ROA not before: Wed 16 Jul 2025 11:32:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59703
IP address blocks: 45.140.30.0/23 maxlen: 23
89.33.129.0/24 maxlen: 24
89.44.112.0/23 maxlen: 23
89.44.112.0/24 maxlen: 24
89.44.113.0/24 maxlen: 24
89.44.118.0/23 maxlen: 23
89.44.118.0/24 maxlen: 24
89.44.119.0/24 maxlen: 24
89.45.68.0/23 maxlen: 23
89.45.68.0/24 maxlen: 24
89.45.69.0/24 maxlen: 24
89.45.126.0/23 maxlen: 23
89.45.126.0/24 maxlen: 24
89.45.127.0/24 maxlen: 24
185.46.0.0/23 maxlen: 23
185.46.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:01:f6:91:e9:02:89:ea:70:a0:76:3d:b8:1d:09:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Jul 16 11:32:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd5abbdf764da53a9ad8b37e666b9cafe90eab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bd:75:27:06:35:60:72:2e:71:18:1c:a5:e5:
e2:9d:c0:51:35:f3:b0:f7:5f:ba:73:7a:91:25:52:
af:da:a5:06:89:d8:68:b4:2f:a1:f8:0d:09:97:d0:
4a:d5:f8:ad:6a:8d:70:fb:f4:9e:b2:c1:41:70:19:
52:35:44:73:ab:18:d8:f0:21:86:f4:b3:03:18:76:
c2:74:13:7f:99:80:2d:9f:eb:df:7c:04:6c:2e:87:
27:8b:4e:3a:31:fa:59:3b:f7:95:1f:84:61:f3:6d:
61:e1:6b:28:16:dd:06:a5:2c:0c:54:69:87:6d:bf:
c5:9f:0f:c0:dd:fb:79:ab:a3:20:05:f1:0a:14:19:
11:8c:7c:35:fc:6e:a7:1e:a6:99:1c:2e:f5:79:3d:
ae:5f:11:d2:18:26:1d:7a:95:9d:7a:a3:b6:ee:d4:
d4:ac:f0:8f:49:77:f8:ab:99:5d:b5:e4:dc:97:77:
33:1a:61:d6:6c:a2:a6:64:aa:f2:69:c0:04:75:0d:
34:63:98:44:04:01:8a:bc:3d:05:10:ab:47:76:68:
94:34:a7:96:76:d8:17:3b:75:13:11:48:99:f3:36:
af:a4:5f:21:0f:dc:f3:81:fe:a6:49:d9:37:4c:e8:
b4:03:91:44:ea:6f:c7:f9:f2:18:a8:b0:89:02:d4:
e1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D5:AB:BD:F7:64:DA:53:A9:AD:8B:37:E6:66:B9:CA:FE:90:EA:B7
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/3dWrvfdk2lOprYs35ma5yv6Q6rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.30.0/23
89.33.129.0/24
89.44.112.0/23
89.44.118.0/23
89.45.68.0/23
89.45.126.0/23
185.46.0.0/22
Signature Algorithm: sha256WithRSAEncryption
71:f3:25:18:0c:66:cf:ad:5e:46:30:c7:4d:bb:19:ff:d1:ba:
84:9c:fd:3f:60:be:ee:39:a0:e5:aa:86:3b:1c:df:46:f1:5a:
aa:6a:7f:35:4b:7f:00:fc:f9:34:6a:2c:8b:4a:9a:fb:8e:d1:
c3:0a:e7:39:2a:f9:39:5d:b8:1c:6e:5b:d1:9d:02:06:1f:84:
6b:8d:9c:a8:ec:36:f0:5f:bc:60:9d:25:11:40:00:56:64:62:
c9:c6:4a:87:40:0e:66:4d:97:40:ae:6c:20:59:4d:4b:49:15:
48:9a:ee:a6:29:d2:1f:47:73:e1:09:48:6e:fb:1d:42:91:47:
4d:52:8f:0b:bc:d6:f0:d2:1a:1d:bb:63:36:90:5d:67:80:20:
3e:80:08:50:94:6a:eb:04:ea:b5:b7:7b:aa:0d:23:b3:d9:6a:
69:de:8a:39:89:44:ea:85:b7:0b:b8:a5:d1:b1:f9:ec:46:46:
e6:1c:3e:17:98:3e:bd:12:a8:bb:f6:1a:75:8f:2b:6f:bc:f2:
b7:f4:8c:2a:93:0d:ba:48:4d:b5:06:1f:bf:4d:46:25:fb:e3:
4c:89:cc:9d:3b:22:c0:61:d9:fd:20:f0:ef:c1:59:d5:55:70:
ea:43:e0:3a:59:85:da:f7:11:15:f9:bf:34:02:6f:9c:b9:f3:
ed:38:a1:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgTAfaR6QKJ6nCgdj24HQn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjUwNzE2MTEzMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ1YWJiZGY3NjRkYTUzYTlhZDhiMzdlNjY2YjljYWZlOTBlYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL11JwY1YHIucRgcpeXincBRNfOw
91+6c3qRJVKv2qUGidhotC+h+A0Jl9BK1fitao1w+/SessFBcBlSNURzqxjY8CGG
9LMDGHbCdBN/mYAtn+vffARsLocni046MfpZO/eVH4Rh821h4WsoFt0GpSwMVGmH
bb/Fnw/A3ft5q6MgBfEKFBkRjHw1/G6nHqaZHC71eT2uXxHSGCYdepWdeqO27tTU
rPCPSXf4q5ldteTcl3czGmHWbKKmZKryacAEdQ00Y5hEBAGKvD0FEKtHdmiUNKeW
dtgXO3UTEUiZ8zavpF8hD9zzgf6mSdk3TOi0A5FE6m/H+fIYqLCJAtThLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN3Vq733ZNpTqa2LN+Zmucr+kOq3MB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvM2RXcnZmZGsybE9wcllzMzVtYTV5djZRNnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYweAwQA
WSGBAwQBWSxwAwQBWSx2AwQBWS1EAwQBWS1+AwQCuS4AMA0GCSqGSIb3DQEBCwUA
A4IBAQBx8yUYDGbPrV5GMMdNuxn/0bqEnP0/YL7uOaDlqoY7HN9G8Vqqan81S38A
/Pk0aiyLSpr7jtHDCuc5Kvk5XbgcblvRnQIGH4RrjZyo7DbwX7xgnSURQABWZGLJ
xkqHQA5mTZdArmwgWU1LSRVImu6mKdIfR3PhCUhu+x1CkUdNUo8LvNbw0hodu2M2
kF1ngCA+gAhQlGrrBOq1t3uqDSOz2Wpp3oo5iUTqhbcLuKXRsfnsRkbmHD4XmD69
Eqi79hp1jytvvPK39Iwqkw26SE21Bh+/TUYl++NMicydOyLAYdn9IPDvwVnVVXDq
Q+A6WYXa9xEV+b80Am+cufPtOKFg
-----END CERTIFICATE-----
Generated at Sun Jul 27 00:56:25 2025 by rpki-client