Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/DtvMeLGkxpzSQ89krjZ9_dl4pY4.roa
File: DtvMeLGkxpzSQ89krjZ9_dl4pY4.roa (raw, json)
Hash identifier: +oEq5TGd14PKyTdQnk2cv0dkWZbc1YE6INGNs+tsIg0=
Subject key identifier: 0E:DB:CC:78:B1:A4:C6:9C:D2:43:CF:64:AE:36:7D:FD:D9:78:A5:8E
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 0197C5ECD7DBB9C3432D7DB20F8E2EB15631
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/DtvMeLGkxpzSQ89krjZ9_dl4pY4.roa
Signing time: Tue 01 Jul 2025 12:18:42 +0000
ROA not before: Tue 01 Jul 2025 12:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
45.88.112.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
185.28.240.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
206.245.213.0/24 maxlen: 24
206.245.224.0/21 maxlen: 21
206.245.232.0/22 maxlen: 22
206.245.236.0/23 maxlen: 23
2a00:e340::/29 maxlen: 29
2a10:d700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:ec:d7:db:b9:c3:43:2d:7d:b2:0f:8e:2e:b1:56:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jul 1 12:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0edbcc78b1a4c69cd243cf64ae367dfdd978a58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:a3:c0:a1:b2:06:00:7d:3e:c5:fe:57:9c:
f0:72:1a:07:19:d7:42:85:b8:fc:b4:f0:53:db:28:
38:be:12:86:16:4b:7a:9c:dd:8f:c0:4f:e3:99:85:
f9:7e:cd:b0:60:38:63:d3:67:bf:6b:1d:ae:09:6a:
bf:33:0c:84:ac:5f:a6:e7:25:b6:c5:db:15:a3:5e:
50:46:d4:01:2f:84:c2:80:95:97:d7:f9:81:e5:20:
61:e7:1c:9b:af:c3:4d:88:8d:8c:de:cc:8e:ab:fd:
f2:1a:13:1f:79:9c:6f:73:5a:9c:c8:b4:29:16:77:
2e:c4:e5:da:72:f0:da:77:64:c3:bf:41:90:3e:b8:
47:5a:e2:18:a2:50:88:89:f2:6a:43:7e:d6:23:34:
ee:fb:a1:d5:79:9b:60:0e:e2:9b:fc:d2:e4:cc:5f:
9c:5b:19:f5:72:73:47:47:1d:1c:58:47:62:c6:55:
a8:50:1b:52:fb:6f:5d:9b:fc:43:26:e2:a3:be:32:
0d:8d:34:65:83:0a:0a:b3:f0:ab:fa:7e:3b:2f:f0:
f1:77:d3:17:40:02:55:1f:87:1f:eb:5d:e9:a3:ac:
5c:9a:4b:c9:56:69:ae:72:5a:ac:68:13:8b:11:a5:
90:87:36:7f:5a:0a:9b:4a:1b:38:51:1a:3e:cc:91:
6c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DB:CC:78:B1:A4:C6:9C:D2:43:CF:64:AE:36:7D:FD:D9:78:A5:8E
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/DtvMeLGkxpzSQ89krjZ9_dl4pY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
45.88.112.0/22
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.213.0/24
206.245.224.0-206.245.237.255
IPv6:
2a00:e340::/29
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
b7:93:b6:d0:0a:8e:ae:d9:98:42:a6:1f:1c:aa:af:87:e8:63:
f7:2a:ad:cf:2d:82:cb:a4:13:71:03:2a:dd:d4:e6:cf:c3:89:
d2:79:8e:82:14:86:42:89:8a:e1:07:08:e9:05:c0:1f:c6:9c:
6a:b6:b5:a4:0f:67:36:56:cd:ba:6a:05:a6:81:f6:b6:ba:ca:
6d:ea:f7:68:3d:e0:d6:c7:56:58:fd:54:d3:af:ad:c0:75:37:
c0:ed:65:de:97:b2:45:8a:5a:b9:28:d9:55:61:4a:7e:5d:97:
33:71:cb:ae:83:7c:d3:0b:96:fc:e5:02:c9:19:54:57:e1:b1:
cd:d7:6d:75:5a:bf:27:d4:00:5c:2b:79:49:3b:df:66:69:0c:
0a:ae:fc:1f:b0:99:17:3b:b3:70:77:25:fe:15:65:9d:bc:0e:
92:96:ea:ee:86:95:44:df:49:70:85:48:b7:90:3b:34:50:cd:
1c:d5:ad:4e:83:cd:79:14:f8:4d:38:40:3e:3a:98:d2:fc:1a:
dd:e4:48:95:03:a7:e0:5b:96:7a:c3:11:ac:34:b1:e4:3f:b2:
b4:1d:89:01:73:d2:e9:8c:1b:4b:2e:b3:50:c4:33:26:c2:0a:
f3:f8:15:9b:a7:7f:87:92:6b:d9:c6:43:04:1e:f4:58:4f:8c:
88:7b:29:70
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZfF7NfbucNDLX2yD44usVYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjUwNzAxMTIxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRiY2M3OGIxYTRjNjljZDI0M2NmNjRhZTM2N2RmZGQ5NzhhNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV6jwKGyBgB9PsX+V5zwchoHGddC
hbj8tPBT2yg4vhKGFkt6nN2PwE/jmYX5fs2wYDhj02e/ax2uCWq/MwyErF+m5yW2
xdsVo15QRtQBL4TCgJWX1/mB5SBh5xybr8NNiI2M3syOq/3yGhMfeZxvc1qcyLQp
FncuxOXacvDad2TDv0GQPrhHWuIYolCIifJqQ37WIzTu+6HVeZtgDuKb/NLkzF+c
Wxn1cnNHRx0cWEdixlWoUBtS+29dm/xDJuKjvjINjTRlgwoKs/Cr+n47L/Dxd9MX
QAJVH4cf613po6xcmkvJVmmuclqsaBOLEaWQhzZ/WgqbShs4URo+zJFsnQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFA7bzHixpMac0kPPZK42ff3ZeKWOMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvRHR2TWVMR2t4cHpTUTg5a3JqWjlfZGw0cFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAQFCpAD
BAItWHADBAVSo8ADBABb7t0DAwCQYgMEBp4pQAMDAKVBAwQCuRzwAwQCuXjMAwQC
ue0wAwQBwQCwAwQFwd2AAwQBwgj+AwQAzvXVMAwDBAXO9eADBAHO9ewwFAQCAAIw
DgMFAyoA40ADBQMqENcAMA0GCSqGSIb3DQEBCwUAA4IBAQC3k7bQCo6u2ZhCph8c
qq+H6GP3Kq3PLYLLpBNxAyrd1ObPw4nSeY6CFIZCiYrhBwjpBcAfxpxqtrWkD2c2
Vs26agWmgfa2uspt6vdoPeDWx1ZY/VTTr63AdTfA7WXel7JFilq5KNlVYUp+XZcz
ccuug3zTC5b85QLJGVRX4bHN1211Wr8n1ABcK3lJO99maQwKrvwfsJkXO7NwdyX+
FWWdvA6SluruhpVE30lwhUi3kDs0UM0c1a1Og815FPhNOEA+OpjS/Brd5EiVA6fg
W5Z6wxGsNLHkP7K0HYkBc9LpjBtLLrNQxDMmwgrz+BWbp3+HkmvZxkMEHvRYT4yI
eylw
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:56 2025 by rpki-client