Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/maD78cdNux0qHxXWpM9aONVIPE4.roa
File: maD78cdNux0qHxXWpM9aONVIPE4.roa (raw, json)
Hash identifier: dLetwQe9bR2dfnqDDolxpyHR7fKfP4hpxEJuS5kA44E=
Subject key identifier: 99:A0:FB:F1:C7:4D:BB:1D:2A:1F:15:D6:A4:CF:5A:38:D5:48:3C:4E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019821C26AA6EEE691344ED3CB07039D5588
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/maD78cdNux0qHxXWpM9aONVIPE4.roa
Signing time: Sat 19 Jul 2025 08:17:26 +0000
ROA not before: Sat 19 Jul 2025 08:17:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 37.202.203.0/24 maxlen: 24
151.242.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:21:c2:6a:a6:ee:e6:91:34:4e:d3:cb:07:03:9d:55:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 19 08:17:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a0fbf1c74dbb1d2a1f15d6a4cf5a38d5483c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:a2:37:ae:18:43:84:cc:73:20:11:b9:97:
72:91:f8:f7:5a:74:52:77:69:21:82:8a:fe:33:f4:
a7:c5:a5:e6:18:d7:5b:3b:5c:c3:06:ad:4d:8d:d5:
25:d3:1d:c6:bf:f4:13:14:0b:6f:da:0a:d9:5c:95:
7f:9f:1d:a9:2c:17:2a:72:fc:03:d4:6e:9c:11:90:
67:3b:d8:e6:76:2c:db:f4:09:ba:97:9d:f9:14:1b:
2f:e3:fe:a0:e3:23:a9:33:67:f7:06:70:05:71:ba:
a8:6d:65:ee:9a:38:f5:74:55:52:98:d9:7c:0f:0a:
92:25:88:0a:bc:7e:c8:59:ee:d7:2a:97:a0:a7:05:
4d:78:98:97:33:63:a5:10:15:ef:2c:b6:ed:d6:e9:
43:3e:54:70:24:95:19:c1:b4:c6:9c:ed:01:83:66:
05:9b:b5:23:70:51:04:fd:40:d8:c9:b0:ca:3a:70:
b0:a7:3f:a0:96:56:46:61:fd:ea:c6:7a:a2:0a:8d:
6f:0a:d6:45:fa:87:11:4d:0c:cb:4a:e5:8b:19:81:
c1:2d:7f:88:1b:88:8d:62:b8:38:b0:9e:91:5c:eb:
91:a3:a0:e5:1c:53:35:7c:00:3b:c9:db:4c:fd:78:
67:6a:8d:96:fa:3f:9b:1e:bd:52:61:46:f8:85:50:
58:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A0:FB:F1:C7:4D:BB:1D:2A:1F:15:D6:A4:CF:5A:38:D5:48:3C:4E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/maD78cdNux0qHxXWpM9aONVIPE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
151.242.19.0/24
Signature Algorithm: sha256WithRSAEncryption
57:ab:73:dc:68:4c:05:ec:ca:3c:2b:b1:b5:78:67:ae:b2:66:
6f:b1:28:08:ba:98:94:d1:c8:1a:bb:47:22:bf:5e:08:01:b3:
c5:f1:b0:67:6d:5e:59:c2:26:7a:e3:4a:ac:9f:7e:e3:dd:5b:
24:ba:7e:65:5b:9a:a7:7b:21:57:4f:21:2d:fb:55:03:88:60:
6a:f5:c5:78:12:9f:cf:41:0a:b9:96:5e:5b:06:ab:94:a8:2d:
09:2f:52:5f:cf:c6:1e:33:67:9c:97:de:3e:bd:d6:f9:48:17:
b3:da:3e:29:9f:a6:fe:81:78:be:bb:6c:e5:69:95:99:30:68:
cd:0e:3c:45:a6:5d:01:dc:e0:83:2c:61:7d:c3:50:93:66:0b:
96:f8:70:39:75:20:20:eb:c3:e5:65:a6:16:af:46:db:7a:72:
3d:02:4c:8e:79:37:62:f7:c6:2f:ec:a1:0f:0e:b9:3e:47:e9:
f7:da:05:26:94:f6:4f:12:54:b0:5a:aa:95:e6:d8:1e:c4:6b:
1d:ba:6a:92:2c:b9:ac:ac:e1:20:fd:fe:59:2b:90:85:82:28:
27:29:44:80:b2:bb:44:52:7e:24:da:aa:16:17:93:4d:ad:ca:
f9:4c:2f:40:4f:a7:0c:72:02:47:07:84:b5:3b:ff:03:bf:03:
69:69:77:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZghwmqm7uaRNE7TywcDnVWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE5MDgxNzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWEwZmJmMWM3NGRiYjFkMmExZjE1ZDZhNGNmNWEzOGQ1NDgzYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGuiN64YQ4TMcyARuZdykfj3WnRS
d2khgor+M/SnxaXmGNdbO1zDBq1NjdUl0x3Gv/QTFAtv2grZXJV/nx2pLBcqcvwD
1G6cEZBnO9jmdizb9Am6l535FBsv4/6g4yOpM2f3BnAFcbqobWXumjj1dFVSmNl8
DwqSJYgKvH7IWe7XKpegpwVNeJiXM2OlEBXvLLbt1ulDPlRwJJUZwbTGnO0Bg2YF
m7UjcFEE/UDYybDKOnCwpz+gllZGYf3qxnqiCo1vCtZF+ocRTQzLSuWLGYHBLX+I
G4iNYrg4sJ6RXOuRo6DlHFM1fAA7ydtM/Xhnao2W+j+bHr1SYUb4hVBYoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJmg+/HHTbsdKh8V1qTPWjjVSDxOMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbWFENzhjZE51eDBxSHhYV3BNOWFPTlZJUEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJcrLAwQA
l/ITMA0GCSqGSIb3DQEBCwUAA4IBAQBXq3PcaEwF7Mo8K7G1eGeusmZvsSgIupiU
0cgau0civ14IAbPF8bBnbV5ZwiZ640qsn37j3Vskun5lW5qneyFXTyEt+1UDiGBq
9cV4Ep/PQQq5ll5bBquUqC0JL1Jfz8YeM2ecl94+vdb5SBez2j4pn6b+gXi+u2zl
aZWZMGjNDjxFpl0B3OCDLGF9w1CTZguW+HA5dSAg68PlZaYWr0bbenI9AkyOeTdi
98Yv7KEPDrk+R+n32gUmlPZPElSwWqqV5tgexGsdumqSLLmsrOEg/f5ZK5CFgign
KUSAsrtEUn4k2qoWF5NNrcr5TC9AT6cMcgJHB4S1O/8DvwNpaXcl
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:44:33 2025 by rpki-client