Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/F7OA04yE7M4qNkerNNmgXrIbsfw.roa
File: F7OA04yE7M4qNkerNNmgXrIbsfw.roa (raw, json)
Hash identifier: v4Vdufe1qMpmLce6/l8zLEXuhsNN6MeM3OiQ8L0sZ8s=
Subject key identifier: 17:B3:80:D3:8C:84:EC:CE:2A:36:47:AB:34:D9:A0:5E:B2:1B:B1:FC
Certificate issuer: /CN=79891e9631bbc6e8ae5da4b219be4d8f61fefb5a
Certificate serial: 0197EA59E3B9F3D55997F11A0AC81C1050DF
Authority key identifier: 79:89:1E:96:31:BB:C6:E8:AE:5D:A4:B2:19:BE:4D:8F:61:FE:FB:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYkeljG7xuiuXaSyGb5Nj2H--1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/F7OA04yE7M4qNkerNNmgXrIbsfw.roa
Signing time: Tue 08 Jul 2025 14:04:08 +0000
ROA not before: Tue 08 Jul 2025 14:04:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59706
IP address blocks: 62.164.148.0/22 maxlen: 22
62.164.148.0/24 maxlen: 24
62.164.149.0/24 maxlen: 24
62.164.150.0/24 maxlen: 24
62.164.151.0/24 maxlen: 24
62.164.154.0/23 maxlen: 23
62.164.154.0/24 maxlen: 24
62.164.155.0/24 maxlen: 24
77.83.56.0/23 maxlen: 23
77.83.56.0/24 maxlen: 24
77.83.57.0/24 maxlen: 24
185.137.152.0/22 maxlen: 22
185.137.152.0/24 maxlen: 24
185.137.153.0/24 maxlen: 24
185.137.154.0/24 maxlen: 24
185.137.155.0/24 maxlen: 24
217.65.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/eYkeljG7xuiuXaSyGb5Nj2H--1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/eYkeljG7xuiuXaSyGb5Nj2H--1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/eYkeljG7xuiuXaSyGb5Nj2H--1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:59:e3:b9:f3:d5:59:97:f1:1a:0a:c8:1c:10:50:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79891e9631bbc6e8ae5da4b219be4d8f61fefb5a
Validity
Not Before: Jul 8 14:04:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b380d38c84ecce2a3647ab34d9a05eb21bb1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7a:67:c2:9a:da:23:65:4d:0e:ba:28:a9:b8:
9f:19:f3:6a:f3:db:49:71:5d:54:03:e6:82:21:eb:
28:9d:4e:5c:ef:67:88:9f:f3:2d:f3:c1:89:6d:e4:
d6:1b:81:e6:c3:08:e8:0d:14:a8:a0:8e:1c:9e:83:
cb:63:17:e0:82:01:aa:08:c4:2f:88:5f:95:4c:fe:
f8:be:ee:2b:74:51:d1:30:47:d7:8b:43:8b:11:3f:
79:ba:fa:74:6d:2e:69:1f:c0:9c:c5:42:b4:cf:fa:
c9:92:54:62:ba:c5:40:c8:d0:29:26:05:09:c3:4b:
0b:e2:f5:83:d0:4a:cd:d0:38:95:05:75:c1:2e:e9:
86:ce:d7:1a:4e:33:a2:61:5f:5c:c0:27:11:d0:a8:
b0:6d:7d:e6:a3:15:fc:22:af:87:56:b8:8e:a3:0f:
cb:37:15:c1:46:99:f0:cb:34:ad:70:64:1e:f8:c4:
0a:b0:4f:64:99:68:5e:a7:3d:c6:29:ac:2b:fb:4d:
e3:33:f2:1e:ce:30:c6:38:43:d8:40:fd:00:c6:12:
1e:e5:27:40:a7:0d:f8:7b:c0:a0:8d:17:6d:3a:9a:
5f:c4:c2:f2:51:d7:5c:21:27:99:29:ba:15:9d:5e:
f2:99:4c:e2:aa:bc:e6:b7:27:f9:5a:a5:cb:89:0b:
77:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B3:80:D3:8C:84:EC:CE:2A:36:47:AB:34:D9:A0:5E:B2:1B:B1:FC
X509v3 Authority Key Identifier:
keyid:79:89:1E:96:31:BB:C6:E8:AE:5D:A4:B2:19:BE:4D:8F:61:FE:FB:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYkeljG7xuiuXaSyGb5Nj2H--1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/F7OA04yE7M4qNkerNNmgXrIbsfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/79bc9f-0596-4d53-b101-a06e681b4ec8/1/eYkeljG7xuiuXaSyGb5Nj2H--1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.148.0/22
62.164.154.0/23
77.83.56.0/23
185.137.152.0/22
217.65.77.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:8a:d6:46:4b:20:b2:6e:3e:14:7c:81:1f:e5:df:9b:e3:15:
12:62:16:77:31:a8:a9:a3:28:f7:7c:f5:8f:f1:32:f9:e3:be:
1c:97:89:cc:b9:98:65:27:91:72:1f:fd:a3:20:7d:39:bd:a2:
76:6c:88:f2:84:5e:14:9d:75:10:02:c2:13:0d:a9:ba:a4:b5:
44:69:4e:d8:e9:c8:50:72:a7:ef:d9:40:a8:8b:67:23:40:a8:
77:ff:5c:b5:92:0b:f7:73:6f:a5:53:2c:db:f2:26:42:ec:ca:
aa:30:23:4e:d9:61:7c:35:cd:2e:55:20:6d:57:4b:e7:fa:1a:
b6:be:a8:a2:22:17:81:e5:1e:2b:8b:c2:b5:21:ad:50:56:e6:
31:ed:06:58:28:31:4e:70:c7:35:d2:48:52:b1:47:fd:a5:55:
0b:03:0e:3b:1e:0b:da:fa:fc:0c:06:d4:f1:ef:54:cf:55:b7:
f5:06:44:b1:88:98:13:8b:92:f4:ac:92:f0:28:39:67:20:c0:
e3:fd:b8:53:fa:b2:02:d2:18:31:61:6a:7b:00:17:9c:dd:76:
2b:f7:b1:96:b2:82:0c:34:cf:9b:56:9f:7e:8c:ee:b9:6f:ed:
b3:7d:03:dd:17:71:f4:44:78:5e:8c:a2:d2:bb:6b:64:2f:05:
c5:f8:95:ad
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfqWeO589VZl/EaCsgcEFDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODkxZTk2MzFiYmM2ZThhZTVkYTRiMjE5YmU0ZDhmNjFm
ZWZiNWEwHhcNMjUwNzA4MTQwNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IzODBkMzhjODRlY2NlMmEzNjQ3YWIzNGQ5YTA1ZWIyMWJiMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3pnwpraI2VNDrooqbifGfNq89tJ
cV1UA+aCIesonU5c72eIn/Mt88GJbeTWG4HmwwjoDRSooI4cnoPLYxfgggGqCMQv
iF+VTP74vu4rdFHRMEfXi0OLET95uvp0bS5pH8CcxUK0z/rJklRiusVAyNApJgUJ
w0sL4vWD0ErN0DiVBXXBLumGztcaTjOiYV9cwCcR0KiwbX3moxX8Iq+HVriOow/L
NxXBRpnwyzStcGQe+MQKsE9kmWhepz3GKawr+03jM/IezjDGOEPYQP0AxhIe5SdA
pw34e8CgjRdtOppfxMLyUddcISeZKboVnV7ymUziqrzmtyf5WqXLiQt3lwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBezgNOMhOzOKjZHqzTZoF6yG7H8MB8GA1UdIwQY
MBaAFHmJHpYxu8borl2kshm+TY9h/vtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlrZWxqRzd4dWl1WGFTeUdiNU5qMkgtLTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83OWJjOWYtMDU5Ni00ZDUzLWIxMDEt
YTA2ZTY4MWI0ZWM4LzEvRjdPQTA0eUU3TTRxTmtlck5ObWdYcklic2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83OWJjOWYtMDU5Ni00ZDUzLWIxMDEtYTA2ZTY4MWI0ZWM4
LzEvZVlrZWxqRzd4dWl1WGFTeUdiNU5qMkgtLTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCPqSUAwQB
PqSaAwQBTVM4AwQCuYmYAwQA2UFNMA0GCSqGSIb3DQEBCwUAA4IBAQCzitZGSyCy
bj4UfIEf5d+b4xUSYhZ3Maipoyj3fPWP8TL5474cl4nMuZhlJ5FyH/2jIH05vaJ2
bIjyhF4UnXUQAsITDam6pLVEaU7Y6chQcqfv2UCoi2cjQKh3/1y1kgv3c2+lUyzb
8iZC7MqqMCNO2WF8Nc0uVSBtV0vn+hq2vqiiIheB5R4ri8K1Ia1QVuYx7QZYKDFO
cMc10khSsUf9pVULAw47Hgva+vwMBtTx71TPVbf1BkSxiJgTi5L0rJLwKDlnIMDj
/bhT+rIC0hgxYWp7ABec3XYr97GWsoIMNM+bVp9+jO65b+2zfQPdF3H0RHhejKLS
u2tkLwXF+JWt
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:58:48 2025 by rpki-client