Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/wsRqdf6ProVsQH4skwc-uG0lzUw.roa
File: wsRqdf6ProVsQH4skwc-uG0lzUw.roa (raw, json)
Hash identifier: FHzK5LDeYtvIBQbuDHKUrWWn8X5KgE2aJxYpJ0xsPOc=
Subject key identifier: C2:C4:6A:75:FE:8F:AE:85:6C:40:7E:2C:93:07:3E:B8:6D:25:CD:4C
Certificate issuer: /CN=c7b727fe642f54291869bcf1f2917e0f53bebd22
Certificate serial: 01981C64D6CBE38A6EA1C53B67299B9E1F08
Authority key identifier: C7:B7:27:FE:64:2F:54:29:18:69:BC:F1:F2:91:7E:0F:53:BE:BD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x7cn_mQvVCkYabzx8pF-D1O-vSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/wsRqdf6ProVsQH4skwc-uG0lzUw.roa
Signing time: Fri 18 Jul 2025 07:17:07 +0000
ROA not before: Fri 18 Jul 2025 07:17:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196742
IP address blocks: 37.220.152.0/21 maxlen: 21
46.183.0.0/21 maxlen: 21
109.239.208.0/20 maxlen: 20
158.255.48.0/21 maxlen: 21
185.17.128.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/x7cn_mQvVCkYabzx8pF-D1O-vSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/x7cn_mQvVCkYabzx8pF-D1O-vSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/x7cn_mQvVCkYabzx8pF-D1O-vSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1c:64:d6:cb:e3:8a:6e:a1:c5:3b:67:29:9b:9e:1f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7b727fe642f54291869bcf1f2917e0f53bebd22
Validity
Not Before: Jul 18 07:17:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2c46a75fe8fae856c407e2c93073eb86d25cd4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c6:ae:ea:06:ee:fe:bb:95:23:07:c2:de:6c:
49:be:ff:ab:4f:c3:e2:e1:cb:ad:2c:27:20:92:f7:
19:fd:c8:bb:54:dd:3e:cd:62:a4:ec:6f:7b:1d:6e:
fe:60:a2:55:07:fb:3d:ae:b1:43:00:d1:f4:a3:90:
6c:f7:a9:c0:ff:e2:e8:c0:00:87:2b:69:a5:02:f9:
1b:d2:f8:61:ff:48:64:e1:33:9a:17:17:a9:6d:a3:
ea:f5:2f:99:15:fa:2b:36:cf:1f:5e:98:0d:3e:df:
26:dd:6e:ae:09:5b:20:e6:fb:7f:de:c6:6b:78:23:
8e:d3:b1:f5:02:45:04:d7:0c:a8:16:18:70:5a:2a:
ef:98:03:a1:37:9d:21:1d:c8:75:30:50:b5:af:1e:
b0:33:08:9e:df:72:a6:13:7c:cd:70:12:58:71:b0:
c0:b9:95:60:a7:16:c8:ae:1e:e3:1c:70:2d:1e:ee:
fd:90:48:43:9a:0c:5d:c5:ef:27:62:98:2b:1f:4d:
34:46:f5:f6:8a:db:95:f5:ea:3f:a0:45:2a:ef:ff:
85:8c:38:f8:39:03:89:61:f4:56:26:de:d6:f6:56:
73:a2:57:3f:06:38:10:84:58:aa:5b:8c:41:bf:d8:
5f:e4:ad:4d:c1:7a:57:e9:0d:16:43:19:11:8a:74:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C4:6A:75:FE:8F:AE:85:6C:40:7E:2C:93:07:3E:B8:6D:25:CD:4C
X509v3 Authority Key Identifier:
keyid:C7:B7:27:FE:64:2F:54:29:18:69:BC:F1:F2:91:7E:0F:53:BE:BD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x7cn_mQvVCkYabzx8pF-D1O-vSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/wsRqdf6ProVsQH4skwc-uG0lzUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/980bfb-c9b4-4433-8927-b667e18fd818/1/x7cn_mQvVCkYabzx8pF-D1O-vSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.152.0/21
46.183.0.0/21
109.239.208.0/20
158.255.48.0/21
185.17.128.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:38:fc:84:b1:e8:4e:68:31:46:9c:c5:c2:bf:6d:e2:cb:92:
30:5c:03:bc:f6:61:b3:08:22:6a:81:c4:b1:cc:25:b7:24:02:
f6:f3:13:0b:dc:8c:69:c9:f1:c1:95:fb:c4:b1:59:72:52:0e:
35:86:95:9e:ed:a8:aa:a2:d7:e1:6f:d3:ac:10:e1:16:36:d8:
2c:c6:31:89:f4:4c:d6:cc:c8:8f:f7:bd:ef:1c:c2:c5:99:6d:
6f:53:25:9f:b2:0a:5d:ac:df:a6:65:23:54:c4:8b:98:dd:03:
a9:e4:e3:09:37:e7:7d:e5:fa:c4:21:8b:2b:66:ce:cc:f9:14:
5f:a1:aa:78:31:ee:b9:b4:34:2e:58:64:0d:8a:cc:6d:cb:ff:
d7:c2:9b:f5:d0:c0:1f:5b:72:71:ed:33:67:ce:63:41:15:fe:
23:8e:45:a1:79:c5:ee:f3:ff:8d:1f:24:a7:b3:5a:82:7e:71:
3f:3a:7c:4c:81:81:a8:d3:71:c4:fc:78:ab:08:0a:2f:bc:4f:
b7:f2:c8:8e:21:fe:87:4d:29:35:26:90:11:48:9f:16:4b:f3:
bb:cc:96:18:a1:7d:31:e6:08:b3:2e:41:31:a8:f9:0a:20:22:
c5:b7:7f:38:2d:a2:96:d7:4c:a8:34:9d:16:76:3e:a8:54:ba:
2e:ba:d4:c2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgcZNbL44puocU7Zymbnh8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YjcyN2ZlNjQyZjU0MjkxODY5YmNmMWYyOTE3ZTBmNTNi
ZWJkMjIwHhcNMjUwNzE4MDcxNzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmM0NmE3NWZlOGZhZTg1NmM0MDdlMmM5MzA3M2ViODZkMjVjZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMau6gbu/ruVIwfC3mxJvv+rT8Pi
4cutLCcgkvcZ/ci7VN0+zWKk7G97HW7+YKJVB/s9rrFDANH0o5Bs96nA/+LowACH
K2mlAvkb0vhh/0hk4TOaFxepbaPq9S+ZFforNs8fXpgNPt8m3W6uCVsg5vt/3sZr
eCOO07H1AkUE1wyoFhhwWirvmAOhN50hHch1MFC1rx6wMwie33KmE3zNcBJYcbDA
uZVgpxbIrh7jHHAtHu79kEhDmgxdxe8nYpgrH000RvX2ituV9eo/oEUq7/+FjDj4
OQOJYfRWJt7W9lZzolc/BjgQhFiqW4xBv9hf5K1NwXpX6Q0WQxkRinQstwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMLEanX+j66FbEB+LJMHPrhtJc1MMB8GA1UdIwQY
MBaAFMe3J/5kL1QpGGm88fKRfg9Tvr0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDdjbl9tUXZWQ2tZYWJ6eDhwRi1EMU8tdlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85ODBiZmItYzliNC00NDMzLTg5Mjct
YjY2N2UxOGZkODE4LzEvd3NScWRmNlByb1ZzUUg0c2t3Yy11RzBselV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS85ODBiZmItYzliNC00NDMzLTg5MjctYjY2N2UxOGZkODE4
LzEveDdjbl9tUXZWQ2tZYWJ6eDhwRi1EMU8tdlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJdyYAwQD
LrcAAwQEbe/QAwQDnv8wAwQCuRGAMA0GCSqGSIb3DQEBCwUAA4IBAQAOOPyEsehO
aDFGnMXCv23iy5IwXAO89mGzCCJqgcSxzCW3JAL28xML3IxpyfHBlfvEsVlyUg41
hpWe7aiqotfhb9OsEOEWNtgsxjGJ9EzWzMiP973vHMLFmW1vUyWfsgpdrN+mZSNU
xIuY3QOp5OMJN+d95frEIYsrZs7M+RRfoap4Me65tDQuWGQNisxty//Xwpv10MAf
W3Jx7TNnzmNBFf4jjkWhecXu8/+NHySns1qCfnE/OnxMgYGo03HE/HirCAovvE+3
8siOIf6HTSk1JpARSJ8WS/O7zJYYoX0x5gizLkExqPkKICLFt384LaKW10yoNJ0W
dj6oVLouutTC
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:24:56 2025 by rpki-client