Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/e9y8dXFts4c8fUXqw6xiDwRGFs8.roa
File: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (raw, json)
Hash identifier: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=
Subject key identifier: 7B:DC:BC:75:71:6D:B3:87:3C:7D:45:EA:C3:AC:62:0F:04:46:16:CF
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01982F2E62E3ECFF96E2F799055859EAC75A
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/e9y8dXFts4c8fUXqw6xiDwRGFs8.roa
Signing time: Mon 21 Jul 2025 22:50:25 +0000
ROA not before: Mon 21 Jul 2025 22:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51713
IP address blocks: 69.72.248.0/24 maxlen: 24
77.95.113.0/24 maxlen: 24
93.113.110.0/23 maxlen: 23
93.114.86.0/23 maxlen: 23
93.114.184.0/23 maxlen: 23
93.114.234.0/23 maxlen: 23
176.56.56.0/21 maxlen: 21
185.17.180.0/22 maxlen: 22
185.65.40.0/22 maxlen: 22
185.164.196.0/22 maxlen: 22
185.181.252.0/24 maxlen: 24
188.212.34.0/23 maxlen: 23
192.250.224.0/24 maxlen: 24
192.250.234.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
195.250.23.0/24 maxlen: 24
198.38.80.0/24 maxlen: 24
198.38.82.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
209.42.16.0/24 maxlen: 24
209.42.17.0/24 maxlen: 24
209.42.18.0/24 maxlen: 24
209.42.19.0/24 maxlen: 24
209.42.20.0/24 maxlen: 24
209.42.21.0/24 maxlen: 24
209.42.22.0/24 maxlen: 24
209.42.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2f:2e:62:e3:ec:ff:96:e2:f7:99:05:58:59:ea:c7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jul 21 22:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bdcbc75716db3873c7d45eac3ac620f044616cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1e:32:6e:5a:70:da:3f:08:68:7e:86:fe:e7:
06:5d:ff:02:ed:6b:40:92:2a:ed:f6:0d:1f:2f:6c:
f2:62:02:ea:3b:46:2e:95:85:8b:7b:11:68:7c:00:
28:c5:67:0a:ae:5a:cc:eb:9e:8f:48:6a:1e:40:98:
e4:71:11:ff:c7:66:47:19:a7:32:7e:f4:2c:0a:f6:
01:7c:f2:85:15:a7:68:74:d7:92:b8:03:02:82:0f:
90:15:7a:af:e0:26:95:be:56:2d:75:bd:dd:0b:ac:
fe:38:07:d1:19:43:73:51:bb:db:45:18:28:88:bd:
d5:24:86:2d:c4:5a:34:70:cf:39:13:66:c6:ce:2e:
18:27:f4:17:83:06:05:34:d8:ad:ab:28:25:15:06:
61:b0:a9:c6:02:f2:fe:1f:6d:b6:a5:29:48:96:96:
0e:3a:21:80:5c:37:7f:c0:ea:74:aa:df:ba:3a:57:
97:b9:0a:40:91:9b:43:8e:d1:a0:47:90:6d:47:c1:
0c:77:23:1e:31:1d:b9:19:a6:ba:d6:20:f4:c9:b3:
b7:92:da:1b:14:f6:a2:01:5b:c1:a8:7e:63:df:00:
b4:c5:3a:79:78:3f:4b:c3:b1:6a:26:70:8f:00:e6:
22:ee:b0:b1:c1:43:05:8a:8c:a3:48:47:d8:75:64:
b8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:DC:BC:75:71:6D:B3:87:3C:7D:45:EA:C3:AC:62:0F:04:46:16:CF
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/e9y8dXFts4c8fUXqw6xiDwRGFs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.72.248.0/24
77.95.113.0/24
93.113.110.0/23
93.114.86.0/23
93.114.184.0/23
93.114.234.0/23
176.56.56.0/21
185.17.180.0/22
185.65.40.0/22
185.164.196.0/22
185.181.252.0/24
188.212.34.0/23
192.250.224.0/24
192.250.234.0/24
192.250.239.0/24
195.250.23.0/24
198.38.80.0/24
198.38.82.0/24
198.38.92.0/24
209.42.16.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:f9:86:c5:fd:aa:db:70:1d:7a:6d:a2:70:42:ea:d9:bd:97:
28:8d:e8:bb:ec:4d:58:56:f9:05:b9:77:21:49:be:12:f2:33:
fa:3b:bc:ea:68:83:de:ef:89:c4:a3:b9:35:56:ed:7c:9e:4e:
62:21:68:db:ed:93:9d:58:9a:6b:dc:40:14:6a:85:93:79:eb:
70:7f:ff:ee:8b:37:06:88:28:e8:ec:9f:0e:86:07:94:99:7c:
05:f6:74:f1:db:b8:97:44:3e:2d:c8:55:79:11:8a:9a:60:8c:
a6:46:47:ef:cc:1f:db:36:83:d2:2d:78:22:02:99:7f:44:22:
35:08:f5:49:bc:68:3b:3a:3e:5d:92:da:28:31:b6:06:e7:0f:
36:88:b6:b1:d7:17:b0:d1:7b:ef:1f:dd:d3:ac:a9:c7:25:ab:
13:33:ac:ce:61:b2:43:9a:e7:b8:3e:bb:9a:21:4f:48:b3:53:
df:94:80:c9:78:fd:08:60:b1:1a:21:8f:89:98:a8:aa:94:9c:
1a:ab:26:08:96:23:b6:65:f3:70:aa:a2:dd:37:66:32:1e:eb:
f2:36:9f:33:cf:0b:8c:b6:f6:16:d1:f7:de:c9:ca:b0:fe:ab:
55:36:7c:6c:40:62:5e:0c:57:d6:5e:78:54:f8:43:65:48:3c:
7e:08:41:a0
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZgvLmLj7P+W4veZBVhZ6sdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNzIxMjI1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmRjYmM3NTcxNmRiMzg3M2M3ZDQ1ZWFjM2FjNjIwZjA0NDYxNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx4yblpw2j8IaH6G/ucGXf8C7WtA
kirt9g0fL2zyYgLqO0YulYWLexFofAAoxWcKrlrM656PSGoeQJjkcRH/x2ZHGacy
fvQsCvYBfPKFFadodNeSuAMCgg+QFXqv4CaVvlYtdb3dC6z+OAfRGUNzUbvbRRgo
iL3VJIYtxFo0cM85E2bGzi4YJ/QXgwYFNNitqyglFQZhsKnGAvL+H222pSlIlpYO
OiGAXDd/wOp0qt+6OleXuQpAkZtDjtGgR5BtR8EMdyMeMR25Gaa61iD0ybO3ktob
FPaiAVvBqH5j3wC0xTp5eD9Lw7FqJnCPAOYi7rCxwUMFioyjSEfYdWS4QwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHvcvHVxbbOHPH1F6sOsYg8ERhbPMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvZTl5OGRYRnRzNGM4ZlVYcXc2eGlEd1JHRnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQARUj4
AwQATV9xAwQBXXFuAwQBXXJWAwQBXXK4AwQBXXLqAwQDsDg4AwQCuRG0AwQCuUEo
AwQCuaTEAwQAubX8AwQBvNQiAwQAwPrgAwQAwPrqAwQAwPrvAwQAw/oXAwQAxiZQ
AwQAxiZSAwQAxiZcAwQD0SoQMA0GCSqGSIb3DQEBCwUAA4IBAQAO+YbF/arbcB16
baJwQurZvZcojei77E1YVvkFuXchSb4S8jP6O7zqaIPe74nEo7k1Vu18nk5iIWjb
7ZOdWJpr3EAUaoWTeetwf//uizcGiCjo7J8OhgeUmXwF9nTx27iXRD4tyFV5EYqa
YIymRkfvzB/bNoPSLXgiApl/RCI1CPVJvGg7Oj5dktooMbYG5w82iLax1xew0Xvv
H93TrKnHJasTM6zOYbJDmue4PruaIU9Is1PflIDJeP0IYLEaIY+JmKiqlJwaqyYI
liO2ZfNwqqLdN2YyHuvyNp8zzwuMtvYW0ffeycqw/qtVNnxsQGJeDFfWXnhU+ENl
SDx+CEGg
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:41:35 2025 by rpki-client