Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/1HdPbbp2ON9jlXjCNvcwdVOS4l8.roa
File: 1HdPbbp2ON9jlXjCNvcwdVOS4l8.roa (raw, json)
Hash identifier: Go8nz4UdWLEFOEpTAtQD2sB7T0peVkkimD6UE/yKI0U=
Subject key identifier: D4:77:4F:6D:BA:76:38:DF:63:95:78:C2:36:F7:30:75:53:92:E2:5F
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 01982DFD6A723DC7FB54861D5632E290838D
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/1HdPbbp2ON9jlXjCNvcwdVOS4l8.roa
Signing time: Mon 21 Jul 2025 17:17:19 +0000
ROA not before: Mon 21 Jul 2025 17:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9002
IP address blocks: 2.58.98.0/24 maxlen: 24
31.128.32.0/22 maxlen: 24
37.233.82.0/23 maxlen: 24
37.233.84.0/23 maxlen: 24
37.233.86.0/24 maxlen: 24
45.92.174.0/24 maxlen: 24
45.130.212.0/22 maxlen: 24
45.137.188.0/24 maxlen: 24
45.145.5.0/24 maxlen: 24
45.145.163.0/24 maxlen: 24
45.152.87.0/24 maxlen: 24
45.156.20.0/24 maxlen: 24
46.173.20.0/24 maxlen: 24
77.73.233.0/24 maxlen: 24
77.73.235.0/24 maxlen: 24
77.73.238.0/24 maxlen: 24
83.222.20.0/23 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
185.77.231.0/24 maxlen: 24
194.36.208.0/24 maxlen: 24
194.113.209.0/24 maxlen: 24
212.74.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:fd:6a:72:3d:c7:fb:54:86:1d:56:32:e2:90:83:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jul 21 17:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4774f6dba7638df639578c236f730755392e25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:bc:02:67:e4:05:6c:74:ef:86:29:ee:05:
52:f5:be:b9:2b:5c:b4:33:dd:18:6d:48:bf:aa:a4:
44:0a:48:3c:f9:0a:f6:a2:6e:66:41:84:df:fd:f7:
a6:da:59:49:9f:e4:f0:ef:1f:31:fe:74:22:c8:94:
71:c8:1f:56:f3:a2:92:ac:d7:4f:e2:9a:0e:08:24:
8c:db:8f:62:13:55:3a:07:47:06:cf:45:68:49:66:
cf:36:b2:f9:e8:b9:17:54:3a:15:3f:c7:c2:2f:62:
dc:7e:66:eb:5b:19:6e:0c:d2:11:c4:c6:14:cd:4f:
5f:c0:90:c2:31:17:93:3d:2e:13:d0:42:cf:e1:5e:
84:b8:4b:68:fe:4b:6a:82:5e:5f:da:27:0a:88:03:
3e:2f:91:dc:9e:9d:db:76:23:95:53:d3:fc:95:7a:
fa:7e:52:43:e9:df:2f:0d:03:24:50:af:2e:f1:c2:
11:9f:de:b6:bd:fa:c1:ad:aa:e4:80:27:77:bd:16:
5a:68:2a:bb:b1:8f:78:f9:fb:2c:56:4b:19:8a:b7:
1a:20:fb:f7:7f:17:36:d6:bc:18:1f:94:82:f4:5d:
7f:9e:da:2e:18:41:b1:a3:fc:28:6b:e0:db:ae:e7:
a2:9c:40:7f:74:23:89:71:6b:1b:53:79:45:ba:51:
2e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:4F:6D:BA:76:38:DF:63:95:78:C2:36:F7:30:75:53:92:E2:5F
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/1HdPbbp2ON9jlXjCNvcwdVOS4l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.98.0/24
31.128.32.0/22
37.233.82.0-37.233.86.255
45.92.174.0/24
45.130.212.0/22
45.137.188.0/24
45.145.5.0/24
45.145.163.0/24
45.152.87.0/24
45.156.20.0/24
46.173.20.0/24
77.73.233.0/24
77.73.235.0/24
77.73.238.0/24
83.222.20.0/23
90.156.254.0/23
91.218.142.0/23
185.77.231.0/24
194.36.208.0/24
194.113.209.0/24
212.74.231.0/24
Signature Algorithm: sha256WithRSAEncryption
94:77:32:36:03:52:ec:0b:f8:1b:78:c5:7b:8f:9e:25:e7:43:
db:9f:f4:cb:8c:a6:2c:9b:dd:05:48:e4:48:39:14:b2:cd:03:
74:4d:b1:0c:15:7d:aa:80:75:a5:96:83:ba:d4:c5:5a:7a:56:
ab:37:8e:f0:6e:af:be:a9:e2:29:27:98:82:55:1f:c0:7c:48:
06:99:a0:9e:2f:8e:7d:1a:3f:92:9d:2d:d9:04:af:b0:40:4a:
a9:60:d5:c6:8a:66:64:43:f4:b9:1f:59:97:92:13:8b:e0:91:
a0:27:93:2e:d9:cc:26:13:65:fe:34:09:92:41:ab:61:2f:1c:
23:00:9b:8f:d7:78:50:99:89:e1:d1:9c:3a:de:2f:6c:c9:c6:
a2:4c:17:53:d0:4c:a4:c3:73:e1:eb:dd:95:7d:a0:de:84:cc:
d8:5b:79:28:09:4e:ee:9d:5c:37:df:cd:34:50:76:40:77:05:
47:49:b3:e6:b9:af:69:7d:6c:f7:0b:78:8e:19:51:c2:0b:42:
90:9f:49:95:f4:d0:d0:f3:dc:3a:92:8a:1b:2f:ed:31:db:89:
fd:d2:99:19:61:a1:5d:5a:30:15:a6:1f:e2:2f:eb:a3:e5:85:
85:89:d7:b8:d1:db:11:51:f0:1d:36:b6:a1:b5:27:e7:55:56:
5a:8e:80:80
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZgt/WpyPcf7VIYdVjLikIONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwNzIxMTcxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc3NGY2ZGJhNzYzOGRmNjM5NTc4YzIzNmY3MzA3NTUzOTJlMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN+8AmfkBWx074Yp7gVS9b65K1y0
M90YbUi/qqRECkg8+Qr2om5mQYTf/fem2llJn+Tw7x8x/nQiyJRxyB9W86KSrNdP
4poOCCSM249iE1U6B0cGz0VoSWbPNrL56LkXVDoVP8fCL2LcfmbrWxluDNIRxMYU
zU9fwJDCMReTPS4T0ELP4V6EuEto/ktqgl5f2icKiAM+L5Hcnp3bdiOVU9P8lXr6
flJD6d8vDQMkUK8u8cIRn962vfrBrarkgCd3vRZaaCq7sY94+fssVksZircaIPv3
fxc21rwYH5SC9F1/ntouGEGxo/woa+DbrueinEB/dCOJcWsbU3lFulEu6QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNR3T226djjfY5V4wjb3MHVTkuJfMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvMUhkUGJicDJPTjlqbFhqQ052Y3dkVk9TNGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAC
OmIDBAIfgCAwDAMEASXpUgMEACXpVgMEAC1crgMEAi2C1AMEAC2JvAMEAC2RBQME
AC2RowMEAC2YVwMEAC2cFAMEAC6tFAMEAE1J6QMEAE1J6wMEAE1J7gMEAVPeFAME
AVqc/gMEAVvajgMEALlN5wMEAMIk0AMEAMJx0QMEANRK5zANBgkqhkiG9w0BAQsF
AAOCAQEAlHcyNgNS7Av4G3jFe4+eJedD25/0y4ymLJvdBUjkSDkUss0DdE2xDBV9
qoB1pZaDutTFWnpWqzeO8G6vvqniKSeYglUfwHxIBpmgni+OfRo/kp0t2QSvsEBK
qWDVxopmZEP0uR9Zl5ITi+CRoCeTLtnMJhNl/jQJkkGrYS8cIwCbj9d4UJmJ4dGc
Ot4vbMnGokwXU9BMpMNz4evdlX2g3oTM2Ft5KAlO7p1cN9/NNFB2QHcFR0mz5rmv
aX1s9wt4jhlRwgtCkJ9JlfTQ0PPcOpKKGy/tMduJ/dKZGWGhXVowFaYf4i/ro+WF
hYnXuNHbEVHwHTa2obUn51VWWo6AgA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 16:46:46 2025 by rpki-client