Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_f3bAh3QZBzzfoMBw1ivQ7tCgBg.roa
File: _f3bAh3QZBzzfoMBw1ivQ7tCgBg.roa (raw, json)
Hash identifier: 40q7FyKfBAV0CHaycHYZH72iTxMdhgLI5P4rdAUvrj8=
Subject key identifier: FD:FD:DB:02:1D:D0:64:1C:F3:7E:83:01:C3:58:AF:43:BB:42:80:18
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019819C436622FEBF6D074F4073E7F66F0A4
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_f3bAh3QZBzzfoMBw1ivQ7tCgBg.roa
Signing time: Thu 17 Jul 2025 19:02:26 +0000
ROA not before: Thu 17 Jul 2025 19:02:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20115
IP address blocks: 66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.100.0/22 maxlen: 24
88.135.104.0/21 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:19:c4:36:62:2f:eb:f6:d0:74:f4:07:3e:7f:66:f0:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 17 19:02:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdfddb021dd0641cf37e8301c358af43bb428018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2e:5f:fd:9c:0e:d9:c9:67:fe:0f:9b:dc:03:
d1:cd:92:dd:37:ed:d6:91:06:0b:4f:2a:74:60:8c:
9e:7c:13:9c:8c:44:fe:55:ec:6e:24:af:b4:8a:14:
37:ea:75:34:2b:0a:77:ff:3b:17:00:05:a9:fb:78:
9c:be:9a:fc:f3:f1:95:13:af:c5:c7:de:53:38:f7:
83:f5:cf:03:9e:e5:79:a5:90:6b:ba:24:ae:fb:26:
02:34:8e:b1:8e:c6:c5:8a:0d:71:0d:ac:06:fd:12:
21:47:62:68:1d:92:0b:61:96:e2:29:53:2a:ed:56:
74:e0:2d:08:dc:43:aa:56:f2:82:1a:72:b0:1c:1c:
48:41:43:1f:8b:5a:7b:58:81:3e:ab:b0:e1:88:97:
1e:ec:75:70:6d:d6:29:1f:67:07:dd:45:97:35:18:
cf:6d:4e:22:a4:fb:04:c5:58:9f:31:91:70:db:9b:
5a:eb:95:c3:47:0f:00:ba:2c:17:27:40:5c:6d:86:
1f:23:0c:83:7e:b7:13:7c:21:62:19:88:a7:58:27:
44:d8:cf:10:4e:26:2b:27:72:06:52:eb:2e:ba:40:
ea:ba:97:4c:8d:68:20:dd:e3:c4:a0:e0:fa:d2:92:
6e:59:04:ff:ed:86:1f:5e:d7:70:46:47:89:9a:2c:
eb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FD:DB:02:1D:D0:64:1C:F3:7E:83:01:C3:58:AF:43:BB:42:80:18
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/_f3bAh3QZBzzfoMBw1ivQ7tCgBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.100.0-88.135.111.255
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
195.133.202.0/23
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:08:e7:41:34:dd:0b:4e:d9:ee:a0:72:8f:42:ff:09:70:5b:
c0:60:d6:51:50:a4:02:1e:92:e6:53:a5:26:30:fb:8b:61:7b:
a4:75:0a:57:a0:97:f5:87:c3:99:f8:04:d1:d0:3d:07:f7:c6:
99:d6:dd:46:79:7e:42:4f:52:f2:92:c6:5f:e0:35:fb:f2:f1:
03:88:8a:9d:4e:bb:ff:e6:fe:3d:26:49:1f:48:02:14:35:58:
6b:b7:9a:8c:a5:9f:cd:fe:cd:97:f7:38:67:31:11:f9:0b:c4:
89:d2:59:25:97:7a:f3:ec:d4:6e:f4:cd:8a:10:9b:18:51:8a:
7f:62:ec:d7:e8:45:81:9c:f3:72:c3:0d:6d:39:19:2b:d8:92:
bb:e8:ff:82:31:16:db:53:e4:d7:52:a1:30:0e:38:62:ea:d1:
9f:74:5a:39:92:f9:af:7e:fe:da:54:63:03:47:e7:2b:e5:8e:
15:48:9d:8f:8c:2b:46:8a:46:45:1f:c1:e8:08:48:23:b8:91:
6e:28:a6:76:e3:fc:96:b9:18:bb:d8:79:39:19:ed:31:ea:73:
c4:b1:19:2c:2f:94:f5:99:62:32:0c:fb:f7:27:0a:e7:68:bd:
bf:3b:0a:b5:95:5b:d1:2b:51:e1:c3:39:7b:c6:83:b3:a3:ee:
ed:e2:01:0d
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZgZxDZiL+v20HT0Bz5/ZvCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNzE3MTkwMjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZkZGIwMjFkZDA2NDFjZjM3ZTgzMDFjMzU4YWY0M2JiNDI4MDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC5f/ZwO2cln/g+b3APRzZLdN+3W
kQYLTyp0YIyefBOcjET+VexuJK+0ihQ36nU0Kwp3/zsXAAWp+3icvpr88/GVE6/F
x95TOPeD9c8DnuV5pZBruiSu+yYCNI6xjsbFig1xDawG/RIhR2JoHZILYZbiKVMq
7VZ04C0I3EOqVvKCGnKwHBxIQUMfi1p7WIE+q7DhiJce7HVwbdYpH2cH3UWXNRjP
bU4ipPsExVifMZFw25ta65XDRw8AuiwXJ0BcbYYfIwyDfrcTfCFiGYinWCdE2M8Q
TiYrJ3IGUusuukDqupdMjWgg3ePEoOD60pJuWQT/7YYfXtdwRkeJmizrWQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFP392wId0GQc836DAcNYr0O7QoAYMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvX2YzYkFoM1FaQnp6Zm9NQncxaXZRN3RDZ0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBEIJYAME
AkJ1CDAMAwQGTd/AAwQBTd/IAwQBT4tAAwQDU47IMAwDBAJYh2QDBARYh2ADBANd
d7gDBAFeGm4DBABeZWcDBANfsggDBAN0MhADBAN5fzgDBAKw3jADBAHDhcoDBALG
kXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBADsI50E03QtO2e6gco9C/wlwW8Bg
1lFQpAIekuZTpSYw+4the6R1Clegl/WHw5n4BNHQPQf3xpnW3UZ5fkJPUvKSxl/g
Nfvy8QOIip1Ou//m/j0mSR9IAhQ1WGu3moyln83+zZf3OGcxEfkLxInSWSWXevPs
1G70zYoQmxhRin9i7NfoRYGc83LDDW05GSvYkrvo/4IxFttT5NdSoTAOOGLq0Z90
WjmS+a9+/tpUYwNH5yvljhVInY+MK0aKRkUfwegISCO4kW4opnbj/Ja5GLvYeTkZ
7THqc8SxGSwvlPWZYjIM+/cnCudovb87CrWVW9ErUeHDOXvGg7Oj7u3iAQ0=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:08:54 2025 by rpki-client