Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/dyjCfezmrjXUwdP9Dm4sjrSVuqU.roa
File: dyjCfezmrjXUwdP9Dm4sjrSVuqU.roa (raw, json)
Hash identifier: crb2Uxi1RrTIkcXVU3AHVQpS6s9LjzCRXWF9LTJM0/Q=
Subject key identifier: 77:28:C2:7D:EC:E6:AE:35:D4:C1:D3:FD:0E:6E:2C:8E:B4:95:BA:A5
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01980A373BC473681E4CD17600DF35FE5603
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/dyjCfezmrjXUwdP9Dm4sjrSVuqU.roa
Signing time: Mon 14 Jul 2025 18:34:08 +0000
ROA not before: Mon 14 Jul 2025 18:34:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200598
IP address blocks: 24.235.22.0/23 maxlen: 24
31.187.92.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
69.72.72.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.110.184.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
85.204.28.0/23 maxlen: 24
86.106.28.0/23 maxlen: 24
89.20.50.0/23 maxlen: 24
89.37.60.0/23 maxlen: 24
89.39.184.0/23 maxlen: 24
89.40.236.0/23 maxlen: 24
89.42.215.0/24 maxlen: 24
91.210.80.0/22 maxlen: 24
91.217.106.0/23 maxlen: 24
95.215.144.0/22 maxlen: 24
121.127.48.0/20 maxlen: 24
128.0.60.0/22 maxlen: 24
141.193.108.0/22 maxlen: 24
141.193.214.0/23 maxlen: 24
162.216.138.0/23 maxlen: 24
162.250.216.0/22 maxlen: 24
168.149.248.0/23 maxlen: 24
173.214.200.0/22 maxlen: 24
176.111.54.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
188.215.12.0/22 maxlen: 24
193.91.8.0/23 maxlen: 24
195.78.90.0/23 maxlen: 24
195.128.136.0/24 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
199.48.230.0/23 maxlen: 24
204.15.4.0/22 maxlen: 24
205.220.216.0/23 maxlen: 24
217.144.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:37:3b:c4:73:68:1e:4c:d1:76:00:df:35:fe:56:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 14 18:34:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7728c27dece6ae35d4c1d3fd0e6e2c8eb495baa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:bf:82:77:14:1d:76:62:a1:3e:1e:46:9e:
c2:f3:c0:29:4b:bd:fd:8a:59:cb:e5:40:be:6a:b2:
4a:7c:e2:38:8a:e0:d2:86:e8:61:3a:89:eb:f6:3b:
6b:f4:e0:74:6f:96:4c:72:25:0d:e6:70:b0:6f:6d:
02:e0:6b:e4:c2:5f:92:ed:84:9a:a1:b4:c4:d1:6e:
43:d5:6e:9b:24:f3:44:80:9f:ad:e5:bb:5d:63:a0:
5f:32:04:7d:1e:44:d4:63:0e:b9:b0:28:13:3b:9a:
88:c8:67:4d:70:65:d2:42:31:e6:08:95:cf:9e:1d:
d2:84:62:79:af:9f:22:94:8a:58:05:bc:0d:8e:cb:
cf:e8:11:66:36:5f:bb:d4:5e:9d:62:ca:42:85:e0:
b0:a2:6f:05:c1:c0:26:29:fd:cf:19:fa:35:e2:60:
5e:6e:de:a2:18:7b:34:ea:92:27:68:b9:9d:86:a0:
c5:6d:47:f4:98:df:6f:e4:12:ed:83:9d:b8:dc:5f:
c7:c7:8c:15:87:b3:a1:df:1b:1f:c8:07:fe:5f:83:
f2:57:c7:3d:ff:75:cc:e5:79:54:d2:c7:ca:c4:f6:
4e:a8:fe:d9:1c:8e:ea:9f:37:99:70:c3:79:e7:5c:
ef:ba:38:0f:eb:82:07:03:12:e8:4a:a9:59:ce:ee:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:28:C2:7D:EC:E6:AE:35:D4:C1:D3:FD:0E:6E:2C:8E:B4:95:BA:A5
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/dyjCfezmrjXUwdP9Dm4sjrSVuqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
31.187.92.0/22
66.9.96.0/20
69.72.72.0/22
77.223.192.0-77.223.201.255
79.110.184.0/22
79.139.64.0/23
83.142.200.0/21
85.204.28.0/23
86.106.28.0/23
89.20.50.0/23
89.37.60.0/23
89.39.184.0/23
89.40.236.0/23
89.42.215.0/24
91.210.80.0/22
91.217.106.0/23
95.215.144.0/22
121.127.48.0/20
128.0.60.0/22
141.193.108.0/22
141.193.214.0/23
162.216.138.0/23
162.250.216.0/22
168.149.248.0/23
173.214.200.0/22
176.111.54.0/23
176.222.48.0/22
178.216.184.0/21
188.215.12.0/22
193.91.8.0/23
195.78.90.0/23
195.128.136.0/24
198.14.16.0/20
198.145.112.0/22
199.48.230.0/23
204.15.4.0/22
205.220.216.0/23
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
49:ed:ab:ba:4e:c3:30:a9:7f:8f:ab:a4:74:14:12:3c:bd:0c:
84:7a:c7:17:86:9f:1f:77:98:89:bf:be:13:f0:e7:f2:0e:90:
b9:18:27:36:90:fa:0b:00:31:3a:33:d6:e9:b1:ce:25:f8:2b:
f5:70:d6:64:12:b1:75:41:6b:be:9b:b3:2a:99:0c:48:7b:93:
dc:10:d6:a2:95:b8:26:25:b1:0a:41:dc:a3:c8:f8:ac:0f:f8:
0f:d7:e1:d2:9f:09:56:a2:d2:04:c1:65:1e:f5:78:88:83:60:
63:ba:20:8c:ef:2b:27:65:4f:c8:5c:26:9f:74:5d:31:c9:67:
47:87:58:2c:1b:24:d3:11:64:e4:fe:0c:b5:27:0c:f8:53:b0:
fa:03:8a:55:cb:93:69:0f:14:46:b1:79:b5:85:25:d4:b7:88:
93:7b:7c:e6:1f:8f:a6:d7:9d:f8:59:67:c3:84:ec:85:33:56:
aa:ff:64:47:7c:37:09:2a:af:a9:45:58:bd:ca:96:13:6e:7e:
f2:d3:ed:44:2d:73:5a:da:6d:1e:17:e9:c5:f7:5a:cf:9d:37:
35:83:0d:d4:19:a1:97:37:09:c9:0c:63:80:51:21:fd:2b:b7:
82:8a:09:45:c4:fa:1a:18:be:ee:43:2d:2b:dd:0d:55:20:71:
da:57:0e:c3
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZgKNzvEc2geTNF2AN81/lYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNzE0MTgzNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI4YzI3ZGVjZTZhZTM1ZDRjMWQzZmQwZTZlMmM4ZWI0OTViYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytq/gncUHXZioT4eRp7C88ApS739
ilnL5UC+arJKfOI4iuDShuhhOonr9jtr9OB0b5ZMciUN5nCwb20C4Gvkwl+S7YSa
obTE0W5D1W6bJPNEgJ+t5btdY6BfMgR9HkTUYw65sCgTO5qIyGdNcGXSQjHmCJXP
nh3ShGJ5r58ilIpYBbwNjsvP6BFmNl+71F6dYspCheCwom8FwcAmKf3PGfo14mBe
bt6iGHs06pInaLmdhqDFbUf0mN9v5BLtg5243F/Hx4wVh7Oh3xsfyAf+X4PyV8c9
/3XM5XlU0sfKxPZOqP7ZHI7qnzeZcMN551zvujgP64IHAxLoSqlZzu7OKQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFHcown3s5q411MHT/Q5uLI60lbqlMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZHlqQ2Zlem1yalhVd2RQOURtNHNqclNWdXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
GOsWAwQCH7tcAwQEQglgAwQCRUhIMAwDBAZN38ADBAFN38gDBAJPbrgDBAFPi0AD
BANTjsgDBAFVzBwDBAFWahwDBAFZFDIDBAFZJTwDBAFZJ7gDBAFZKOwDBABZKtcD
BAJb0lADBAFb2WoDBAJf15ADBAR5fzADBAKAADwDBAKNwWwDBAGNwdYDBAGi2IoD
BAKi+tgDBAGolfgDBAKt1sgDBAGwbzYDBAKw3jADBAOy2LgDBAK81wwDBAHBWwgD
BAHDTloDBADDgIgDBATGDhADBALGkXADBAHHMOYDBALMDwQDBAHN3NgDBALZkGww
DQYJKoZIhvcNAQELBQADggEBAEntq7pOwzCpf4+rpHQUEjy9DIR6xxeGnx93mIm/
vhPw5/IOkLkYJzaQ+gsAMToz1umxziX4K/Vw1mQSsXVBa76bsyqZDEh7k9wQ1qKV
uCYlsQpB3KPI+KwP+A/X4dKfCVai0gTBZR71eIiDYGO6IIzvKydlT8hcJp90XTHJ
Z0eHWCwbJNMRZOT+DLUnDPhTsPoDilXLk2kPFEaxebWFJdS3iJN7fOYfj6bXnfhZ
Z8OE7IUzVqr/ZEd8Nwkqr6lFWL3KlhNufvLT7UQtc1rabR4X6cX3Ws+dNzWDDdQZ
oZc3CckMY4BRIf0rt4KKCUXE+hoYvu5DLSvdDVUgcdpXDsM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:21:47 2025 by rpki-client