Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/x3nqxHENVx6z3K0pIf-XmBxM8uo.roa
File: x3nqxHENVx6z3K0pIf-XmBxM8uo.roa (raw, json)
Hash identifier: wuURTJePv583PfrVsyxxz/yyWiHn+PihCcbD8+m6VU4=
Subject key identifier: C7:79:EA:C4:71:0D:57:1E:B3:DC:AD:29:21:FF:97:98:1C:4C:F2:EA
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019819C434C5AD335C14486524CD4C1E9AD1
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/x3nqxHENVx6z3K0pIf-XmBxM8uo.roa
Signing time: Thu 17 Jul 2025 19:02:25 +0000
ROA not before: Thu 17 Jul 2025 19:02:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
74.124.204.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.100.0/22 maxlen: 24
88.135.104.0/21 maxlen: 24
89.34.171.0/24 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
195.133.202.0/23 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:19:c4:34:c5:ad:33:5c:14:48:65:24:cd:4c:1e:9a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 17 19:02:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c779eac4710d571eb3dcad2921ff97981c4cf2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:fd:4f:e7:56:33:9b:2d:b3:b1:c9:29:44:
05:c7:76:60:56:d7:f3:f8:b7:19:61:7b:ca:33:af:
b8:57:64:8d:fb:12:21:82:c2:06:46:37:b0:be:72:
e6:82:46:5c:79:81:f0:9a:0a:af:72:70:67:a2:c3:
b8:f7:a9:e2:65:f2:26:3c:1f:26:86:c3:c6:80:c3:
43:2e:ca:f5:3f:82:4c:17:e5:1c:83:96:2d:2a:83:
7c:4a:63:fb:b1:09:e3:df:77:db:72:4c:4c:7a:51:
33:9a:19:33:1f:e0:89:93:59:08:14:2d:22:ed:9f:
5e:55:20:35:35:26:50:e6:05:fd:5e:98:12:17:30:
21:0a:e5:53:46:cf:b3:61:13:0e:05:22:1f:30:76:
f5:39:40:fc:20:2d:71:50:ad:8c:4c:84:11:55:01:
ba:e4:84:a4:96:37:ba:fe:04:71:46:93:cb:21:c8:
ab:86:69:d7:67:3f:e9:4a:39:7c:01:f0:15:66:19:
05:53:47:94:bd:b9:ee:24:9a:57:b2:96:14:b8:df:
c3:bb:c7:0a:29:74:dd:3c:bc:8c:91:64:41:a4:d9:
18:63:99:14:49:33:48:72:26:3a:03:3a:0e:e8:62:
75:4a:85:b2:1e:77:07:eb:83:9b:4b:de:45:14:78:
7b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:79:EA:C4:71:0D:57:1E:B3:DC:AD:29:21:FF:97:98:1C:4C:F2:EA
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/x3nqxHENVx6z3K0pIf-XmBxM8uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
66.117.8.0/22
74.124.204.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.100.0-88.135.111.255
89.34.171.0/24
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
178.216.184.0/21
195.133.202.0/23
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
32:09:51:04:aa:af:87:80:33:fd:44:0c:93:75:5d:90:71:9a:
4c:70:a4:29:ad:f5:3d:c0:c1:2d:c8:cb:5c:66:48:0e:f4:b6:
38:8f:ec:11:18:12:0c:72:b8:fa:f1:67:58:34:a4:e4:aa:9a:
81:84:3e:b1:82:5a:00:7a:d0:f4:c0:37:6b:33:b8:2c:c9:34:
dc:75:aa:0c:88:1b:5f:1c:b2:9e:70:5c:ee:ee:24:2d:0e:67:
df:4b:6d:7c:69:c6:05:9c:b9:73:ee:9c:66:4a:38:68:3e:c1:
f2:9c:6f:5d:08:b9:59:8f:f0:ef:c5:eb:ac:67:10:33:0a:cd:
36:b9:4e:fe:0d:0c:7e:f6:77:4f:ce:ca:74:04:9c:fe:9c:b0:
89:87:15:af:ab:16:9f:7c:cf:6e:75:33:40:5c:96:69:4b:c6:
f4:c4:2a:f3:5c:c2:c4:3f:e9:de:88:12:66:cc:af:33:3d:c3:
e0:66:b2:98:b1:5b:51:b2:59:98:06:bf:aa:0e:ed:c9:f3:16:
38:2f:e7:56:e1:be:05:1d:3d:c2:34:2f:86:17:98:ed:c6:48:
90:5e:26:52:17:61:80:9f:ea:a9:46:a5:f7:71:99:68:a0:4a:
26:7b:61:ad:0f:68:ac:d6:f8:aa:91:2a:c8:15:21:e4:f3:b3:
0c:3e:3b:23
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZgZxDTFrTNcFEhlJM1MHprRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNzE3MTkwMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc5ZWFjNDcxMGQ1NzFlYjNkY2FkMjkyMWZmOTc5ODFjNGNmMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSv9T+dWM5sts7HJKUQFx3ZgVtfz
+LcZYXvKM6+4V2SN+xIhgsIGRjewvnLmgkZceYHwmgqvcnBnosO496niZfImPB8m
hsPGgMNDLsr1P4JMF+Ucg5YtKoN8SmP7sQnj33fbckxMelEzmhkzH+CJk1kIFC0i
7Z9eVSA1NSZQ5gX9XpgSFzAhCuVTRs+zYRMOBSIfMHb1OUD8IC1xUK2MTIQRVQG6
5ISklje6/gRxRpPLIcirhmnXZz/pSjl8AfAVZhkFU0eUvbnuJJpXspYUuN/Du8cK
KXTdPLyMkWRBpNkYY5kUSTNIciY6AzoO6GJ1SoWyHncH64ObS95FFHh7gwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFMd56sRxDVces9ytKSH/l5gcTPLqMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEveDNucXhIRU5WeDZ6M0swcElmLVhtQnhNOHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBARC
CWADBAJCdQgDBAJKfMwwDAMEBk3fwAMEAU3fyAMEAU+LQAMEA1OOyDAMAwQCWIdk
AwQEWIdgAwQAWSKrAwQDXXe4AwQBXhpuAwQAXmVnAwQDX7IIAwQDdDIQAwQDeX84
AwQCsN4wAwQDsti4AwQBw4XKAwQCxpFwAwQCzYb0MA0GCSqGSIb3DQEBCwUAA4IB
AQAyCVEEqq+HgDP9RAyTdV2QcZpMcKQprfU9wMEtyMtcZkgO9LY4j+wRGBIMcrj6
8WdYNKTkqpqBhD6xgloAetD0wDdrM7gsyTTcdaoMiBtfHLKecFzu7iQtDmffS218
acYFnLlz7pxmSjhoPsHynG9dCLlZj/DvxeusZxAzCs02uU7+DQx+9ndPzsp0BJz+
nLCJhxWvqxaffM9udTNAXJZpS8b0xCrzXMLEP+neiBJmzK8zPcPgZrKYsVtRslmY
Br+qDu3J8xY4L+dW4b4FHT3CNC+GF5jtxkiQXiZSF2GAn+qpRqX3cZlooEome2Gt
D2is1viqkSrIFSHk87MMPjsj
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:17:42 2025 by rpki-client