Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/DIGihInxQE_qtDIbFzBUW-C89Mw.roa
File: DIGihInxQE_qtDIbFzBUW-C89Mw.roa (raw, json)
Hash identifier: FXM/wWSAKUMelSkD9bI6fw7ON/Y32mUnfC0zIWCpRBw=
Subject key identifier: 0C:81:A2:84:89:F1:40:4F:EA:B4:32:1B:17:30:54:5B:E0:BC:F4:CC
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 0197C18D283108BDBF9FF1643E9DEB24A0DE
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/DIGihInxQE_qtDIbFzBUW-C89Mw.roa
Signing time: Mon 30 Jun 2025 15:55:42 +0000
ROA not before: Mon 30 Jun 2025 15:55:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
91.235.207.0/24 maxlen: 24
92.42.0.0/24 maxlen: 24
185.98.158.0/24 maxlen: 24
193.33.105.0/24 maxlen: 24
193.176.99.0/24 maxlen: 24
193.239.176.0/24 maxlen: 24
194.32.82.0/24 maxlen: 24
194.106.206.0/24 maxlen: 24
194.169.202.0/24 maxlen: 24
195.35.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:8d:28:31:08:bd:bf:9f:f1:64:3e:9d:eb:24:a0:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jun 30 15:55:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c81a28489f1404feab4321b1730545be0bcf4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:96:b1:43:31:3a:7d:97:c9:af:67:1a:c7:
bc:da:7f:b7:b7:84:05:85:6f:35:24:58:02:07:07:
28:98:1c:06:86:49:2d:67:36:38:c6:a3:3b:ee:3b:
ee:01:3a:c5:07:e0:97:61:f1:f1:33:82:23:80:5c:
68:a9:1e:73:0f:6b:c1:14:15:7b:b8:67:a7:3e:15:
ce:d1:f0:bb:ec:80:af:e0:f0:e0:41:46:23:da:ef:
ee:26:f1:d2:a7:7c:41:91:6c:19:2e:2c:77:e5:b3:
b1:e7:9b:e2:35:a1:60:56:60:17:87:6e:a2:29:76:
bc:12:6e:ed:4f:0d:9a:3d:eb:d9:f6:a1:89:8e:b8:
8f:0d:5d:54:23:8c:41:9a:34:fa:d0:07:ad:ac:24:
e0:94:8a:24:e4:a4:7d:ea:56:7c:88:bc:c9:92:0b:
e9:71:b2:9c:91:67:d3:d9:3f:dd:dc:ee:6b:21:a6:
55:ea:95:52:21:b3:55:ac:6c:0d:5b:e3:f8:4e:a6:
ce:e5:37:53:29:54:1a:ee:e8:ce:e0:92:ce:2b:ef:
7d:50:55:19:a8:0c:db:04:c4:06:4f:d7:c4:10:fd:
82:96:25:b5:a8:dd:e3:2b:34:ab:c3:0e:a6:ab:b3:
cf:34:31:95:1f:75:62:4d:b8:5c:9b:c0:0a:57:55:
26:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:81:A2:84:89:F1:40:4F:EA:B4:32:1B:17:30:54:5B:E0:BC:F4:CC
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/DIGihInxQE_qtDIbFzBUW-C89Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
91.235.207.0/24
92.42.0.0/24
185.98.158.0/24
193.33.105.0/24
193.176.99.0/24
193.239.176.0/24
194.32.82.0/24
194.106.206.0/24
194.169.202.0/24
195.35.100.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0f:a7:7b:73:eb:71:32:5c:85:47:9f:b9:e7:f2:be:2b:33:
a3:71:60:3e:a6:4e:5c:88:69:12:5d:b3:4b:cc:42:bb:a3:26:
40:ad:39:53:8e:b4:86:12:06:85:d5:8c:f4:f8:b0:51:b9:97:
02:71:69:2f:10:b0:87:77:48:04:11:4d:9a:d1:b9:5e:55:dc:
87:d3:2b:0d:6f:10:12:78:51:0c:c2:70:76:b4:1a:bd:b4:13:
47:f5:bf:8f:a3:ca:85:e8:9b:0f:fb:2c:cc:ab:a1:dd:82:ba:
49:af:bd:21:6b:05:9f:3d:b7:c7:46:90:5b:56:08:a6:56:9a:
e4:af:1d:c0:5a:84:b3:c8:f8:ba:aa:a5:73:44:48:07:c8:cf:
de:fc:1c:4a:cd:2a:f7:f6:17:b0:b6:b8:24:6c:6c:c3:d5:89:
02:bb:23:ce:35:2b:02:b7:66:3a:94:ee:f9:66:1b:19:c1:cf:
36:cd:be:d9:3f:04:c1:44:88:05:79:7d:2b:73:83:c0:90:04:
86:90:4b:42:b6:db:3d:3f:46:23:dd:a0:8f:23:1a:1c:42:25:
53:70:d9:8b:35:73:e8:7c:bf:9e:28:3b:0d:61:02:cd:4a:3d:
53:c6:fe:28:e7:ff:ed:f5:71:7f:07:c4:5a:35:85:49:d6:4b:
99:af:cc:f7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZfBjSgxCL2/n/FkPp3rJKDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwNjMwMTU1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzgxYTI4NDg5ZjE0MDRmZWFiNDMyMWIxNzMwNTQ1YmUwYmNmNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGGWsUMxOn2Xya9nGse82n+3t4QF
hW81JFgCBwcomBwGhkktZzY4xqM77jvuATrFB+CXYfHxM4IjgFxoqR5zD2vBFBV7
uGenPhXO0fC77ICv4PDgQUYj2u/uJvHSp3xBkWwZLix35bOx55viNaFgVmAXh26i
KXa8Em7tTw2aPevZ9qGJjriPDV1UI4xBmjT60AetrCTglIok5KR96lZ8iLzJkgvp
cbKckWfT2T/d3O5rIaZV6pVSIbNVrGwNW+P4TqbO5TdTKVQa7ujO4JLOK+99UFUZ
qAzbBMQGT9fEEP2CliW1qN3jKzSrww6mq7PPNDGVH3ViTbhcm8AKV1UmpQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAyBooSJ8UBP6rQyGxcwVFvgvPTMMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvRElHaWhJbnhRRV9xdERJYkZ6QlVXLUM4OU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBWSNQAwQB
WSjeAwQBWS18AwQAW+vPAwQAXCoAAwQAuWKeAwQAwSFpAwQAwbBjAwQAwe+wAwQA
wiBSAwQAwmrOAwQAwqnKAwQAwyNkMA0GCSqGSIb3DQEBCwUAA4IBAQBED6d7c+tx
MlyFR5+55/K+KzOjcWA+pk5ciGkSXbNLzEK7oyZArTlTjrSGEgaF1Yz0+LBRuZcC
cWkvELCHd0gEEU2a0bleVdyH0ysNbxASeFEMwnB2tBq9tBNH9b+Po8qF6JsP+yzM
q6HdgrpJr70hawWfPbfHRpBbVgimVprkrx3AWoSzyPi6qqVzREgHyM/e/BxKzSr3
9hewtrgkbGzD1YkCuyPONSsCt2Y6lO75ZhsZwc82zb7ZPwTBRIgFeX0rc4PAkASG
kEtCtts9P0Yj3aCPIxocQiVTcNmLNXPofL+eKDsNYQLNSj1Txv4o5//t9XF/B8Ra
NYVJ1kuZr8z3
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:22:34 2025 by rpki-client