Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/7lIFtHXB365829ZW5IN2GTmpxiE.roa
File: 7lIFtHXB365829ZW5IN2GTmpxiE.roa (raw, json)
Hash identifier: oFT+IAH+APJd7wG4v75rdGM31P1CJdO17UyGsC9gm7Y=
Subject key identifier: EE:52:05:B4:75:C1:DF:AE:7C:DB:D6:56:E4:83:76:19:39:A9:C6:21
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0197F3EA45F4D8DAA0ED6623E1FC054BC9D8
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/7lIFtHXB365829ZW5IN2GTmpxiE.roa
Signing time: Thu 10 Jul 2025 10:38:26 +0000
ROA not before: Thu 10 Jul 2025 10:38:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200628
IP address blocks: 77.76.2.0/24 maxlen: 24
78.142.25.0/24 maxlen: 24
78.142.61.0/24 maxlen: 24
82.118.225.0/24 maxlen: 24
83.222.184.0/24 maxlen: 24
91.148.166.0/24 maxlen: 24
91.191.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:ea:45:f4:d8:da:a0:ed:66:23:e1:fc:05:4b:c9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jul 10 10:38:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee5205b475c1dfae7cdbd656e483761939a9c621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:e5:79:43:d4:d2:3d:a0:d5:fe:aa:92:d6:
c1:e5:2d:d8:ff:c3:e0:c7:e7:7a:6c:17:dc:52:78:
73:55:9d:89:76:ac:b0:16:f6:8a:cd:58:9d:ad:9d:
1f:3e:de:0c:e5:a3:f0:2f:89:c2:42:5a:32:be:06:
27:4e:dc:82:c4:da:88:92:18:e6:62:9e:ae:02:aa:
66:8e:94:0b:5f:58:20:fc:49:29:8d:31:e6:a3:4e:
79:18:96:b9:35:72:fa:6d:6b:a8:3b:b0:b3:e7:2e:
fc:bf:99:ce:8d:3f:15:cf:a0:05:36:98:3c:db:bf:
38:14:a1:6b:23:d9:40:fc:c0:b5:10:32:83:16:dc:
9f:3a:b1:f6:36:3a:ea:0c:41:e2:2b:17:eb:16:bc:
32:53:1c:f1:dd:45:b5:23:45:ed:6c:3a:26:7d:fe:
9b:c0:95:3c:f3:4d:2a:4c:05:4a:c2:47:a0:82:b5:
1f:7d:ea:a1:3a:53:7b:6a:54:1e:4d:64:44:5c:af:
d5:e3:24:89:d7:b6:dd:6b:00:77:c1:42:4f:28:61:
6a:75:f7:e9:62:c5:45:42:24:e9:e2:45:db:9f:e4:
80:66:c1:36:d2:06:4d:d9:b3:b9:7b:ac:20:2f:98:
30:f3:c2:bf:71:24:98:3f:82:d6:f7:73:fe:5a:ab:
b6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:52:05:B4:75:C1:DF:AE:7C:DB:D6:56:E4:83:76:19:39:A9:C6:21
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/7lIFtHXB365829ZW5IN2GTmpxiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.2.0/24
78.142.25.0/24
78.142.61.0/24
82.118.225.0/24
83.222.184.0/24
91.148.166.0/24
91.191.215.0/24
Signature Algorithm: sha256WithRSAEncryption
27:37:89:d5:f1:9b:07:a7:9f:80:34:0b:a0:71:79:61:59:59:
17:3c:84:38:36:e8:9d:ac:f6:5b:42:44:a9:8e:47:1f:4a:56:
1f:9d:11:c5:83:87:81:46:44:a0:91:36:e1:b9:26:1b:13:a9:
04:58:83:cc:94:2f:af:9b:e5:c8:b5:bb:e2:27:05:e6:15:57:
cc:cd:f8:0e:11:77:d4:80:09:e8:b7:eb:21:78:77:b3:29:90:
eb:39:86:be:a3:e5:d0:97:c4:10:4e:bc:f7:21:74:43:e7:3b:
56:bd:29:3c:3f:58:71:27:a8:44:5e:59:3e:76:02:c9:38:c6:
58:2e:19:d6:61:9a:b4:5c:3f:89:5b:a7:f2:f7:48:7f:78:85:
15:7a:6e:f4:d1:40:45:9f:61:79:79:86:db:3c:b9:14:be:f3:
5e:f2:68:73:23:82:02:33:0a:51:0e:91:86:94:c7:fc:a6:5d:
80:8d:3d:96:b3:c4:62:63:dc:07:de:2c:46:d8:bc:83:d6:cf:
55:e9:fb:57:72:6a:3c:1b:4c:6f:bd:45:ac:bb:b3:13:4b:9c:
32:87:63:b6:42:43:73:a3:f1:56:ce:4d:6c:c2:40:14:10:ca:
37:aa:17:96:6e:0d:0b:17:6f:21:2c:22:84:56:21:76:9b:63:
2b:7a:6b:92
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZfz6kX02Nqg7WYj4fwFS8nYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNzEwMTAzODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTUyMDViNDc1YzFkZmFlN2NkYmQ2NTZlNDgzNzYxOTM5YTljNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi7leUPU0j2g1f6qktbB5S3Y/8Pg
x+d6bBfcUnhzVZ2JdqywFvaKzVidrZ0fPt4M5aPwL4nCQloyvgYnTtyCxNqIkhjm
Yp6uAqpmjpQLX1gg/EkpjTHmo055GJa5NXL6bWuoO7Cz5y78v5nOjT8Vz6AFNpg8
2784FKFrI9lA/MC1EDKDFtyfOrH2NjrqDEHiKxfrFrwyUxzx3UW1I0XtbDomff6b
wJU8800qTAVKwkeggrUffeqhOlN7alQeTWREXK/V4ySJ17bdawB3wUJPKGFqdffp
YsVFQiTp4kXbn+SAZsE20gZN2bO5e6wgL5gw88K/cSSYP4LW93P+Wqu2fwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO5SBbR1wd+ufNvWVuSDdhk5qcYhMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvN2xJRnRIWEIzNjU4MjlaVzVJTjJHVG1weGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATUwCAwQA
To4ZAwQATo49AwQAUnbhAwQAU964AwQAW5SmAwQAW7/XMA0GCSqGSIb3DQEBCwUA
A4IBAQAnN4nV8ZsHp5+ANAugcXlhWVkXPIQ4NuidrPZbQkSpjkcfSlYfnRHFg4eB
RkSgkTbhuSYbE6kEWIPMlC+vm+XItbviJwXmFVfMzfgOEXfUgAnot+sheHezKZDr
OYa+o+XQl8QQTrz3IXRD5ztWvSk8P1hxJ6hEXlk+dgLJOMZYLhnWYZq0XD+JW6fy
90h/eIUVem700UBFn2F5eYbbPLkUvvNe8mhzI4ICMwpRDpGGlMf8pl2AjT2Ws8Ri
Y9wH3ixG2LyD1s9V6ftXcmo8G0xvvUWsu7MTS5wyh2O2QkNzo/FWzk1swkAUEMo3
qheWbg0LF28hLCKEViF2m2MremuS
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:26:14 2025 by rpki-client