Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/wA79bxojlBeymQnDGF25llNuKqI.roa
File: wA79bxojlBeymQnDGF25llNuKqI.roa (raw, json)
Hash identifier: 2cRW3MWuI5UWx6tOks8eilK5VMU5rdnNyhxMMnKDdeo=
Subject key identifier: C0:0E:FD:6F:1A:23:94:17:B2:99:09:C3:18:5D:B9:96:53:6E:2A:A2
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01980CF65C3E2440A639DA2B8FCC6ED621EB
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/wA79bxojlBeymQnDGF25llNuKqI.roa
Signing time: Tue 15 Jul 2025 07:22:08 +0000
ROA not before: Tue 15 Jul 2025 07:22:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
82.118.242.0/24 maxlen: 24
84.201.224.0/20 maxlen: 20
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0c:f6:5c:3e:24:40:a6:39:da:2b:8f:cc:6e:d6:21:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jul 15 07:22:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c00efd6f1a239417b29909c3185db996536e2aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:57:87:a4:71:03:a6:01:eb:ad:24:d7:ee:
0b:0a:1e:88:98:f1:1d:ba:68:35:f5:68:c6:b6:22:
a9:ea:cf:a1:a1:4b:a1:3a:f6:cb:d3:4b:46:65:46:
d9:6a:0f:b5:b2:8f:14:26:e5:4d:5f:1c:33:39:2b:
f7:a0:1a:cb:c4:c3:3d:b1:46:0e:0c:ba:c9:0b:1e:
dd:da:01:2e:cc:6f:91:12:b7:c9:5a:c2:d7:78:ad:
5b:1e:e8:f2:bb:4e:da:48:c0:24:8d:41:1e:43:aa:
a5:12:bc:51:98:a3:f5:17:f3:09:1e:31:b1:93:67:
81:b7:c6:d9:bf:03:a4:0c:95:46:b3:04:36:1a:44:
72:ae:81:31:fd:1a:88:c6:2a:2c:ae:09:d2:12:53:
d3:32:fa:f5:4c:47:34:17:6d:bc:89:cb:83:76:0f:
c7:28:8b:84:dc:d6:38:3e:85:3d:db:59:29:bf:3e:
dc:0f:c1:bf:e4:76:cc:b6:d6:da:04:e8:ec:0d:93:
99:68:77:30:06:01:73:aa:01:b3:6d:26:3c:ba:9b:
0f:9f:2d:6f:d5:a8:30:aa:7b:2e:9c:61:cd:e2:6a:
46:74:7f:e9:32:a5:ec:d4:bf:bd:8a:49:a8:00:27:
e5:c0:21:d4:37:d2:b7:cd:12:aa:04:ad:c1:a4:eb:
8d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0E:FD:6F:1A:23:94:17:B2:99:09:C3:18:5D:B9:96:53:6E:2A:A2
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/wA79bxojlBeymQnDGF25llNuKqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.128.120.0/22
78.142.10.0-78.142.15.255
78.142.30.0/23
82.118.242.0/24
84.201.224.0/20
91.148.162.0-91.148.165.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:a8:df:87:f0:d2:ca:ba:9f:fe:06:1d:fc:be:d5:f8:13:7d:
a2:32:05:dd:df:4e:5b:c8:35:1f:61:7e:27:9c:e0:35:d6:d4:
4e:78:1b:34:8a:ff:bf:7d:75:04:c4:24:bf:4c:46:56:74:cd:
de:a9:92:6c:3d:40:3d:b8:03:6b:45:b5:44:10:ed:86:0e:8a:
eb:a6:69:d8:2c:87:6e:c2:e4:59:b4:90:54:7a:73:14:4e:a5:
3c:01:78:32:5d:10:f5:df:5f:8e:60:a5:10:c3:57:3f:5c:75:
83:81:85:00:0f:1d:e6:d1:25:bf:b9:40:25:cc:ad:b4:a5:9e:
bf:11:0e:b5:2c:92:a7:2d:eb:b7:8a:99:c2:c9:0e:01:da:9b:
6e:15:e7:de:72:bc:ad:8c:2e:80:1e:21:8e:c8:66:e7:67:aa:
83:09:99:c2:85:cf:50:46:2d:f6:0b:90:b2:75:b6:d2:93:bd:
63:90:df:d8:62:3c:12:1f:84:a0:d7:e1:d6:b8:57:7b:3a:9a:
19:e5:04:fd:a2:2e:b2:3e:c6:0c:f5:13:81:df:7a:19:57:98:
6d:5a:80:85:99:6b:a0:02:18:d5:bd:f4:03:00:c1:b1:e7:c4:
a6:69:15:75:69:d7:2f:e6:72:d2:28:49:58:13:4c:00:e5:2a:
81:97:11:67
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZgM9lw+JECmOdorj8xu1iHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNzE1MDcyMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBlZmQ2ZjFhMjM5NDE3YjI5OTA5YzMxODVkYjk5NjUzNmUyYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytxXh6RxA6YB660k1+4LCh6ImPEd
umg19WjGtiKp6s+hoUuhOvbL00tGZUbZag+1so8UJuVNXxwzOSv3oBrLxMM9sUYO
DLrJCx7d2gEuzG+RErfJWsLXeK1bHujyu07aSMAkjUEeQ6qlErxRmKP1F/MJHjGx
k2eBt8bZvwOkDJVGswQ2GkRyroEx/RqIxiosrgnSElPTMvr1TEc0F228icuDdg/H
KIuE3NY4PoU921kpvz7cD8G/5HbMttbaBOjsDZOZaHcwBgFzqgGzbSY8upsPny1v
1agwqnsunGHN4mpGdH/pMqXs1L+9ikmoACflwCHUN9K3zRKqBK3BpOuNKwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFMAO/W8aI5QXspkJwxhduZZTbiqiMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvd0E3OWJ4b2psQmV5bVFuREdGMjVsbE51S3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAJN
TAQwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJOgDQDBAJOgDgwDAME
AU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0AwQCToB4MAwDBAFO
jgoDBAROjgADBAFOjh4DBABSdvIDBARUyeAwDAMEAVuUogMEAVuUpDAMAwQAW5Sp
AwQDW5SwAwQBW5S6AwQAgrnjAwQCwRjwAwQBwcgOMA0GCSqGSIb3DQEBCwUAA4IB
AQAcqN+H8NLKup/+Bh38vtX4E32iMgXd305byDUfYX4nnOA11tROeBs0iv+/fXUE
xCS/TEZWdM3eqZJsPUA9uANrRbVEEO2GDorrpmnYLIduwuRZtJBUenMUTqU8AXgy
XRD131+OYKUQw1c/XHWDgYUADx3m0SW/uUAlzK20pZ6/EQ61LJKnLeu3ipnCyQ4B
2ptuFefecrytjC6AHiGOyGbnZ6qDCZnChc9QRi32C5CydbbSk71jkN/YYjwSH4Sg
1+HWuFd7OpoZ5QT9oi6yPsYM9ROB33oZV5htWoCFmWugAhjVvfQDAMGx58SmaRV1
adcv5nLSKElYE0wA5SqBlxFn
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:59:18 2025 by rpki-client