Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/gZi_7JA5qziFqME_tDmOXyw7uR4.roa
File: gZi_7JA5qziFqME_tDmOXyw7uR4.roa (raw, json)
Hash identifier: Wy99R19BlS4ZrdyS8rbKqkPBO49NC9ANSDY2e0Nh5LU=
Subject key identifier: 81:98:BF:EC:90:39:AB:38:85:A8:C1:3F:B4:39:8E:5F:2C:3B:B9:1E
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0197CF4F2EED7CCE19928FB6556A294B3DBB
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/gZi_7JA5qziFqME_tDmOXyw7uR4.roa
Signing time: Thu 03 Jul 2025 08:02:42 +0000
ROA not before: Thu 03 Jul 2025 08:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
103.127.47.0/24 maxlen: 24
185.152.60.0/23 maxlen: 23
185.152.61.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 20:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:4f:2e:ed:7c:ce:19:92:8f:b6:55:6a:29:4b:3d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Jul 3 08:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8198bfec9039ab3885a8c13fb4398e5f2c3bb91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:71:b9:36:2e:f0:d0:ae:46:d5:43:1d:37:38:
50:2d:38:69:5e:64:5c:96:c2:d9:8b:72:b9:9b:aa:
d8:66:ae:1f:d5:23:3e:ea:ce:d8:af:b0:36:d8:0d:
75:0d:20:ee:da:7c:d2:85:99:e4:25:76:08:26:2f:
08:d8:22:d1:f5:e9:a0:6b:b2:af:d2:cb:46:2d:1d:
12:b7:17:0f:7c:72:b4:c1:4d:e6:68:c7:7d:df:6b:
05:f5:cb:de:99:9f:e4:29:7f:4a:dd:60:fe:29:f0:
aa:aa:39:40:3a:59:85:b1:2c:ef:fe:f7:47:ab:b9:
c6:9f:46:94:e2:13:5c:1d:c6:e5:f2:42:3e:01:fd:
03:25:66:d2:ae:4e:1a:86:eb:39:33:64:a7:34:90:
04:ca:c1:d8:05:53:a1:b5:2f:c7:e2:43:70:d6:b9:
1c:7a:b2:0d:46:d2:49:1f:66:90:1f:f2:2e:34:a1:
a4:31:79:19:b7:a7:d1:a3:45:1b:bd:2c:0c:c8:81:
52:e5:6a:91:a2:83:5b:23:f9:cf:a0:e0:34:65:4f:
42:64:5f:52:b7:55:2e:59:60:2a:f2:76:da:d1:ab:
49:2a:19:55:eb:63:cc:91:2d:8b:7d:31:ab:c3:67:
8b:36:bb:32:b7:97:05:eb:d7:8d:ac:b6:31:21:fa:
3a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:98:BF:EC:90:39:AB:38:85:A8:C1:3F:B4:39:8E:5F:2C:3B:B9:1E
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/gZi_7JA5qziFqME_tDmOXyw7uR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
103.127.47.0/24
185.152.60.0/23
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
50:81:23:4c:e8:2d:7b:3e:64:0d:ab:15:26:4b:63:9d:ba:a2:
eb:21:cd:25:ea:ed:d0:7b:13:1d:14:ec:94:1b:6c:75:be:24:
9a:ba:5e:a5:c1:53:63:de:3b:d1:f8:d8:44:8e:ed:47:92:d0:
5b:74:3a:91:89:3d:71:55:21:07:12:c7:5e:92:1a:56:5a:f2:
fc:99:66:71:d0:f9:a7:b3:a6:1a:3f:81:76:69:7f:c1:85:88:
64:e3:21:48:d2:3d:83:bb:d8:40:c8:fc:f5:4d:bd:e1:eb:e6:
c6:3d:a6:40:16:eb:11:10:7c:79:b4:89:4d:77:ce:75:29:6f:
b9:0f:e1:c2:92:f3:80:ae:de:2e:9a:93:01:9b:95:5a:6d:38:
68:5d:f3:f4:90:57:05:f2:e9:39:2b:3d:83:07:dd:29:02:ce:
16:de:bb:60:7a:ad:ee:77:af:09:b1:e0:16:b5:1b:8a:11:ad:
b7:60:43:81:1a:90:80:83:78:dc:80:f6:02:95:38:ad:09:f9:
e9:28:fa:a3:28:82:33:d8:7b:88:ec:08:58:5b:cf:c2:26:82:
b6:db:f3:e0:06:c2:90:60:b0:c7:99:4e:ba:4a:e3:fe:94:7a:
6b:83:30:1b:17:b6:52:c1:43:d8:f9:0e:5d:b1:21:da:a8:8f:
62:f9:94:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZfPTy7tfM4Zko+2VWopSz27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwNzAzMDgwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTk4YmZlYzkwMzlhYjM4ODVhOGMxM2ZiNDM5OGU1ZjJjM2JiOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3G5Ni7w0K5G1UMdNzhQLThpXmRc
lsLZi3K5m6rYZq4f1SM+6s7Yr7A22A11DSDu2nzShZnkJXYIJi8I2CLR9emga7Kv
0stGLR0StxcPfHK0wU3maMd932sF9cvemZ/kKX9K3WD+KfCqqjlAOlmFsSzv/vdH
q7nGn0aU4hNcHcbl8kI+Af0DJWbSrk4ahus5M2SnNJAEysHYBVOhtS/H4kNw1rkc
erINRtJJH2aQH/IuNKGkMXkZt6fRo0UbvSwMyIFS5WqRooNbI/nPoOA0ZU9CZF9S
t1UuWWAq8nba0atJKhlV62PMkS2LfTGrw2eLNrsyt5cF69eNrLYxIfo6ZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIGYv+yQOas4hajBP7Q5jl8sO7keMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvZ1ppXzdKQTVxemlGcU1FX3REbU9YeXc3dVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ2rAwQA
Z38vAwQBuZg8AwQAub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
gSNM6C17PmQNqxUmS2OduqLrIc0l6u3QexMdFOyUG2x1viSaul6lwVNj3jvR+NhE
ju1HktBbdDqRiT1xVSEHEsdekhpWWvL8mWZx0Pmns6YaP4F2aX/BhYhk4yFI0j2D
u9hAyPz1Tb3h6+bGPaZAFusREHx5tIlNd851KW+5D+HCkvOArt4umpMBm5VabTho
XfP0kFcF8uk5Kz2DB90pAs4W3rtgeq3ud68JseAWtRuKEa23YEOBGpCAg3jcgPYC
lTitCfnpKPqjKIIz2HuI7AhYW8/CJoK22/PgBsKQYLDHmU66SuP+lHprgzAbF7ZS
wUPY+Q5dsSHaqI9i+ZSO
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:28:55 2025 by rpki-client