Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/5XSs95Ubgx3AmQjCtcwc9kipgqo.roa
File: 5XSs95Ubgx3AmQjCtcwc9kipgqo.roa (raw, json)
Hash identifier: W1QuAOuGtR5IQsNm8mAqSkXh18EH2NzjwhA/lLQEsCs=
Subject key identifier: E5:74:AC:F7:95:1B:83:1D:C0:99:08:C2:B5:CC:1C:F6:48:A9:82:AA
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 0197E9D1A02CE96A67F1CA492F096AC186E7
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/5XSs95Ubgx3AmQjCtcwc9kipgqo.roa
Signing time: Tue 08 Jul 2025 11:35:18 +0000
ROA not before: Tue 08 Jul 2025 11:35:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 37.77.64.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.66.0/24 maxlen: 24
37.77.67.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
37.77.72.0/24 maxlen: 24
37.77.73.0/24 maxlen: 24
37.77.74.0/24 maxlen: 24
37.77.75.0/24 maxlen: 24
37.77.76.0/24 maxlen: 24
37.77.77.0/24 maxlen: 24
37.77.78.0/24 maxlen: 24
37.77.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:d1:a0:2c:e9:6a:67:f1:ca:49:2f:09:6a:c1:86:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jul 8 11:35:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e574acf7951b831dc09908c2b5cc1cf648a982aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8e:4a:ab:e7:5a:54:48:87:13:40:27:b5:4e:
57:a3:b9:66:6f:fd:c5:01:ba:76:c4:31:bb:8d:dc:
6f:d7:57:22:2f:22:6e:19:7d:de:18:77:1c:03:d7:
44:e9:c6:4e:41:30:2a:21:52:cb:f9:e9:db:93:b1:
25:22:49:a4:c6:05:4d:28:28:3b:ed:c2:f0:3e:fb:
96:dc:1e:89:17:0b:28:17:04:63:00:53:1b:b3:dd:
71:a3:7d:9c:1d:90:2f:85:d3:f8:59:03:96:e0:bc:
2d:f1:bd:69:48:ee:cd:1a:ea:e8:5e:8c:b5:ef:a9:
88:8b:e2:b6:cd:83:25:16:84:a3:10:59:f5:dc:96:
3d:f1:f3:83:5c:01:3e:d6:2f:47:1f:88:62:4b:85:
fd:79:01:18:f2:38:d4:c1:12:6d:55:b9:8c:3e:2e:
59:dc:ec:23:c6:ad:0d:6a:9b:0d:45:b4:16:ec:36:
04:fb:00:d0:9c:6f:f5:c7:e0:21:39:fc:70:a9:81:
d7:ea:35:b9:f9:17:e7:ef:c0:ec:c6:c3:5f:6e:53:
ae:f2:cd:c0:1b:08:8b:ea:45:7b:ba:4e:3b:69:e4:
e6:c3:79:d1:d2:90:3d:a8:80:73:ed:ad:25:5b:4d:
e6:0e:25:7b:7d:cc:9d:4e:02:8e:c1:77:bc:33:a0:
ef:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:74:AC:F7:95:1B:83:1D:C0:99:08:C2:B5:CC:1C:F6:48:A9:82:AA
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/5XSs95Ubgx3AmQjCtcwc9kipgqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:06:8e:0a:ae:26:73:67:f7:57:a1:0c:3a:8e:79:fe:8f:71:
46:8f:dd:21:9c:ee:e8:dd:e9:5a:0b:5e:3a:93:55:7f:0a:cf:
54:e1:54:0a:22:de:66:15:ae:4f:86:9a:00:2e:a3:a8:e0:cc:
07:98:93:24:f5:4b:69:d9:1e:df:6b:e9:1a:e7:0c:1c:8c:f8:
36:af:f6:67:b4:24:ae:77:e3:1b:53:3b:d6:a4:13:7a:35:04:
b2:1c:0c:c6:90:53:76:ff:64:46:b8:04:6f:2e:21:76:2b:18:
b5:56:43:2b:83:20:ff:1f:6e:5f:eb:ef:1a:41:34:e0:01:37:
a6:81:8d:24:4b:e5:58:ee:da:7f:b3:22:67:8b:87:ad:5f:59:
e2:65:b3:6c:8d:dc:49:f5:62:bb:6f:d7:a4:61:81:ce:28:bb:
01:40:0c:6f:fd:e3:ed:1f:3c:5d:f2:c3:25:ad:cb:81:29:41:
c0:59:2f:45:4d:78:3c:5b:15:24:f7:12:eb:ca:cc:eb:35:e1:
d7:c5:23:f6:09:d1:7b:18:87:43:5e:d2:e6:f4:b8:9e:8e:76:
eb:23:26:07:81:47:ec:27:4b:75:01:fe:cc:e5:82:36:3f:85:
1e:37:b4:47:0c:98:f6:e6:7b:09:10:11:b0:42:a3:35:0c:0e:
e3:f6:a8:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfp0aAs6Wpn8cpJLwlqwYbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjUwNzA4MTEzNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc0YWNmNzk1MWI4MzFkYzA5OTA4YzJiNWNjMWNmNjQ4YTk4MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY5Kq+daVEiHE0AntU5Xo7lmb/3F
Abp2xDG7jdxv11ciLyJuGX3eGHccA9dE6cZOQTAqIVLL+enbk7ElIkmkxgVNKCg7
7cLwPvuW3B6JFwsoFwRjAFMbs91xo32cHZAvhdP4WQOW4Lwt8b1pSO7NGuroXoy1
76mIi+K2zYMlFoSjEFn13JY98fODXAE+1i9HH4hiS4X9eQEY8jjUwRJtVbmMPi5Z
3Owjxq0NapsNRbQW7DYE+wDQnG/1x+AhOfxwqYHX6jW5+Rfn78DsxsNfblOu8s3A
GwiL6kV7uk47aeTmw3nR0pA9qIBz7a0lW03mDiV7fcydTgKOwXe8M6DvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOV0rPeVG4MdwJkIwrXMHPZIqYKqMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvNVhTczk1VWJneDNBbVFqQ3Rjd2M5a2lwZ3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJU1AMA0G
CSqGSIb3DQEBCwUAA4IBAQAcBo4KriZzZ/dXoQw6jnn+j3FGj90hnO7o3elaC146
k1V/Cs9U4VQKIt5mFa5PhpoALqOo4MwHmJMk9Utp2R7fa+ka5wwcjPg2r/ZntCSu
d+MbUzvWpBN6NQSyHAzGkFN2/2RGuARvLiF2Kxi1VkMrgyD/H25f6+8aQTTgATem
gY0kS+VY7tp/syJni4etX1niZbNsjdxJ9WK7b9ekYYHOKLsBQAxv/ePtHzxd8sMl
rcuBKUHAWS9FTXg8WxUk9xLryszrNeHXxSP2CdF7GIdDXtLm9LiejnbrIyYHgUfs
J0t1Af7M5YI2P4UeN7RHDJj25nsJEBGwQqM1DA7j9qjV
-----END CERTIFICATE-----
Generated at Sun Jul 20 09:40:45 2025 by rpki-client