Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TprwHPb3GLPaksLnZoobY1g8gQ4.roa
File: TprwHPb3GLPaksLnZoobY1g8gQ4.roa (raw, json)
Hash identifier: c0pDqEshVbCUmma82dNBKmUIHkwuXXL7z69ExmvrjDo=
Subject key identifier: 4E:9A:F0:1C:F6:F7:18:B3:DA:92:C2:E7:66:8A:1B:63:58:3C:81:0E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01974520AA42CA208C2E2324E37BB1DFABBE
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TprwHPb3GLPaksLnZoobY1g8gQ4.roa
Signing time: Fri 06 Jun 2025 12:04:17 +0000
ROA not before: Fri 06 Jun 2025 12:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21017
IP address blocks: 77.45.128.0/17 maxlen: 17
77.45.128.0/19 maxlen: 19
80.82.32.0/19 maxlen: 19
88.83.192.0/19 maxlen: 19
95.32.0.0/18 maxlen: 18
95.32.64.0/18 maxlen: 18
95.32.128.0/18 maxlen: 18
95.32.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 01:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:20:aa:42:ca:20:8c:2e:23:24:e3:7b:b1:df:ab:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 6 12:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e9af01cf6f718b3da92c2e7668a1b63583c810e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:14:3d:99:91:b8:51:4e:48:98:ed:2d:23:
c3:f2:75:85:50:bb:40:a0:41:a7:88:a5:29:7b:8c:
19:37:db:99:fd:53:01:3d:8e:b0:22:1f:71:64:ce:
f7:30:d9:aa:aa:7b:a6:54:6b:d4:a8:e4:2c:f7:c6:
1a:68:2f:24:90:5f:63:d3:27:13:75:8d:4a:5b:44:
82:67:65:7b:8a:19:4f:5f:b3:87:19:c7:60:60:dd:
4b:a6:6e:69:d8:0e:ed:2a:fc:6f:f1:c9:3b:18:00:
7e:98:39:17:cd:a0:c2:df:15:4a:ab:a5:21:2c:ff:
81:3d:be:d1:f9:b7:51:f0:cd:f8:f8:19:83:e5:6f:
8d:3e:ce:db:ae:e5:58:78:77:07:92:e5:3f:40:69:
91:e6:6a:0a:ea:25:62:29:8a:e5:a4:27:d9:f0:79:
77:37:59:1e:0f:2a:8a:c5:52:43:0d:40:62:56:b9:
93:48:8e:39:fc:7a:9b:8b:dc:57:a3:ac:d4:5f:bc:
fc:5a:d2:ef:89:53:76:b3:8b:7f:6b:f4:5c:23:76:
d1:b4:8e:5d:fd:13:a8:e6:1e:6a:ee:9f:f7:1f:02:
a3:ba:13:52:ed:a8:0d:41:19:68:65:1b:c0:d2:da:
aa:bd:15:7a:06:a6:5e:21:92:71:4b:91:8c:db:e5:
e5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9A:F0:1C:F6:F7:18:B3:DA:92:C2:E7:66:8A:1B:63:58:3C:81:0E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TprwHPb3GLPaksLnZoobY1g8gQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.45.128.0/17
80.82.32.0/19
88.83.192.0/19
95.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:0f:c1:3f:fa:cf:65:3a:14:49:2c:bb:e9:79:41:73:0c:1f:
3f:ae:dd:25:b5:be:a6:9d:db:5e:99:c6:3c:2d:c2:f6:d9:9c:
58:5d:0b:c2:d4:cb:71:f0:86:89:6e:73:bb:1c:c1:b8:b1:79:
31:ae:08:e7:e9:77:1e:28:b1:86:89:e7:29:c4:13:f9:65:f5:
73:31:ae:dc:a6:9d:f4:2e:be:47:27:df:6b:6f:47:ab:bb:cc:
d7:ac:58:33:bc:86:54:b2:b5:8b:0a:f8:21:ab:14:a9:57:a2:
4c:d8:3a:93:6a:82:dc:b3:a7:a5:28:e8:4b:91:76:a4:4e:8a:
19:7c:66:45:5b:28:ec:9d:23:fc:14:b0:af:78:3c:a3:d9:41:
94:1e:8e:18:7d:97:37:b4:5c:06:c0:f4:ff:5b:dd:a3:8b:03:
12:5b:d0:d9:e7:18:6e:91:45:d9:4f:7b:fe:ea:24:72:af:c1:
67:f4:72:15:35:7d:11:4e:93:55:1f:9d:a4:79:9a:d4:88:2a:
cd:19:59:70:e9:13:4b:c3:a6:28:4c:12:4f:b9:98:f0:63:80:
ca:c4:ef:b0:73:ca:1d:49:1e:79:0f:61:ee:17:b4:ee:c1:c7:
8c:50:a5:8a:65:df:7f:da:11:98:d7:3e:6e:27:c5:ea:56:37:
a1:a1:ea:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZdFIKpCyiCMLiMk43ux36u+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA2MTIwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTlhZjAxY2Y2ZjcxOGIzZGE5MmMyZTc2NjhhMWI2MzU4M2M4MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKAUPZmRuFFOSJjtLSPD8nWFULtA
oEGniKUpe4wZN9uZ/VMBPY6wIh9xZM73MNmqqnumVGvUqOQs98YaaC8kkF9j0ycT
dY1KW0SCZ2V7ihlPX7OHGcdgYN1Lpm5p2A7tKvxv8ck7GAB+mDkXzaDC3xVKq6Uh
LP+BPb7R+bdR8M34+BmD5W+NPs7bruVYeHcHkuU/QGmR5moK6iViKYrlpCfZ8Hl3
N1keDyqKxVJDDUBiVrmTSI45/Hqbi9xXo6zUX7z8WtLviVN2s4t/a/RcI3bRtI5d
/ROo5h5q7p/3HwKjuhNS7agNQRloZRvA0tqqvRV6BqZeIZJxS5GM2+XlgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6a8Bz29xiz2pLC52aKG2NYPIEOMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVHByd0hQYjNHTFBha3NMblpvb2JZMWc4Z1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQHTS2AAwQF
UFIgAwQFWFPAAwMAXyAwDQYJKoZIhvcNAQELBQADggEBAAIPwT/6z2U6FEksu+l5
QXMMHz+u3SW1vqad216ZxjwtwvbZnFhdC8LUy3Hwholuc7scwbixeTGuCOfpdx4o
sYaJ5ynEE/ll9XMxrtymnfQuvkcn32tvR6u7zNesWDO8hlSytYsK+CGrFKlXokzY
OpNqgtyzp6Uo6EuRdqROihl8ZkVbKOydI/wUsK94PKPZQZQejhh9lze0XAbA9P9b
3aOLAxJb0NnnGG6RRdlPe/7qJHKvwWf0chU1fRFOk1UfnaR5mtSIKs0ZWXDpE0vD
pihMEk+5mPBjgMrE77Bzyh1JHnkPYe4XtO7Bx4xQpYpl33/aEZjXPm4nxepWN6Gh
6sk=
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:04:11 2025 by rpki-client