Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/KZbQxsiRHs5YN9o-TB41tup8grs.roa
File: KZbQxsiRHs5YN9o-TB41tup8grs.roa (raw, json)
Hash identifier: lbxZF46nVuZIlOO3tq5CMkFz19fAyL6hszjHRAwWgM4=
Subject key identifier: 29:96:D0:C6:C8:91:1E:CE:58:37:DA:3E:4C:1E:35:B6:EA:7C:82:BB
Certificate issuer: /CN=e03f5500aefe6ab4dbde124073a37bc0dc331e80
Certificate serial: 019905143C4BC9BA16CD53394CAC84258D1B
Authority key identifier: E0:3F:55:00:AE:FE:6A:B4:DB:DE:12:40:73:A3:7B:C0:DC:33:1E:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4D9VAK7-arTb3hJAc6N7wNwzHoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/KZbQxsiRHs5YN9o-TB41tup8grs.roa
Signing time: Mon 01 Sep 2025 11:40:36 +0000
ROA not before: Mon 01 Sep 2025 11:40:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16074
IP address blocks: 145.77.32.0/21 maxlen: 24
145.77.32.0/22 maxlen: 24
145.77.36.0/22 maxlen: 24
145.77.42.0/23 maxlen: 24
145.77.44.0/23 maxlen: 24
145.77.46.0/23 maxlen: 24
145.77.48.0/23 maxlen: 24
145.77.50.0/23 maxlen: 24
145.77.52.0/22 maxlen: 24
145.77.56.0/22 maxlen: 24
145.77.60.0/22 maxlen: 24
145.77.64.0/19 maxlen: 24
145.77.64.0/20 maxlen: 24
145.77.80.0/20 maxlen: 24
145.77.96.0/20 maxlen: 24
145.77.96.0/21 maxlen: 24
145.77.104.0/21 maxlen: 24
145.77.224.0/20 maxlen: 24
145.77.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/4D9VAK7-arTb3hJAc6N7wNwzHoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/4D9VAK7-arTb3hJAc6N7wNwzHoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4D9VAK7-arTb3hJAc6N7wNwzHoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:14:3c:4b:c9:ba:16:cd:53:39:4c:ac:84:25:8d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e03f5500aefe6ab4dbde124073a37bc0dc331e80
Validity
Not Before: Sep 1 11:40:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2996d0c6c8911ece5837da3e4c1e35b6ea7c82bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:a5:0f:a8:32:8e:30:cb:20:ed:18:a0:c1:
d3:2c:cf:54:d5:7f:47:1f:26:b5:c3:4f:47:b7:27:
e6:ca:00:ee:e9:fe:ce:4b:02:03:26:d6:26:a3:f8:
ff:79:67:21:49:7f:29:8a:15:1a:ef:18:8d:ea:69:
67:a1:ff:07:f0:ca:77:4f:2f:1b:d3:22:bf:66:74:
a1:8d:90:f6:7a:08:8c:53:19:00:52:01:86:a3:8d:
72:fd:38:23:ec:06:7f:ba:de:ae:5e:18:c9:57:92:
fd:d2:73:52:8b:76:30:43:04:4d:6e:e1:fc:b7:94:
fd:22:09:2a:86:86:01:35:58:b8:54:91:4f:14:cb:
28:45:af:ed:a6:e3:40:63:cd:fa:b1:bd:55:81:65:
d5:ba:47:c1:3b:f0:07:b1:b6:69:54:26:f6:fb:b4:
30:58:cd:21:12:08:8d:68:fc:85:79:cc:a7:9c:05:
75:f1:2d:96:a8:e1:28:ec:30:9b:38:dc:c4:2e:f9:
5d:63:9c:d3:7b:f2:e0:29:3a:da:09:9a:a8:f7:31:
4d:9c:a8:3d:30:88:9b:dd:f2:fa:f4:52:70:7d:3e:
bc:d7:14:68:a9:0e:11:30:5f:2f:d7:3d:31:c7:80:
7e:bf:02:59:4c:3f:ed:92:dd:62:a4:29:86:cb:a8:
14:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:D0:C6:C8:91:1E:CE:58:37:DA:3E:4C:1E:35:B6:EA:7C:82:BB
X509v3 Authority Key Identifier:
keyid:E0:3F:55:00:AE:FE:6A:B4:DB:DE:12:40:73:A3:7B:C0:DC:33:1E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4D9VAK7-arTb3hJAc6N7wNwzHoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/KZbQxsiRHs5YN9o-TB41tup8grs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/27db7b-c0a2-4892-9047-3ac565dcdf73/1/4D9VAK7-arTb3hJAc6N7wNwzHoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.77.32.0/21
145.77.42.0-145.77.111.255
145.77.224.0/20
Signature Algorithm: sha256WithRSAEncryption
58:81:45:e1:5c:a5:2a:ed:c0:69:6f:55:8a:88:9b:70:7a:ba:
4a:57:13:40:4d:1f:ed:7c:cb:bb:d9:25:53:e6:79:b2:6d:7f:
e8:95:6f:f8:f2:87:49:24:fc:28:52:33:dd:a8:4d:e1:af:72:
b2:0a:71:08:2d:69:7f:c6:93:1c:02:4c:8d:dd:68:43:60:ab:
61:24:3f:7a:ee:11:1f:31:94:9c:95:42:38:15:e7:57:a9:2c:
93:e7:5d:46:46:14:65:c9:30:4f:25:16:28:d1:34:6f:dc:54:
8e:a7:5d:bf:31:84:d4:c7:17:b6:96:cb:6d:f0:e4:fd:4e:90:
f1:85:e4:39:4d:b2:04:0f:92:4f:03:44:40:87:77:8a:9a:58:
b4:e0:ad:c2:2b:11:21:4b:96:8e:2d:09:52:c5:3f:2a:a5:59:
47:61:8b:0b:41:bf:84:b4:c0:b3:3b:0c:4a:1a:59:28:8c:b8:
3e:64:d6:fc:e5:53:4b:8a:35:cb:b8:40:6f:5e:dd:26:0c:65:
79:ed:58:90:60:0d:05:ca:f2:76:22:2c:1c:8a:9f:7a:4e:aa:
31:39:6c:13:d0:d4:ed:ef:47:27:4a:4e:d6:42:52:18:4f:62:
07:31:b0:ab:8d:fa:0e:91:11:8e:ac:2c:6a:a0:a6:fd:6a:54:
8d:b2:06:d9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZkFFDxLyboWzVM5TKyEJY0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwM2Y1NTAwYWVmZTZhYjRkYmRlMTI0MDczYTM3YmMwZGMz
MzFlODAwHhcNMjUwOTAxMTE0MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk2ZDBjNmM4OTExZWNlNTgzN2RhM2U0YzFlMzViNmVhN2M4MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOOlD6gyjjDLIO0YoMHTLM9U1X9H
Hya1w09HtyfmygDu6f7OSwIDJtYmo/j/eWchSX8pihUa7xiN6mlnof8H8Mp3Ty8b
0yK/ZnShjZD2egiMUxkAUgGGo41y/Tgj7AZ/ut6uXhjJV5L90nNSi3YwQwRNbuH8
t5T9IgkqhoYBNVi4VJFPFMsoRa/tpuNAY836sb1VgWXVukfBO/AHsbZpVCb2+7Qw
WM0hEgiNaPyFecynnAV18S2WqOEo7DCbONzELvldY5zTe/LgKTraCZqo9zFNnKg9
MIib3fL69FJwfT681xRoqQ4RMF8v1z0xx4B+vwJZTD/tkt1ipCmGy6gUdQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCmW0MbIkR7OWDfaPkweNbbqfIK7MB8GA1UdIwQY
MBaAFOA/VQCu/mq0294SQHOje8DcMx6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEQ5VkFLNy1hclRiM2hKQWM2Tjd3Tnd6SG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yN2RiN2ItYzBhMi00ODkyLTkwNDct
M2FjNTY1ZGNkZjczLzEvS1piUXhzaVJIczVZTjlvLVRCNDF0dXA4Z3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yN2RiN2ItYzBhMi00ODkyLTkwNDctM2FjNTY1ZGNkZjcz
LzEvNEQ5VkFLNy1hclRiM2hKQWM2Tjd3Tnd6SG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDkU0gMAwD
BAGRTSoDBASRTWADBASRTeAwDQYJKoZIhvcNAQELBQADggEBAFiBReFcpSrtwGlv
VYqIm3B6ukpXE0BNH+18y7vZJVPmebJtf+iVb/jyh0kk/ChSM92oTeGvcrIKcQgt
aX/GkxwCTI3daENgq2EkP3ruER8xlJyVQjgV51epLJPnXUZGFGXJME8lFijRNG/c
VI6nXb8xhNTHF7aWy23w5P1OkPGF5DlNsgQPkk8DRECHd4qaWLTgrcIrESFLlo4t
CVLFPyqlWUdhiwtBv4S0wLM7DEoaWSiMuD5k1vzlU0uKNcu4QG9e3SYMZXntWJBg
DQXK8nYiLByKn3pOqjE5bBPQ1O3vRydKTtZCUhhPYgcxsKuN+g6REY6sLGqgpv1q
VI2yBtk=
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:14:50 2025 by rpki-client