Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/d9E6C3QPOt9u78MI9SfBmesK5F0.roa
File: d9E6C3QPOt9u78MI9SfBmesK5F0.roa (raw, json)
Hash identifier: h3w+IvIr5e7qvP+/FTOi1Iivorry4KUdkg2Suq8DTl0=
Subject key identifier: 77:D1:3A:0B:74:0F:3A:DF:6E:EF:C3:08:F5:27:C1:99:EB:0A:E4:5D
Certificate issuer: /CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Certificate serial: 0196E90265919B824AABC41616B420C92B83
Authority key identifier: AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/d9E6C3QPOt9u78MI9SfBmesK5F0.roa
Signing time: Mon 19 May 2025 14:46:10 +0000
ROA not before: Mon 19 May 2025 14:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62105
IP address blocks: 137.59.8.0/22 maxlen: 22
185.225.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 08:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:02:65:91:9b:82:4a:ab:c4:16:16:b4:20:c9:2b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Validity
Not Before: May 19 14:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77d13a0b740f3adf6eefc308f527c199eb0ae45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2e:e4:07:22:c6:d5:91:75:9a:61:8c:25:07:
bd:32:ad:ee:8d:64:9a:03:94:4e:04:fe:9d:2b:4e:
03:2e:f8:9f:c7:54:93:75:91:83:d8:26:6a:cf:e4:
c3:1a:3e:eb:df:88:63:60:4e:57:72:db:8a:e2:e8:
b0:c3:77:ae:28:31:08:cc:81:33:db:dd:00:b2:c6:
9b:a8:76:5b:25:ba:bd:f2:d3:51:f7:1e:2e:d8:7b:
ba:5d:f8:5c:87:11:41:32:aa:bc:d9:e8:48:93:c4:
aa:e1:4e:40:00:0f:a7:05:86:5e:86:6d:d2:7e:1b:
2a:1c:1c:c7:ca:97:3f:3c:e8:06:85:3f:49:91:20:
30:6b:77:09:2b:1d:95:2d:84:45:ec:14:84:83:0c:
b6:0c:35:36:1e:b5:99:eb:b8:bb:56:54:da:de:af:
11:12:c5:70:69:90:19:d3:7b:78:2c:60:93:2e:be:
29:03:5d:f8:b2:99:49:e6:a5:45:98:9d:f2:00:1c:
37:47:41:19:82:f2:07:17:d3:36:cf:ca:77:fa:4e:
b6:5f:00:5d:6b:55:42:5b:fa:54:74:95:d3:ac:7d:
63:a7:1f:59:41:69:0a:2d:16:08:05:97:bb:5a:6e:
fc:27:b1:e1:b3:20:53:cd:3c:74:87:0b:ae:8c:3c:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D1:3A:0B:74:0F:3A:DF:6E:EF:C3:08:F5:27:C1:99:EB:0A:E4:5D
X509v3 Authority Key Identifier:
keyid:AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/d9E6C3QPOt9u78MI9SfBmesK5F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.59.8.0/22
185.225.36.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:14:f8:79:65:a2:b4:16:22:9b:46:eb:4a:d1:a0:dd:fe:91:
64:6d:e3:7c:e2:6e:2c:0a:19:48:6a:d4:34:5d:a3:72:56:85:
5d:55:65:4b:3b:76:89:77:34:02:b6:7e:3f:7a:b3:9c:52:15:
a0:a9:75:a6:f4:d1:94:40:1c:62:f1:76:bd:fc:5f:b6:2f:17:
10:83:35:2c:d8:6f:1f:60:72:22:41:62:25:8b:a1:41:9c:f0:
56:89:67:12:be:75:36:d2:d6:ca:f4:f5:34:9f:82:53:16:12:
fc:c1:b8:7e:1c:09:31:54:95:93:db:76:a2:55:53:2a:48:f0:
be:02:ef:26:c5:4b:80:10:96:22:cf:91:7d:60:87:63:85:86:
fc:24:e2:55:3b:e7:41:37:ac:c6:ab:2e:e3:22:94:95:66:a9:
96:fe:fd:75:62:32:0d:c4:b5:f0:82:10:ae:5a:d5:60:b0:9b:
04:fa:9b:42:c6:8b:d9:f1:60:48:11:eb:84:49:c4:90:30:3e:
79:f7:67:be:7c:ea:f4:5e:2f:0f:aa:f5:97:a3:9a:81:9b:a5:
5d:96:aa:64:d0:09:5c:b3:97:fd:3b:b5:c5:77:93:43:0d:6a:
2c:44:44:cb:ce:a7:68:0d:8f:bb:9d:92:3b:89:d3:77:0e:f3:
42:74:6d:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbpAmWRm4JKq8QWFrQgySuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzY3MDY5OGNmYWVmMjY0N2ZiYzlhMDZmNzM4MDg1NmUy
YjMwMjcwHhcNMjUwNTE5MTQ0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QxM2EwYjc0MGYzYWRmNmVlZmMzMDhmNTI3YzE5OWViMGFlNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS7kByLG1ZF1mmGMJQe9Mq3ujWSa
A5ROBP6dK04DLvifx1STdZGD2CZqz+TDGj7r34hjYE5XctuK4uiww3euKDEIzIEz
290AssabqHZbJbq98tNR9x4u2Hu6XfhchxFBMqq82ehIk8Sq4U5AAA+nBYZehm3S
fhsqHBzHypc/POgGhT9JkSAwa3cJKx2VLYRF7BSEgwy2DDU2HrWZ67i7VlTa3q8R
EsVwaZAZ03t4LGCTLr4pA134splJ5qVFmJ3yABw3R0EZgvIHF9M2z8p3+k62XwBd
a1VCW/pUdJXTrH1jpx9ZQWkKLRYIBZe7Wm78J7HhsyBTzTx0hwuujDx3fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfROgt0Dzrfbu/DCPUnwZnrCuRdMB8GA1UdIwQY
MBaAFKx2cGmM+u8mR/vJoG9zgIVuKzAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYt
OWUwNDQwOTJiODI2LzEvZDlFNkMzUVBPdDl1NzhNSTlTZkJtZXNLNUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYtOWUwNDQwOTJiODI2
LzEvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCiTsIAwQC
ueEkMA0GCSqGSIb3DQEBCwUAA4IBAQDNFPh5ZaK0FiKbRutK0aDd/pFkbeN84m4s
ChlIatQ0XaNyVoVdVWVLO3aJdzQCtn4/erOcUhWgqXWm9NGUQBxi8Xa9/F+2LxcQ
gzUs2G8fYHIiQWIli6FBnPBWiWcSvnU20tbK9PU0n4JTFhL8wbh+HAkxVJWT23ai
VVMqSPC+Au8mxUuAEJYiz5F9YIdjhYb8JOJVO+dBN6zGqy7jIpSVZqmW/v11YjIN
xLXwghCuWtVgsJsE+ptCxovZ8WBIEeuEScSQMD5592e+fOr0Xi8PqvWXo5qBm6Vd
lqpk0Alcs5f9O7XFd5NDDWosRETLzqdoDY+7nZI7idN3DvNCdG3G
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:50:53 2025 by rpki-client