Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bIzgxTu-lxalS1Zi-RqcDkVpOos.roa
File: bIzgxTu-lxalS1Zi-RqcDkVpOos.roa (raw, json)
Hash identifier: x9Tcw2/d8+ZTyxPLiwqDKPN9dG9M68S5ITABVezLQyw=
Subject key identifier: 6C:8C:E0:C5:3B:BE:97:16:A5:4B:56:62:F9:1A:9C:0E:45:69:3A:8B
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01990531801C2EE868671C6FDBDD5E041DC5
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bIzgxTu-lxalS1Zi-RqcDkVpOos.roa
Signing time: Mon 01 Sep 2025 12:12:34 +0000
ROA not before: Mon 01 Sep 2025 12:12:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.74.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.81.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.141.0/24 maxlen: 24
188.132.146.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.171.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
188.132.237.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 21:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:31:80:1c:2e:e8:68:67:1c:6f:db:dd:5e:04:1d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Sep 1 12:12:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c8ce0c53bbe9716a54b5662f91a9c0e45693a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e7:32:35:8b:14:d6:a9:20:37:75:98:ac:6a:
78:e3:b6:33:ff:5a:74:0d:90:fe:29:19:2c:b1:e9:
9c:3f:b1:5f:cc:67:87:8e:d1:ec:77:07:1b:39:b1:
ae:cf:80:96:99:47:67:bc:c3:d8:71:4d:0b:3b:aa:
94:5e:76:fa:4c:08:17:e0:91:e7:e8:43:c8:62:ce:
ee:60:23:a3:aa:6f:d9:c4:4e:0d:dd:b8:2a:ae:73:
a6:6f:50:b0:06:23:06:33:db:3e:67:09:69:7a:52:
1b:ec:4f:83:f6:13:c9:bd:6e:7c:6d:c2:64:d3:d3:
37:b2:0b:78:94:0c:d9:f6:42:fd:99:1e:87:6c:e5:
c6:a1:7b:16:05:de:17:62:6e:b5:67:4a:26:3b:a8:
02:63:51:d5:94:a4:ca:ee:61:21:fd:5f:49:a1:50:
8d:1e:5c:73:4f:52:c9:0b:45:2c:d8:dc:cc:5b:e7:
aa:51:a6:fd:c2:98:90:bd:ff:2a:d3:a9:66:92:83:
f3:ff:fb:7d:ee:63:ba:61:62:5e:25:b3:3a:9b:09:
61:c5:bc:fe:09:9b:80:9f:f4:84:ed:7f:4c:a2:b7:
b2:2b:c0:a7:89:fe:ad:f9:d4:90:f6:e3:e0:e1:6b:
7d:23:da:50:9b:40:82:62:d2:6d:ca:4b:19:72:13:
7b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8C:E0:C5:3B:BE:97:16:A5:4B:56:62:F9:1A:9C:0E:45:69:3A:8B
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bIzgxTu-lxalS1Zi-RqcDkVpOos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.74.0/24
78.135.78.0/24
78.135.81.0/24
78.135.88.0/24
188.132.141.0/24
188.132.146.0/24
188.132.152.0/24
188.132.163.0/24
188.132.171.0/24
188.132.188.0/23
188.132.191.0/24
188.132.203.0/24
188.132.212.0/23
188.132.216.0/23
188.132.229.0/24
188.132.236.0/23
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
11:2a:93:27:b6:b0:9c:d5:c4:7f:ad:a2:60:fe:aa:a8:37:06:
98:80:88:a0:be:3c:89:c3:1f:c8:e7:e1:a6:32:86:b4:f2:5f:
53:fe:8a:48:fa:b4:24:5a:51:c5:96:db:d8:ab:02:2a:a0:6c:
9d:42:83:e3:9e:bd:19:31:b3:1e:fd:97:48:d3:1e:43:1c:ea:
cd:68:ab:4e:22:c2:a7:90:a2:af:af:de:b3:df:bc:a1:a3:8b:
ba:06:14:ad:ae:aa:11:f0:97:52:d1:41:c1:97:1c:8b:06:cd:
e0:43:c5:99:2c:65:87:3a:9c:64:47:61:b1:e6:08:18:aa:59:
9e:55:42:e3:d5:54:5f:da:d3:fb:2a:f9:15:aa:83:8e:87:91:
2b:1b:70:5b:c7:f4:9d:5e:fe:32:b8:95:bf:a3:2c:60:a6:5c:
ce:37:32:8a:97:7b:59:13:f9:69:fd:f2:a2:d0:d6:64:fc:4d:
80:8d:7e:5e:f2:18:fc:1c:76:97:fb:9f:65:98:21:2b:59:8c:
37:3b:ba:7f:ad:b4:4f:9d:cf:8b:55:bd:fe:91:11:9f:5b:d8:
af:0d:92:5a:79:61:e5:96:bc:72:3d:8d:69:a7:71:fa:59:49:
19:6c:29:5b:7b:b9:b2:2c:cc:77:c7:2a:e5:ec:8c:37:3a:8f:
c6:5a:0e:8b
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZkFMYAcLuhoZxxv291eBB3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwOTAxMTIxMjM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhjZTBjNTNiYmU5NzE2YTU0YjU2NjJmOTFhOWMwZTQ1NjkzYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OcyNYsU1qkgN3WYrGp447Yz/1p0
DZD+KRkssemcP7FfzGeHjtHsdwcbObGuz4CWmUdnvMPYcU0LO6qUXnb6TAgX4JHn
6EPIYs7uYCOjqm/ZxE4N3bgqrnOmb1CwBiMGM9s+ZwlpelIb7E+D9hPJvW58bcJk
09M3sgt4lAzZ9kL9mR6HbOXGoXsWBd4XYm61Z0omO6gCY1HVlKTK7mEh/V9JoVCN
HlxzT1LJC0Us2NzMW+eqUab9wpiQvf8q06lmkoPz//t97mO6YWJeJbM6mwlhxbz+
CZuAn/SE7X9MoreyK8Cnif6t+dSQ9uPg4Wt9I9pQm0CCYtJtyksZchN7RwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGyM4MU7vpcWpUtWYvkanA5FaTqLMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvYkl6Z3hUdS1seGFsUzFaaS1ScWNEa1ZwT29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAE6H
SAMEAE6HSgMEAE6HTgMEAE6HUQMEAE6HWAMEALyEjQMEALyEkgMEALyEmAMEALyE
owMEALyEqwMEAbyEvAMEALyEvwMEALyEywMEAbyE1AMEAbyE2AMEALyE5QMEAbyE
7AMEANRENzAMAwQA1EQ7AwQA1EQ8MA0GCSqGSIb3DQEBCwUAA4IBAQARKpMntrCc
1cR/raJg/qqoNwaYgIigvjyJwx/I5+GmMoa08l9T/opI+rQkWlHFltvYqwIqoGyd
QoPjnr0ZMbMe/ZdI0x5DHOrNaKtOIsKnkKKvr96z37yho4u6BhStrqoR8JdS0UHB
lxyLBs3gQ8WZLGWHOpxkR2Gx5ggYqlmeVULj1VRf2tP7KvkVqoOOh5ErG3Bbx/Sd
Xv4yuJW/oyxgplzONzKKl3tZE/lp/fKi0NZk/E2AjX5e8hj8HHaX+59lmCErWYw3
O7p/rbRPnc+LVb3+kRGfW9ivDZJaeWHllrxyPY1pp3H6WUkZbClbe7myLMx3xyrl
7Iw3Oo/GWg6L
-----END CERTIFICATE-----
Generated at Sat Sep 6 05:05:57 2025 by rpki-client