Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/gDW8r8sGQjgza7ecGOUQHgaDZvk.roa
File: gDW8r8sGQjgza7ecGOUQHgaDZvk.roa (raw, json)
Hash identifier: PRvvxS1NbjtP74Eh1qk8LVgvXDYkqrfyHo9xfSwr0AM=
Subject key identifier: 80:35:BC:AF:CB:06:42:38:33:6B:B7:9C:18:E5:10:1E:06:83:66:F9
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0197CA14AF3F1A3DD9FEE2257B789D7A30B1
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/gDW8r8sGQjgza7ecGOUQHgaDZvk.roa
Signing time: Wed 02 Jul 2025 07:40:42 +0000
ROA not before: Wed 02 Jul 2025 07:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.78.90.0/23 maxlen: 24
45.78.92.0/22 maxlen: 24
62.3.6.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
86.104.195.0/24 maxlen: 24
91.216.138.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.139.40.0/21 maxlen: 32
119.13.224.0/20 maxlen: 20
134.199.64.0/19 maxlen: 32
136.227.160.0/19 maxlen: 32
146.19.100.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
193.163.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 19:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:14:af:3f:1a:3d:d9:fe:e2:25:7b:78:9d:7a:30:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Jul 2 07:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8035bcafcb064238336bb79c18e5101e068366f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b5:31:71:21:ab:51:3b:a3:4c:c2:db:0a:8d:
21:40:1e:32:ed:dc:ea:7b:77:38:fd:52:b9:f0:36:
24:ad:0f:50:e5:ec:81:eb:a0:b4:09:9a:74:d3:9c:
36:32:2a:bd:56:50:c0:c3:b6:df:29:ea:e5:64:21:
fb:e3:6d:40:53:12:b7:95:53:e1:e2:b0:8e:8e:f1:
d5:66:fb:fb:8b:63:18:c5:61:06:ed:82:3a:12:7c:
e7:d3:11:8c:50:c9:67:99:17:56:03:ac:04:54:12:
5b:c1:0b:a7:7c:15:61:29:6a:06:92:25:dd:52:c0:
fa:d9:f1:aa:15:98:48:5b:85:b0:fc:51:5b:0b:be:
d9:3b:67:10:5c:75:5d:51:86:04:4d:fe:bd:0b:78:
9a:a4:6b:06:40:7a:6b:1d:ca:80:7c:93:d2:56:01:
e1:1c:c7:45:b8:84:e5:f5:49:1e:6b:69:00:7c:03:
0c:1d:b3:71:03:eb:c7:65:2b:9b:cd:61:2c:0c:4b:
f3:01:40:57:0d:e8:dc:87:8e:d5:15:60:2c:93:7a:
39:be:22:8c:fe:ee:91:f3:0d:b0:66:a9:df:d0:6e:
de:05:c3:8d:d0:b5:ac:f7:ec:af:6d:34:e9:0c:6c:
44:60:3a:e3:ff:ae:6b:49:b1:94:db:f9:6d:af:c0:
b4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:35:BC:AF:CB:06:42:38:33:6B:B7:9C:18:E5:10:1E:06:83:66:F9
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/gDW8r8sGQjgza7ecGOUQHgaDZvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.78.90.0-45.78.95.255
62.3.6.0/24
86.104.192.0/24
86.104.195.0/24
91.216.138.0/24
91.229.228.0/24
93.180.208.0/22
94.139.40.0/21
119.13.224.0/20
134.199.64.0/19
136.227.160.0/19
146.19.100.0/24
193.37.136.0/24
193.105.176.0/24
193.163.74.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:c1:10:d9:d2:bf:29:52:24:af:bf:08:97:40:c4:76:20:9b:
5d:25:30:eb:62:31:97:f7:42:f3:46:fa:98:91:5d:89:b5:1a:
c6:ea:e9:3f:41:91:de:64:ff:51:b3:c6:c9:72:d6:16:34:aa:
d3:5a:ed:22:95:ce:2e:0d:80:25:05:92:de:ae:f0:f2:14:2b:
87:d0:a0:09:4e:b6:03:73:c0:b3:4b:37:54:35:08:2d:3d:c4:
05:82:95:71:e2:13:56:97:db:44:84:9f:d9:b3:c1:f8:f6:4c:
62:a7:5c:d1:a9:16:7e:0b:42:64:85:e3:ef:40:48:e0:24:53:
56:ae:39:80:97:59:85:d4:b0:9a:4b:67:bd:70:51:87:44:fe:
6c:cd:87:25:6d:84:ba:d4:fb:c3:7f:f1:b4:5a:73:30:ad:20:
46:15:e8:53:8c:26:98:3e:54:6a:9c:33:74:c3:1b:0d:83:52:
14:af:44:ef:4c:ec:04:5a:2e:6c:f5:32:71:74:ac:4c:e5:54:
c3:20:7e:ff:a5:d5:11:6d:ad:dc:5e:71:09:22:9d:e4:49:1f:
9c:8e:d5:49:2d:b8:3a:af:95:1d:d4:bd:76:83:65:33:04:d6:
92:4e:c1:d4:b9:6f:83:30:89:23:08:69:7c:54:7f:12:3e:33:
1b:5f:35:92
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZfKFK8/Gj3Z/uIle3idejCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjUwNzAyMDc0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM1YmNhZmNiMDY0MjM4MzM2YmI3OWMxOGU1MTAxZTA2ODM2NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrUxcSGrUTujTMLbCo0hQB4y7dzq
e3c4/VK58DYkrQ9Q5eyB66C0CZp005w2Miq9VlDAw7bfKerlZCH7421AUxK3lVPh
4rCOjvHVZvv7i2MYxWEG7YI6Enzn0xGMUMlnmRdWA6wEVBJbwQunfBVhKWoGkiXd
UsD62fGqFZhIW4Ww/FFbC77ZO2cQXHVdUYYETf69C3iapGsGQHprHcqAfJPSVgHh
HMdFuITl9Ukea2kAfAMMHbNxA+vHZSubzWEsDEvzAUBXDejch47VFWAsk3o5viKM
/u6R8w2wZqnf0G7eBcON0LWs9+yvbTTpDGxEYDrj/65rSbGU2/ltr8C03wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFIA1vK/LBkI4M2u3nBjlEB4Gg2b5MB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvZ0RXOHI4c0dRamd6YTdlY0dPVVFIZ2FEWnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAEtTloD
BAUtTkADBAA+AwYDBABWaMADBABWaMMDBABb2IoDBABb5eQDBAJdtNADBANeiygD
BAR3DeADBAWGx0ADBAWI46ADBACSE2QDBADBJYgDBADBabADBADBo0owDQYJKoZI
hvcNAQELBQADggEBAJ/BENnSvylSJK+/CJdAxHYgm10lMOtiMZf3QvNG+piRXYm1
Gsbq6T9Bkd5k/1Gzxsly1hY0qtNa7SKVzi4NgCUFkt6u8PIUK4fQoAlOtgNzwLNL
N1Q1CC09xAWClXHiE1aX20SEn9mzwfj2TGKnXNGpFn4LQmSF4+9ASOAkU1auOYCX
WYXUsJpLZ71wUYdE/mzNhyVthLrU+8N/8bRaczCtIEYV6FOMJpg+VGqcM3TDGw2D
UhSvRO9M7ARaLmz1MnF0rEzlVMMgfv+l1RFtrdxecQkineRJH5yO1UktuDqvlR3U
vXaDZTME1pJOwdS5b4MwiSMIaXxUfxI+MxtfNZI=
-----END CERTIFICATE-----
Generated at Mon Jul 7 04:03:40 2025 by rpki-client