Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/d0u-ehuUqLrY5tyibnzgkeCwZXc.roa
File: d0u-ehuUqLrY5tyibnzgkeCwZXc.roa (raw, json)
Hash identifier: 0qBz5naJyINGxrtms8qZ9KJTRQQ0DHsskm0N3y0uv2g=
Subject key identifier: 77:4B:BE:7A:1B:94:A8:BA:D8:E6:DC:A2:6E:7C:E0:91:E0:B0:65:77
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01975662FF3829468DBEE1E6C7AC24EEFEE1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/d0u-ehuUqLrY5tyibnzgkeCwZXc.roa
Signing time: Mon 09 Jun 2025 20:30:17 +0000
ROA not before: Mon 09 Jun 2025 20:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.120.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 22:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:62:ff:38:29:46:8d:be:e1:e6:c7:ac:24:ee:fe:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 9 20:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=774bbe7a1b94a8bad8e6dca26e7ce091e0b06577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:22:1f:8c:91:9b:0d:dd:2b:a1:5e:04:11:
86:a3:fa:c5:61:9c:b7:84:d4:76:c9:6d:5b:ce:bc:
fd:fa:d6:b5:b7:bb:33:46:64:75:c8:78:0e:47:02:
03:17:32:5c:8e:8f:0b:29:e8:75:86:75:73:33:a2:
03:10:99:db:bb:65:13:c1:77:94:7e:a3:58:69:38:
88:2e:59:0b:e5:2f:b3:aa:3a:44:81:ca:1d:c9:19:
9c:35:b6:60:ad:ce:e5:7e:8b:9c:c7:29:02:bf:73:
0a:78:4d:93:35:eb:ab:70:5e:27:2b:ab:c5:ad:bf:
18:12:a7:35:32:c1:27:48:54:4d:28:da:7c:d4:ab:
e9:f0:a4:6a:6c:5f:f4:89:a5:36:7b:49:2f:f8:0b:
f6:d2:f0:34:10:d4:53:d5:95:1b:61:79:89:b9:b1:
ac:e8:38:7c:d7:e0:1c:36:c5:fe:9f:fd:3f:7d:8e:
31:5e:17:c7:c6:17:7e:9e:e7:e0:62:46:77:b4:a8:
d6:7b:a7:43:17:38:ce:07:1c:1e:e6:b0:9e:32:be:
37:06:ae:ad:81:9f:de:f0:82:80:f1:7f:a7:52:bd:
e2:32:2e:ae:b7:59:55:d8:d3:c4:4c:d4:55:3a:fa:
7d:e0:b3:bb:65:55:8a:fe:f7:bb:eb:6b:4a:0d:d4:
fa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4B:BE:7A:1B:94:A8:BA:D8:E6:DC:A2:6E:7C:E0:91:E0:B0:65:77
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/d0u-ehuUqLrY5tyibnzgkeCwZXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.120.0/22
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
82:ed:33:a8:a3:c5:2c:84:cd:1b:3d:b9:33:43:f2:c9:40:11:
bf:4e:60:60:4f:8e:e2:f5:89:65:65:fe:18:2e:8f:71:27:ec:
b7:a1:c4:6a:4b:7f:47:de:57:c4:32:00:fc:9d:c1:34:61:14:
44:38:46:cd:b3:98:9f:4f:b7:e7:27:a4:0e:d9:c0:b6:45:20:
52:10:ac:d7:c2:5e:d8:2b:e4:87:30:c7:c7:ef:3b:88:24:73:
ef:72:dc:37:02:42:ff:ff:67:1a:21:3b:bc:ac:10:e2:37:16:
d9:a8:2d:2a:16:1b:cc:3e:39:25:5d:c6:b1:cf:de:51:24:cc:
5b:a4:e4:38:cc:92:97:6b:2a:38:7d:ac:4f:86:2f:a6:b5:70:
2d:c8:12:4e:cc:e7:84:08:34:ad:66:16:ed:9d:47:0b:64:51:
f6:60:a2:45:e1:32:01:38:74:ec:62:d8:a8:de:54:e5:3f:78:
f1:56:2a:1c:7d:3b:a8:e3:02:0e:54:39:fd:eb:45:2f:40:f7:
6d:c7:2a:6d:4b:bd:24:28:3c:8c:1a:7d:3a:6e:3f:32:f7:e3:
2b:c7:60:03:fa:2c:e8:5f:7d:8d:d1:f3:1c:18:1f:59:05:56:
dd:90:9d:cd:d7:fa:37:93:7d:4f:1a:ec:be:6a:2d:bf:17:ff:
15:be:94:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdWYv84KUaNvuHmx6wk7v7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNjA5MjAzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzRiYmU3YTFiOTRhOGJhZDhlNmRjYTI2ZTdjZTA5MWUwYjA2NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ8iH4yRmw3dK6FeBBGGo/rFYZy3
hNR2yW1bzrz9+ta1t7szRmR1yHgORwIDFzJcjo8LKeh1hnVzM6IDEJnbu2UTwXeU
fqNYaTiILlkL5S+zqjpEgcodyRmcNbZgrc7lfoucxykCv3MKeE2TNeurcF4nK6vF
rb8YEqc1MsEnSFRNKNp81Kvp8KRqbF/0iaU2e0kv+Av20vA0ENRT1ZUbYXmJubGs
6Dh81+AcNsX+n/0/fY4xXhfHxhd+nufgYkZ3tKjWe6dDFzjOBxwe5rCeMr43Bq6t
gZ/e8IKA8X+nUr3iMi6ut1lV2NPETNRVOvp94LO7ZVWK/ve762tKDdT6PQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHdLvnoblKi62Obcom584JHgsGV3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZDB1LWVodVVxTHJZNXR5aWJuemdrZUN3WlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBWZ4AwQC
H7q0AwQBLhTSAwQBUqM0AwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQCC7TOoo8Us
hM0bPbkzQ/LJQBG/TmBgT47i9YllZf4YLo9xJ+y3ocRqS39H3lfEMgD8ncE0YRRE
OEbNs5ifT7fnJ6QO2cC2RSBSEKzXwl7YK+SHMMfH7zuIJHPvctw3AkL//2caITu8
rBDiNxbZqC0qFhvMPjklXcaxz95RJMxbpOQ4zJKXayo4faxPhi+mtXAtyBJOzOeE
CDStZhbtnUcLZFH2YKJF4TIBOHTsYtio3lTlP3jxViocfTuo4wIOVDn960UvQPdt
xyptS70kKDyMGn06bj8y9+Mrx2AD+izoX32N0fMcGB9ZBVbdkJ3N1/o3k31PGuy+
ai2/F/8VvpTn
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:51:14 2025 by rpki-client