Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/73r0yHigeP71uLa7NYE9z1RHaDw.roa
File: 73r0yHigeP71uLa7NYE9z1RHaDw.roa (raw, json)
Hash identifier: Jbt96nWXVe5WPVo962Y5M8IHa7FOt8IKPobN6TJWliA=
Subject key identifier: EF:7A:F4:C8:78:A0:78:FE:F5:B8:B6:BB:35:81:3D:CF:54:47:68:3C
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0196ECD5185EC6DEFB1B3BFAE6E1EBD3AC9E
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/73r0yHigeP71uLa7NYE9z1RHaDw.roa
Signing time: Tue 20 May 2025 08:35:10 +0000
ROA not before: Tue 20 May 2025 08:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.172.0/22 maxlen: 22
152.53.176.0/22 maxlen: 22
152.53.180.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:d5:18:5e:c6:de:fb:1b:3b:fa:e6:e1:eb:d3:ac:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: May 20 08:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef7af4c878a078fef5b8b6bb35813dcf5447683c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:18:a1:c2:86:d8:2d:0a:8f:82:63:07:62:
a1:e6:78:a9:5c:2d:5e:53:ac:32:c9:4b:e0:79:4f:
98:19:1f:4a:d3:d1:21:5b:25:f8:3f:59:47:06:1e:
30:f0:7f:78:5b:c2:23:5f:66:82:84:1c:9c:1f:56:
ce:c1:b6:59:cc:f1:6f:32:c3:b8:7e:ae:d1:74:3a:
0f:70:55:04:8d:49:a7:3e:c1:c7:3c:e0:19:0f:15:
b9:78:9a:16:74:fc:93:ab:7b:15:5e:fd:58:33:40:
71:58:b0:a0:53:ce:88:3a:95:0e:e5:3e:8c:83:22:
46:2a:37:e5:10:a6:57:2e:9e:79:61:e5:51:0b:6f:
6f:63:57:a8:1b:93:f2:a2:56:ab:f8:f9:49:41:69:
37:52:00:4f:1a:29:ac:fa:fa:88:81:d4:f3:cb:57:
23:ef:82:8b:38:f8:9f:1c:93:5d:d7:ee:a5:6f:50:
50:7a:3f:85:37:7e:ff:72:f7:50:67:72:f1:6b:cc:
b4:40:e4:25:16:95:9b:dd:02:cc:17:75:ac:9f:f9:
3f:35:92:af:f9:34:2d:73:4e:73:f9:4d:07:71:80:
77:01:7a:56:93:a5:7b:36:01:0c:8e:e0:55:8f:cc:
3c:66:02:80:60:55:04:aa:14:ec:b1:92:98:e1:8c:
e2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7A:F4:C8:78:A0:78:FE:F5:B8:B6:BB:35:81:3D:CF:54:47:68:3C
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/73r0yHigeP71uLa7NYE9z1RHaDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:56:28:04:2c:79:31:25:a8:af:5c:c6:c7:d8:68:f3:75:83:
a1:f0:7d:84:6c:78:54:75:4d:68:77:e0:84:58:84:fa:d0:c7:
b6:83:6c:8e:74:27:c7:37:2c:a8:60:d5:2c:b7:f3:9a:ac:d9:
b2:45:3f:aa:3b:14:38:65:ea:56:bf:ab:25:9e:52:e3:fe:46:
84:1d:64:28:54:03:ca:d1:52:3d:ba:de:ea:13:83:40:73:9d:
a2:12:74:b8:c8:04:c6:8e:f4:f9:1f:c5:d7:b2:29:30:3b:60:
8f:bb:8e:80:f0:2e:a5:67:41:06:3a:ec:63:83:fc:8b:c2:28:
75:28:33:c0:38:81:33:09:2d:2d:d0:61:0a:2b:f0:4f:d5:83:
a1:9c:f8:08:b9:e2:ba:66:b7:43:c7:c7:c2:68:f8:74:6e:36:
be:d4:5f:78:61:3d:11:f0:04:8e:cd:8b:df:0c:4a:fb:dd:e4:
80:db:f9:67:2a:2a:23:fa:85:f5:30:f9:18:1a:08:e4:00:f2:
a5:1e:16:92:26:b8:a2:02:fd:e4:10:32:15:fd:07:02:c9:0e:
9e:e6:f1:0d:b9:c5:d4:0b:53:f1:1b:10:5c:e0:52:3e:43:fc:
e1:3d:b4:bc:56:f3:24:00:1a:7b:fd:c1:61:71:1d:8d:2f:8b:
b9:c1:08:9a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZbs1Rhext77Gzv65uHr06yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNTIwMDgzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjdhZjRjODc4YTA3OGZlZjViOGI2YmIzNTgxM2RjZjU0NDc2ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUIYocKG2C0Kj4JjB2Kh5nipXC1e
U6wyyUvgeU+YGR9K09EhWyX4P1lHBh4w8H94W8IjX2aChBycH1bOwbZZzPFvMsO4
fq7RdDoPcFUEjUmnPsHHPOAZDxW5eJoWdPyTq3sVXv1YM0BxWLCgU86IOpUO5T6M
gyJGKjflEKZXLp55YeVRC29vY1eoG5Pyolar+PlJQWk3UgBPGims+vqIgdTzy1cj
74KLOPifHJNd1+6lb1BQej+FN37/cvdQZ3Lxa8y0QOQlFpWb3QLMF3Wsn/k/NZKv
+TQtc05z+U0HcYB3AXpWk6V7NgEMjuBVj8w8ZgKAYFUEqhTssZKY4YziuwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFO969Mh4oHj+9bi2uzWBPc9UR2g8MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNzNyMHlIaWdlUDcxdUxhN05ZRTl6MVJIYUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBADNWKAQseTElqK9cxsfYaPN1g6HwfYRseFR1TWh34IRY
hPrQx7aDbI50J8c3LKhg1Sy385qs2bJFP6o7FDhl6la/qyWeUuP+RoQdZChUA8rR
Uj263uoTg0BznaISdLjIBMaO9PkfxdeyKTA7YI+7joDwLqVnQQY67GOD/IvCKHUo
M8A4gTMJLS3QYQor8E/Vg6Gc+Ai54rpmt0PHx8Jo+HRuNr7UX3hhPRHwBI7Ni98M
Svvd5IDb+WcqKiP6hfUw+RgaCOQA8qUeFpImuKIC/eQQMhX9BwLJDp7m8Q25xdQL
U/EbEFzgUj5D/OE9tLxW8yQAGnv9wWFxHY0vi7nBCJo=
-----END CERTIFICATE-----
Generated at Sat Jun 14 00:38:29 2025 by rpki-client