Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/gXudaVo5ppJErTfeX5xi9brX61w.roa
File: gXudaVo5ppJErTfeX5xi9brX61w.roa (raw, json)
Hash identifier: IKuJEjHAnF+UCL7CufOi0IYbRxdzc8wHAsPIOnfrMmA=
Subject key identifier: 81:7B:9D:69:5A:39:A6:92:44:AD:37:DE:5F:9C:62:F5:BA:D7:EB:5C
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0198F5966BFDC0F6D7DACDFE2D4328C2989E
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/gXudaVo5ppJErTfeX5xi9brX61w.roa
Signing time: Fri 29 Aug 2025 11:28:52 +0000
ROA not before: Fri 29 Aug 2025 11:28:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.42.0/24 maxlen: 24
152.53.42.64/28 maxlen: 28
152.53.43.0/24 maxlen: 24
152.53.43.64/27 maxlen: 27
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.144.0/22 maxlen: 22
152.53.148.0/22 maxlen: 22
152.53.152.0/22 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.172.0/22 maxlen: 22
152.53.176.0/22 maxlen: 22
152.53.180.0/22 maxlen: 22
152.53.188.0/22 maxlen: 22
152.53.196.0/22 maxlen: 22
152.53.200.0/24 maxlen: 24
152.53.202.0/24 maxlen: 24
152.53.204.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:96:6b:fd:c0:f6:d7:da:cd:fe:2d:43:28:c2:98:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Aug 29 11:28:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=817b9d695a39a69244ad37de5f9c62f5bad7eb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e8:ee:42:58:10:89:4e:f8:aa:1c:23:87:f0:
12:14:90:2e:37:1d:27:bc:f9:3e:38:fc:a3:73:21:
68:0f:eb:6e:a8:11:08:aa:9c:f7:a5:23:1e:cb:45:
14:ff:71:f5:0d:a4:38:31:01:d7:7e:10:5a:4d:61:
df:5d:3e:c7:05:8b:74:0b:f6:30:d7:9d:93:3f:8e:
38:06:90:f3:3b:38:1c:9b:52:e2:53:c3:a3:c6:fe:
0e:2d:f5:19:27:55:92:46:86:04:9d:cc:ab:5f:73:
13:70:9e:da:a0:2d:d2:30:e4:15:3f:d8:ad:d0:5b:
28:7f:fa:ee:2e:66:53:d0:ec:f5:83:74:c1:33:a7:
a1:17:33:af:84:06:88:15:68:6e:0b:31:c1:63:43:
1f:45:ef:0a:2a:a7:fd:ab:86:11:f4:6a:1b:e1:4d:
2d:20:96:49:8c:3c:f7:dd:05:29:08:ca:13:72:2e:
40:b4:a9:99:b3:12:1f:f7:c0:4c:01:fb:69:f8:bc:
27:a4:ba:2c:ab:0c:99:86:9c:6d:75:b1:ee:0d:d4:
fa:65:93:ca:99:fe:04:25:b0:af:09:78:c3:3b:59:
de:05:fd:bc:d3:7e:ff:1d:7c:5e:6b:6e:72:97:be:
79:c5:b6:ca:69:43:b6:3b:8e:07:4a:0a:cb:38:31:
51:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7B:9D:69:5A:39:A6:92:44:AD:37:DE:5F:9C:62:F5:BA:D7:EB:5C
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/gXudaVo5ppJErTfeX5xi9brX61w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:b4:70:d3:56:96:ba:a5:77:23:11:2f:c3:8b:fd:2e:ca:59:
a8:3d:7e:fc:a7:23:ca:d3:e6:51:a5:26:b5:84:ea:a7:21:53:
cc:a5:9d:0c:f0:0c:62:a1:59:32:ce:0f:b2:24:c8:3d:47:5a:
62:84:f3:85:c9:33:c2:25:17:c6:b8:c7:76:13:11:e3:c4:62:
0d:8c:24:c3:f5:3f:c9:e9:7e:f9:5b:36:e3:6e:db:dc:f7:f9:
c1:00:2a:ae:6c:9e:1c:32:fd:bf:ec:68:c3:ee:74:54:56:ab:
18:37:a2:d9:6d:4d:c1:3f:11:7b:c7:78:d7:18:1b:04:ac:9d:
fa:62:ee:28:ea:db:2d:2b:a1:49:3c:2d:a8:95:68:81:30:7a:
c6:7d:fa:22:db:a8:44:e7:81:d9:58:09:91:c8:99:6b:09:79:
bf:c4:77:de:41:54:24:a4:af:79:9f:c3:fa:44:71:50:03:03:
33:a6:a0:36:ea:10:b2:57:93:47:7a:10:8a:5e:03:fc:db:a9:
f3:2d:38:42:d8:82:e5:2c:01:6e:9d:63:ba:f8:d1:80:e5:24:
4a:63:e6:4c:02:3a:74:08:04:8a:37:37:06:84:f4:f2:40:2f:
14:47:75:6d:71:16:4e:d0:ec:69:12:f0:21:e3:6d:e3:21:8d:
ba:e8:63:5c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZj1lmv9wPbX2s3+LUMowpieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwODI5MTEyODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTdiOWQ2OTVhMzlhNjkyNDRhZDM3ZGU1ZjljNjJmNWJhZDdlYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OjuQlgQiU74qhwjh/ASFJAuNx0n
vPk+OPyjcyFoD+tuqBEIqpz3pSMey0UU/3H1DaQ4MQHXfhBaTWHfXT7HBYt0C/Yw
152TP444BpDzOzgcm1LiU8Ojxv4OLfUZJ1WSRoYEncyrX3MTcJ7aoC3SMOQVP9it
0Fsof/ruLmZT0Oz1g3TBM6ehFzOvhAaIFWhuCzHBY0MfRe8KKqf9q4YR9Gob4U0t
IJZJjDz33QUpCMoTci5AtKmZsxIf98BMAftp+LwnpLosqwyZhpxtdbHuDdT6ZZPK
mf4EJbCvCXjDO1neBf28037/HXxea25yl755xbbKaUO2O44HSgrLODFRIQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIF7nWlaOaaSRK033l+cYvW61+tcMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvZ1h1ZGFWbzVwcEpFclRmZVg1eGk5YnJYNjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHC0cNNWlrqldyMRL8OL/S7KWag9fvynI8rT5lGlJrWE
6qchU8ylnQzwDGKhWTLOD7IkyD1HWmKE84XJM8IlF8a4x3YTEePEYg2MJMP1P8np
fvlbNuNu29z3+cEAKq5snhwy/b/saMPudFRWqxg3otltTcE/EXvHeNcYGwSsnfpi
7ijq2y0roUk8LaiVaIEwesZ9+iLbqETngdlYCZHImWsJeb/Ed95BVCSkr3mfw/pE
cVADAzOmoDbqELJXk0d6EIpeA/zbqfMtOELYguUsAW6dY7r40YDlJEpj5kwCOnQI
BIo3NwaE9PJALxRHdW1xFk7Q7GkS8CHjbeMhjbroY1w=
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:08:45 2025 by rpki-client