Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/provRmWMgjhm8tLC1tMG0EWHlDg.roa
File: provRmWMgjhm8tLC1tMG0EWHlDg.roa (raw, json)
Hash identifier: NccCmG8rzXx+4NoFpwEdivSO8+Q39nOBIJB8OvuE9BI=
Subject key identifier: A6:BA:2F:46:65:8C:82:38:66:F2:D2:C2:D6:D3:06:D0:45:87:94:38
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 01971395834BF9B6FCE2B398443F7E79A27F
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/provRmWMgjhm8tLC1tMG0EWHlDg.roa
Signing time: Tue 27 May 2025 21:10:54 +0000
ROA not before: Tue 27 May 2025 21:10:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62442
IP address blocks: 78.157.32.0/19 maxlen: 19
78.157.32.0/24 maxlen: 24
78.157.34.0/24 maxlen: 24
78.157.35.0/24 maxlen: 24
78.157.36.0/24 maxlen: 24
78.157.37.0/24 maxlen: 24
78.157.38.0/24 maxlen: 24
78.157.39.0/24 maxlen: 24
78.157.40.0/24 maxlen: 24
78.157.41.0/24 maxlen: 24
78.157.42.0/24 maxlen: 24
78.157.43.0/24 maxlen: 24
78.157.44.0/24 maxlen: 24
78.157.45.0/24 maxlen: 24
78.157.46.0/24 maxlen: 24
78.157.47.0/24 maxlen: 24
78.157.48.0/21 maxlen: 21
78.157.48.0/24 maxlen: 24
78.157.49.0/24 maxlen: 24
78.157.50.0/24 maxlen: 24
78.157.51.0/24 maxlen: 24
78.157.52.0/24 maxlen: 24
78.157.53.0/24 maxlen: 24
78.157.54.0/23 maxlen: 23
78.157.54.0/24 maxlen: 24
78.157.55.0/24 maxlen: 24
78.157.56.0/21 maxlen: 21
78.157.56.0/24 maxlen: 24
78.157.57.0/24 maxlen: 24
78.157.58.0/24 maxlen: 24
78.157.59.0/24 maxlen: 24
78.157.60.0/23 maxlen: 23
78.157.60.0/24 maxlen: 24
78.157.61.0/24 maxlen: 24
78.157.62.0/24 maxlen: 24
78.157.63.0/24 maxlen: 24
89.221.84.0/22 maxlen: 22
89.221.88.0/21 maxlen: 21
2a10:8180::/29 maxlen: 29
2a10:8180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:95:83:4b:f9:b6:fc:e2:b3:98:44:3f:7e:79:a2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: May 27 21:10:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6ba2f46658c823866f2d2c2d6d306d045879438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:77:a0:d7:0b:e8:6b:e0:00:48:4a:a9:e4:21:
d7:f6:56:ce:72:ea:35:9c:b6:be:e1:f7:e0:e4:06:
72:76:51:8d:14:36:ef:9d:6f:a2:4b:aa:d0:a3:91:
09:f3:6d:e4:b9:b9:63:88:55:6a:f5:9d:c9:f2:70:
f0:a3:b0:37:cb:0a:ba:44:94:66:cd:8d:60:af:c5:
b9:74:13:45:cf:53:a3:81:f2:05:46:cc:95:0d:81:
6c:d8:a6:db:65:12:a3:b8:14:db:39:25:f8:5a:cf:
03:4f:06:78:4f:af:0d:44:25:49:1d:5c:f3:0a:37:
92:c0:15:bf:14:0c:4b:dc:2e:fc:0d:1e:46:bf:b3:
1d:7b:4c:f7:14:cd:0c:67:09:63:d2:39:3c:d4:4a:
01:b7:2e:ef:f3:c4:d6:a1:5c:95:be:5b:14:7c:84:
dc:c4:36:b3:68:66:c5:f1:f5:52:49:2a:3b:83:0e:
8e:f5:ef:e8:0e:ed:d7:0d:f0:79:4a:46:93:cd:51:
01:fe:ef:5b:31:03:fe:f0:2a:49:e4:f0:f9:10:69:
b1:c2:ee:1b:2d:27:15:1b:f5:36:dd:c4:5e:f9:90:
8b:d3:d4:ac:bb:57:cd:98:b4:fd:ab:0d:40:62:65:
06:59:c9:fb:5e:64:12:ce:7f:f6:1f:e4:8f:ca:73:
7f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BA:2F:46:65:8C:82:38:66:F2:D2:C2:D6:D3:06:D0:45:87:94:38
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/provRmWMgjhm8tLC1tMG0EWHlDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.32.0/19
89.221.84.0-89.221.95.255
IPv6:
2a10:8180::/29
Signature Algorithm: sha256WithRSAEncryption
a5:82:2c:53:ce:c1:a3:c5:2e:f1:f7:a3:5e:6b:e5:5d:de:50:
58:05:15:de:f8:39:26:1c:00:85:47:61:e2:24:f6:99:ee:d6:
3d:4d:c9:df:33:40:c1:22:fb:d9:a7:51:35:0e:74:9a:34:af:
d1:57:14:14:72:68:25:f9:30:76:62:e0:f4:46:ff:d6:94:6c:
71:e2:08:90:ef:dc:f9:7d:10:e1:30:5f:54:6b:75:4b:1d:17:
5c:69:87:4f:6d:0f:cf:54:8a:1a:5a:fd:97:09:cc:94:60:70:
af:a4:73:73:6e:f6:77:10:92:b7:ff:39:84:55:a4:29:76:b3:
12:6f:d5:27:cb:c7:01:a7:71:31:e5:4a:0a:b8:fb:0c:f1:39:
df:eb:fc:ba:81:17:33:9a:69:09:b5:f5:ee:28:23:a3:de:5d:
b0:b0:41:72:43:9a:ad:eb:27:61:9d:e8:65:03:dc:c7:35:b4:
4a:0b:83:48:0a:22:6b:20:93:f6:77:59:99:69:4a:f2:db:39:
05:3a:45:91:9a:d1:85:f7:f5:49:f6:0b:f2:fe:db:eb:5a:ad:
51:5b:4b:8c:35:72:44:27:48:9e:3f:06:2b:39:e3:82:6a:ed:
1d:b4:0b:74:30:3c:f5:79:7f:33:2f:05:4b:b6:27:76:6a:cc:
ce:b5:63:a3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcTlYNL+bb84rOYRD9+eaJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj
NWZlYzIwHhcNMjUwNTI3MjExMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJhMmY0NjY1OGM4MjM4NjZmMmQyYzJkNmQzMDZkMDQ1ODc5NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHeg1wvoa+AASEqp5CHX9lbOcuo1
nLa+4ffg5AZydlGNFDbvnW+iS6rQo5EJ823kubljiFVq9Z3J8nDwo7A3ywq6RJRm
zY1gr8W5dBNFz1OjgfIFRsyVDYFs2KbbZRKjuBTbOSX4Ws8DTwZ4T68NRCVJHVzz
CjeSwBW/FAxL3C78DR5Gv7Mde0z3FM0MZwlj0jk81EoBty7v88TWoVyVvlsUfITc
xDazaGbF8fVSSSo7gw6O9e/oDu3XDfB5SkaTzVEB/u9bMQP+8CpJ5PD5EGmxwu4b
LScVG/U23cRe+ZCL09Ssu1fNmLT9qw1AYmUGWcn7XmQSzn/2H+SPynN/VQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKa6L0ZljII4ZvLSwtbTBtBFh5Q4MB8GA1UdIwQY
MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt
YTNhMTNlM2E3ZDgwLzEvcHJvdlJtV01namhtOHRMQzF0TUcwRVdIbERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw
LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFTp0gMAwD
BAJZ3VQDBAVZ3UAwDQQCAAIwBwMFAyoQgYAwDQYJKoZIhvcNAQELBQADggEBAKWC
LFPOwaPFLvH3o15r5V3eUFgFFd74OSYcAIVHYeIk9pnu1j1Nyd8zQMEi+9mnUTUO
dJo0r9FXFBRyaCX5MHZi4PRG/9aUbHHiCJDv3Pl9EOEwX1RrdUsdF1xph09tD89U
ihpa/ZcJzJRgcK+kc3Nu9ncQkrf/OYRVpCl2sxJv1SfLxwGncTHlSgq4+wzxOd/r
/LqBFzOaaQm19e4oI6PeXbCwQXJDmq3rJ2Gd6GUD3Mc1tEoLg0gKImsgk/Z3WZlp
SvLbOQU6RZGa0YX39Un2C/L+2+tarVFbS4w1ckQnSJ4/Bis544Jq7R20C3QwPPV5
fzMvBUu2J3ZqzM61Y6M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:49:03 2025 by rpki-client