Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gclDGLj6HO4DSOXV_DsEx0azLOo.roa
File: gclDGLj6HO4DSOXV_DsEx0azLOo.roa (raw, json)
Hash identifier: dWzEViX/tRQs+1vGWwdvdSWhkYHXX5Rn8LIdnZ3QeYY=
Subject key identifier: 81:C9:43:18:B8:FA:1C:EE:03:48:E5:D5:FC:3B:04:C7:46:B3:2C:EA
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01972FA3D37FF68F34ACE5C08DE0A9C8F1FD
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gclDGLj6HO4DSOXV_DsEx0azLOo.roa
Signing time: Mon 02 Jun 2025 07:55:55 +0000
ROA not before: Mon 02 Jun 2025 07:55:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197897
IP address blocks: 78.142.22.0/23 maxlen: 24
79.124.80.0/23 maxlen: 24
91.92.59.0/24 maxlen: 24
91.148.150.0/23 maxlen: 24
91.148.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:a3:d3:7f:f6:8f:34:ac:e5:c0:8d:e0:a9:c8:f1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jun 2 07:55:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81c94318b8fa1cee0348e5d5fc3b04c746b32cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d9:b8:38:90:1c:cb:f2:d6:58:06:b2:6c:b8:
d2:68:05:76:11:af:fa:7b:c2:75:33:ac:a8:cd:0d:
ef:71:e0:c8:19:35:a0:58:af:c3:1c:62:0b:ae:18:
e1:07:e7:6f:86:5e:b4:5f:90:d6:72:25:32:61:62:
7e:45:27:7c:4d:a1:b8:a1:7b:54:53:17:11:29:e8:
03:da:5e:87:be:26:7f:1d:df:28:0b:8a:70:24:3d:
73:bc:c6:9f:e2:02:f5:32:ad:29:ff:1c:5d:3f:54:
35:d7:a3:22:eb:32:e6:ff:1b:96:e0:6b:9b:20:24:
d2:5a:13:65:50:3d:0f:6e:06:c9:0b:23:4f:67:ac:
69:a1:36:a0:71:37:9e:18:19:84:62:25:c5:01:34:
fb:c3:db:80:b8:1b:bd:ec:50:8e:a5:b2:55:9b:2a:
fa:f7:e1:39:af:93:3b:44:70:e7:5b:0d:cf:c2:6a:
7c:af:1c:a2:af:88:02:86:fd:51:f0:b3:8d:ff:6e:
c1:d7:0a:2e:36:aa:4e:8f:a3:d1:dc:69:fd:1d:10:
01:a2:3d:a8:cc:50:ec:09:44:f6:e9:9f:29:c6:d5:
a5:31:7b:62:6f:d1:b9:b9:48:e4:4c:e3:90:df:53:
4f:17:a3:12:c8:89:2d:b3:f3:aa:12:97:a1:72:0e:
0b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C9:43:18:B8:FA:1C:EE:03:48:E5:D5:FC:3B:04:C7:46:B3:2C:EA
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gclDGLj6HO4DSOXV_DsEx0azLOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.22.0/23
79.124.80.0/23
91.92.59.0/24
91.148.150.0-91.148.159.255
Signature Algorithm: sha256WithRSAEncryption
0c:eb:4d:f8:8c:39:22:77:0f:9a:ce:07:f5:64:b2:0a:33:e4:
eb:30:78:75:7e:4e:55:c2:79:f2:44:ef:27:94:27:d9:6a:97:
de:36:09:29:cc:ab:d7:bf:98:d5:e4:9f:18:72:41:7e:d8:fd:
f1:a0:4d:1b:74:76:47:cc:ec:0e:30:38:d3:3d:09:4d:f9:73:
be:bb:db:c0:6d:35:13:a2:b4:7c:bc:99:76:3c:e4:73:46:57:
42:4b:c7:1c:38:93:0f:52:a1:87:12:7e:af:08:ef:59:03:fa:
3b:35:68:f5:f4:29:f1:e3:c6:71:19:20:97:fc:62:10:93:2b:
b9:20:77:93:5c:ee:e0:dd:78:cc:7f:ba:de:2a:c7:d4:60:47:
e7:52:4a:3a:58:5d:06:02:aa:63:a9:35:bd:7c:4d:a6:e0:62:
9c:28:40:0c:60:15:80:36:67:72:08:23:8e:5d:4b:99:6f:52:
06:81:61:e4:7c:e8:99:26:a7:b3:a1:97:6e:c4:ca:78:a7:0b:
2f:fd:17:56:d6:d6:73:8d:94:d0:c0:1f:f6:75:03:3a:40:70:
b5:4f:ae:24:5a:e8:13:e7:61:ce:b4:1f:85:4b:2c:ae:16:50:
63:c8:47:22:ab:b9:2b:8f:46:f7:5a:f4:d9:c1:60:ee:d9:43:
a7:93:7c:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZcvo9N/9o80rOXAjeCpyPH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNjAyMDc1NTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM5NDMxOGI4ZmExY2VlMDM0OGU1ZDVmYzNiMDRjNzQ2YjMyY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nm4OJAcy/LWWAaybLjSaAV2Ea/6
e8J1M6yozQ3vceDIGTWgWK/DHGILrhjhB+dvhl60X5DWciUyYWJ+RSd8TaG4oXtU
UxcRKegD2l6HviZ/Hd8oC4pwJD1zvMaf4gL1Mq0p/xxdP1Q116Mi6zLm/xuW4Gub
ICTSWhNlUD0PbgbJCyNPZ6xpoTagcTeeGBmEYiXFATT7w9uAuBu97FCOpbJVmyr6
9+E5r5M7RHDnWw3Pwmp8rxyir4gChv1R8LON/27B1wouNqpOj6PR3Gn9HRABoj2o
zFDsCUT26Z8pxtWlMXtib9G5uUjkTOOQ31NPF6MSyIkts/OqEpehcg4LXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIHJQxi4+hzuA0jl1fw7BMdGsyzqMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ2NsREdMajZITzREU09YVl9Ec0V4MGF6TE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBTo4WAwQB
T3xQAwQAW1w7MAwDBAFblJYDBAVblIAwDQYJKoZIhvcNAQELBQADggEBAAzrTfiM
OSJ3D5rOB/Vksgoz5OsweHV+TlXCefJE7yeUJ9lql942CSnMq9e/mNXknxhyQX7Y
/fGgTRt0dkfM7A4wONM9CU35c76728BtNROitHy8mXY85HNGV0JLxxw4kw9SoYcS
fq8I71kD+js1aPX0KfHjxnEZIJf8YhCTK7kgd5Nc7uDdeMx/ut4qx9RgR+dSSjpY
XQYCqmOpNb18TabgYpwoQAxgFYA2Z3III45dS5lvUgaBYeR86Jkmp7Ohl27Eynin
Cy/9F1bW1nONlNDAH/Z1AzpAcLVPriRa6BPnYc60H4VLLK4WUGPIRyKruSuPRvda
9NnBYO7ZQ6eTfJI=
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:42:25 2025 by rpki-client