Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SsnxsF_ggs4wYQ6T44a0o_effk.roa
File: 1SsnxsF_ggs4wYQ6T44a0o_effk.roa (raw, json)
Hash identifier: UmByfwUfnoBA8RQ3STG2KscmjazUEoXvExa/K2UEejU=
Subject key identifier: D5:2B:27:C6:C1:7F:82:0B:38:C1:84:3A:4F:8E:1A:D2:8F:DE:7D:F9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0198EA5DAF645FD9A43DC36C909F724FEB0E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SsnxsF_ggs4wYQ6T44a0o_effk.roa
Signing time: Wed 27 Aug 2025 07:11:05 +0000
ROA not before: Wed 27 Aug 2025 07:11:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201216
IP address blocks: 192.36.107.0/24 maxlen: 24
192.36.108.0/24 maxlen: 24
192.36.235.0/24 maxlen: 24
192.36.252.0/24 maxlen: 24
192.71.39.0/24 maxlen: 24
192.71.183.0/24 maxlen: 24
192.71.226.0/24 maxlen: 24
192.121.57.0/24 maxlen: 24
192.121.59.0/24 maxlen: 24
192.121.90.0/24 maxlen: 24
192.121.248.0/24 maxlen: 24
192.176.45.0/24 maxlen: 24
192.176.228.0/24 maxlen: 24
193.181.192.0/24 maxlen: 24
193.181.193.0/24 maxlen: 24
193.183.145.0/24 maxlen: 24
193.183.146.0/24 maxlen: 24
193.234.98.0/24 maxlen: 24
193.235.1.0/24 maxlen: 24
193.235.3.0/24 maxlen: 24
193.235.32.0/24 maxlen: 24
194.14.35.0/24 maxlen: 24
194.14.39.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.68.161.0/24 maxlen: 24
194.71.92.0/24 maxlen: 24
194.71.111.0/24 maxlen: 24
194.71.242.0/24 maxlen: 24
194.103.52.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
194.132.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 07:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:5d:af:64:5f:d9:a4:3d:c3:6c:90:9f:72:4f:eb:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 27 07:11:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d52b27c6c17f820b38c1843a4f8e1ad28fde7df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:f7:ed:02:98:a4:58:5b:c6:9d:e2:90:ab:
e0:7e:68:21:e6:21:83:75:1c:20:9b:94:93:33:5b:
e2:d2:34:c7:e3:b8:3e:ad:86:34:94:9d:76:35:51:
36:5c:81:69:3a:63:5b:84:01:f2:d3:69:36:e2:b0:
da:1a:bb:95:15:6c:b9:52:45:c2:5b:76:84:9f:68:
27:35:4c:37:1c:56:d7:c2:03:99:eb:e5:7b:28:45:
3f:98:67:fa:a3:25:80:16:03:48:ad:cc:7f:31:f0:
dd:17:fe:18:9f:a9:75:48:10:b2:a4:47:22:5c:3f:
86:15:c6:40:fa:0e:3f:bc:a7:f1:93:f9:58:3e:15:
a4:7f:06:37:e4:ef:48:90:05:4a:8c:70:d5:6f:40:
63:41:13:af:1a:d7:81:e2:8f:81:ea:95:0d:a3:4d:
63:a8:e5:ed:24:d3:8f:81:2b:66:ec:bc:70:97:27:
62:f0:f3:61:07:6d:4c:8e:d1:6e:d2:7d:46:21:24:
c1:69:bb:28:26:9b:40:4a:d5:f4:0f:4b:b1:a2:9d:
d0:cb:7f:28:63:3d:70:44:34:1f:10:3d:d2:ad:59:
cb:88:9d:ef:7b:2f:a1:27:a0:ec:cf:f4:07:d9:e2:
fd:f2:be:09:c5:9d:bc:34:fb:80:9b:2f:cb:fc:e7:
60:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2B:27:C6:C1:7F:82:0B:38:C1:84:3A:4F:8E:1A:D2:8F:DE:7D:F9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1SsnxsF_ggs4wYQ6T44a0o_effk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.107.0-192.36.108.255
192.36.235.0/24
192.36.252.0/24
192.71.39.0/24
192.71.183.0/24
192.71.226.0/24
192.121.57.0/24
192.121.59.0/24
192.121.90.0/24
192.121.248.0/24
192.176.45.0/24
192.176.228.0/24
193.181.192.0/23
193.183.145.0-193.183.146.255
193.234.98.0/24
193.235.1.0/24
193.235.3.0/24
193.235.32.0/24
194.14.35.0/24
194.14.39.0/24
194.68.37.0-194.68.38.255
194.68.161.0/24
194.71.92.0/24
194.71.111.0/24
194.71.242.0/24
194.103.52.0/24
194.132.29.0/24
194.132.59.0/24
Signature Algorithm: sha256WithRSAEncryption
00:33:74:71:e4:b1:98:9e:f3:ed:6e:77:a1:e4:f5:5b:4b:83:
d5:c4:06:cb:2c:38:0a:38:d2:af:98:98:61:4a:9d:7a:bc:f0:
cc:1a:c5:a1:58:22:d9:d7:c6:e8:7e:f7:98:22:12:5e:60:77:
08:a5:47:bc:90:80:1b:3d:c9:fa:a0:8b:c4:4a:a9:74:48:be:
49:1b:ed:f6:78:bf:f7:04:17:c8:bc:a3:f9:70:e0:ee:1e:ef:
3e:37:15:e9:f2:99:54:32:a9:6c:96:09:a8:2f:49:10:b2:22:
fd:1a:ce:a1:fe:be:38:bd:4b:8a:5d:fc:d8:a6:10:ea:69:29:
c9:8d:ae:30:13:82:4e:c6:97:b6:3c:1e:b2:2e:26:f0:84:d3:
6c:52:0a:7e:67:c0:f8:94:ec:26:02:25:fe:00:6f:57:15:df:
76:6f:67:e3:a7:0b:38:d8:ae:56:be:e9:a4:71:8b:85:7d:e2:
59:c5:5d:09:bf:2d:83:4e:ad:fe:3c:11:90:09:0e:5d:3e:2c:
d8:51:8d:ed:83:71:d4:1f:cb:50:d2:23:77:a3:3e:71:a8:22:
5b:0a:e0:ff:e9:04:07:f2:5f:30:7b:25:08:19:fe:d7:38:48:
c4:24:28:65:e5:8a:7b:19:78:98:c6:e0:96:48:05:20:f5:86:
5e:f6:e7:da
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZjqXa9kX9mkPcNskJ9yT+sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwODI3MDcxMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJiMjdjNmMxN2Y4MjBiMzhjMTg0M2E0ZjhlMWFkMjhmZGU3ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0b37QKYpFhbxp3ikKvgfmgh5iGD
dRwgm5STM1vi0jTH47g+rYY0lJ12NVE2XIFpOmNbhAHy02k24rDaGruVFWy5UkXC
W3aEn2gnNUw3HFbXwgOZ6+V7KEU/mGf6oyWAFgNIrcx/MfDdF/4Yn6l1SBCypEci
XD+GFcZA+g4/vKfxk/lYPhWkfwY35O9IkAVKjHDVb0BjQROvGteB4o+B6pUNo01j
qOXtJNOPgStm7Lxwlydi8PNhB21MjtFu0n1GISTBabsoJptAStX0D0uxop3Qy38o
Yz1wRDQfED3SrVnLiJ3vey+hJ6Dsz/QH2eL98r4JxZ28NPuAmy/L/OdgrQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFNUrJ8bBf4ILOMGEOk+OGtKP3n35MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMVNzbnhzRl9nZ3M0d1lRNlQ0NGEwb19lZmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcAwDAME
AMAkawMEAMAkbAMEAMAk6wMEAMAk/AMEAMBHJwMEAMBHtwMEAMBH4gMEAMB5OQME
AMB5OwMEAMB5WgMEAMB5+AMEAMCwLQMEAMCw5AMEAcG1wDAMAwQAwbeRAwQAwbeS
AwQAwepiAwQAwesBAwQAwesDAwQAwesgAwQAwg4jAwQAwg4nMAwDBADCRCUDBADC
RCYDBADCRKEDBADCR1wDBADCR28DBADCR/IDBADCZzQDBADChB0DBADChDswDQYJ
KoZIhvcNAQELBQADggEBAAAzdHHksZie8+1ud6Hk9VtLg9XEBsssOAo40q+YmGFK
nXq88MwaxaFYItnXxuh+95giEl5gdwilR7yQgBs9yfqgi8RKqXRIvkkb7fZ4v/cE
F8i8o/lw4O4e7z43FenymVQyqWyWCagvSRCyIv0azqH+vji9S4pd/NimEOppKcmN
rjATgk7Gl7Y8HrIuJvCE02xSCn5nwPiU7CYCJf4Ab1cV33ZvZ+OnCzjYrla+6aRx
i4V94lnFXQm/LYNOrf48EZAJDl0+LNhRje2DcdQfy1DSI3ejPnGoIlsK4P/pBAfy
XzB7JQgZ/tc4SMQkKGXlinsZeJjG4JZIBSD1hl7259o=
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:10:13 2025 by rpki-client