Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d4Xr2zverR2clF2RZ6mTfjXf-88.roa
File: d4Xr2zverR2clF2RZ6mTfjXf-88.roa (raw, json)
Hash identifier: vNOsrs8vNmFYdvG+Sz8JpXH09Ms3Ty2H+B9nDdpELfg=
Subject key identifier: 77:85:EB:DB:3B:DE:AD:1D:9C:94:5D:91:67:A9:93:7E:35:DF:FB:CF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019716D87A45526D4EF37A69072FE774E9F9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d4Xr2zverR2clF2RZ6mTfjXf-88.roa
Signing time: Wed 28 May 2025 12:22:55 +0000
ROA not before: Wed 28 May 2025 12:22:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215138
IP address blocks: 192.121.255.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
194.14.6.0/24 maxlen: 24
194.14.7.0/24 maxlen: 24
194.68.238.0/24 maxlen: 24
194.71.174.0/24 maxlen: 24
194.71.175.0/24 maxlen: 24
194.71.176.0/24 maxlen: 24
194.71.177.0/24 maxlen: 24
194.71.178.0/24 maxlen: 24
194.71.179.0/24 maxlen: 24
2a01:280:310::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 04:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:d8:7a:45:52:6d:4e:f3:7a:69:07:2f:e7:74:e9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 28 12:22:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7785ebdb3bdead1d9c945d9167a9937e35dffbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8e:dd:03:f1:b9:74:8f:c2:f0:06:0c:8e:70:
90:0d:24:eb:8f:9c:ee:69:b5:51:dc:6b:6c:1a:a6:
5c:b3:e8:31:6c:d2:a9:87:b2:93:90:5b:aa:56:8e:
d7:ca:4a:54:40:79:23:29:48:54:d3:4b:3d:e8:66:
d5:cc:11:62:b6:0a:21:91:b6:9f:1c:19:7c:16:46:
b8:94:63:97:81:4b:1c:ae:14:2b:f7:11:4a:be:10:
2d:53:56:1c:33:a6:9b:7d:25:13:f5:b9:09:51:0b:
be:06:17:24:33:f2:2f:b0:0b:10:30:47:56:68:43:
70:3b:63:b9:12:df:11:9b:d5:ea:a0:58:4e:12:d2:
c6:d6:2a:4d:18:27:62:c7:ab:55:f6:5a:3a:f5:e0:
de:c0:1f:e3:0c:d0:aa:7d:14:ec:02:94:53:5e:bf:
82:c8:28:6c:c0:b3:87:a4:6e:50:13:db:af:07:7d:
a8:54:98:52:00:a9:86:78:f9:a4:c9:62:f0:ec:fa:
10:85:7b:bd:fa:5c:94:30:7e:a7:c3:08:83:ca:cf:
73:fc:ba:5e:a3:91:da:40:03:d0:06:19:01:e5:9a:
ed:48:8d:34:a8:c6:08:e3:16:e8:b4:19:18:b5:90:
26:ab:d2:8b:85:c9:c7:66:a3:49:3f:12:9d:a8:e2:
14:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:85:EB:DB:3B:DE:AD:1D:9C:94:5D:91:67:A9:93:7E:35:DF:FB:CF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d4Xr2zverR2clF2RZ6mTfjXf-88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.255.0/24
193.234.16.0/24
194.14.6.0/23
194.68.238.0/24
194.71.174.0-194.71.179.255
IPv6:
2a01:280:310::/48
Signature Algorithm: sha256WithRSAEncryption
76:cb:d2:4b:9e:cd:26:6a:77:91:88:60:6c:a1:8c:e5:ab:ae:
37:5b:e5:c2:78:14:21:e2:cd:d7:a8:c5:ea:16:27:07:e5:d4:
d7:e1:b3:45:80:c2:e5:62:c1:1a:8d:89:0a:ba:b5:cc:e6:75:
6a:09:9f:01:a8:dc:48:8d:27:7e:13:66:0a:24:d4:3b:8c:d0:
66:da:e2:7e:e7:dd:83:9e:a3:f1:5b:6f:64:62:1b:8b:c0:7a:
67:ac:68:7b:77:e4:0c:bb:cf:fe:a1:96:08:af:a5:d8:e4:5d:
eb:6d:06:fa:50:42:73:f6:a9:3b:b2:d3:4a:16:46:7e:a2:a2:
91:cc:6f:d5:34:c5:9e:6b:05:b5:8f:d9:90:51:b6:8e:c6:fb:
d6:72:b4:8b:50:89:43:12:9b:fc:ed:2b:37:a5:86:ac:4a:9f:
3f:95:1b:bc:1f:cb:35:d5:52:42:f6:69:06:34:27:08:9b:b8:
2e:90:e3:67:07:78:67:22:67:5f:c4:96:5d:0f:f9:6b:2d:26:
96:5f:f9:20:95:3a:11:a6:be:ba:ba:ad:00:05:d6:db:cd:3d:
69:3c:8b:de:d3:ce:37:65:06:94:d2:36:a4:eb:0c:53:5b:db:
29:4e:47:61:c1:4b:4d:1f:13:23:89:e3:4b:c5:e1:e0:93:33:
fe:95:bc:e4
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZcW2HpFUm1O83ppBy/ndOn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNTI4MTIyMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzg1ZWJkYjNiZGVhZDFkOWM5NDVkOTE2N2E5OTM3ZTM1ZGZmYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3I7dA/G5dI/C8AYMjnCQDSTrj5zu
abVR3GtsGqZcs+gxbNKph7KTkFuqVo7XykpUQHkjKUhU00s96GbVzBFitgohkbaf
HBl8Fka4lGOXgUscrhQr9xFKvhAtU1YcM6abfSUT9bkJUQu+BhckM/IvsAsQMEdW
aENwO2O5Et8Rm9XqoFhOEtLG1ipNGCdix6tV9lo69eDewB/jDNCqfRTsApRTXr+C
yChswLOHpG5QE9uvB32oVJhSAKmGePmkyWLw7PoQhXu9+lyUMH6nwwiDys9z/Lpe
o5HaQAPQBhkB5ZrtSI00qMYI4xbotBkYtZAmq9KLhcnHZqNJPxKdqOIU0QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFHeF69s73q0dnJRdkWepk3413/vPMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZDRYcjJ6dmVyUjJjbEYyUlo2bVRmalhmLTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQAwHn/AwQA
weoQAwQBwg4GAwQAwkTuMAwDBAHCR64DBALCR7AwDwQCAAIwCQMHACoBAoADEDAN
BgkqhkiG9w0BAQsFAAOCAQEAdsvSS57NJmp3kYhgbKGM5auuN1vlwngUIeLN16jF
6hYnB+XU1+GzRYDC5WLBGo2JCrq1zOZ1agmfAajcSI0nfhNmCiTUO4zQZtrifufd
g56j8VtvZGIbi8B6Z6xoe3fkDLvP/qGWCK+l2ORd620G+lBCc/apO7LTShZGfqKi
kcxv1TTFnmsFtY/ZkFG2jsb71nK0i1CJQxKb/O0rN6WGrEqfP5UbvB/LNdVSQvZp
BjQnCJu4LpDjZwd4ZyJnX8SWXQ/5ay0mll/5IJU6Eaa+urqtAAXW2809aTyL3tPO
N2UGlNI2pOsMU1vbKU5HYcFLTR8TI4njS8Xh4JMz/pW85A==
-----END CERTIFICATE-----
Generated at Wed Jun 4 12:10:53 2025 by rpki-client