Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/d9EHF0cDaJcn3746j8KfKL2Zqv4.roa
File: d9EHF0cDaJcn3746j8KfKL2Zqv4.roa (raw, json)
Hash identifier: pKGwqLxpRbKLmbEwO5SCI6mwZ/Q5ftoBq8dpQrgnuDA=
Subject key identifier: 77:D1:07:17:47:03:68:97:27:DF:BE:3A:8F:C2:9F:28:BD:99:AA:FE
Certificate issuer: /CN=e5a6794b91b81406412a137870bfde3b170de094
Certificate serial: 019727DE62C9FF143B09AD06798D3CA06EC8
Authority key identifier: E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/d9EHF0cDaJcn3746j8KfKL2Zqv4.roa
Signing time: Sat 31 May 2025 19:42:55 +0000
ROA not before: Sat 31 May 2025 19:42:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199335
IP address blocks: 80.94.192.0/20 maxlen: 20
85.12.112.0/21 maxlen: 21
85.92.160.0/22 maxlen: 22
85.92.164.0/22 maxlen: 22
85.92.168.0/22 maxlen: 22
85.92.172.0/22 maxlen: 22
85.92.176.0/22 maxlen: 22
85.92.180.0/22 maxlen: 22
85.92.184.0/22 maxlen: 22
85.92.188.0/22 maxlen: 22
176.126.224.0/21 maxlen: 21
185.5.64.0/22 maxlen: 22
185.41.228.0/22 maxlen: 22
185.99.21.0/24 maxlen: 24
185.113.60.0/22 maxlen: 22
188.241.40.0/21 maxlen: 21
2a02:77c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:27:de:62:c9:ff:14:3b:09:ad:06:79:8d:3c:a0:6e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a6794b91b81406412a137870bfde3b170de094
Validity
Not Before: May 31 19:42:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77d107174703689727dfbe3a8fc29f28bd99aafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:2e:d3:da:a0:5f:5c:a1:60:55:c3:6f:12:
34:ee:08:7e:6e:66:9b:21:41:c6:e9:94:59:97:43:
5c:54:b8:ae:e7:11:3d:d1:b1:6c:5c:7c:dd:c4:ef:
81:85:72:bc:d3:28:67:b5:7c:5d:d2:85:2d:15:81:
1b:61:7b:0b:d2:dd:64:f9:5f:50:67:30:89:12:54:
73:c7:57:80:01:cf:9e:a4:20:cb:50:46:f3:bc:a1:
4e:6f:5d:c9:05:d4:00:ef:3e:bb:e1:e6:a4:36:54:
62:d2:2b:0b:2a:9e:1e:2c:aa:dd:c5:4a:f2:64:c5:
b0:d6:49:10:3b:d2:38:d1:65:90:96:59:ba:77:54:
e9:8b:bb:d8:06:32:09:96:a9:25:a9:cf:da:4f:aa:
46:3c:2b:a5:db:4c:b2:c3:96:5a:9f:24:10:15:44:
c9:2e:bd:a1:f7:60:59:92:6e:b1:56:18:3c:b5:00:
51:9e:45:24:bb:e1:52:a9:60:88:67:b8:4b:66:0d:
5b:64:d6:33:7f:4d:4e:e4:23:12:a1:05:55:23:3b:
21:51:f5:89:87:06:80:e4:6a:72:18:75:ad:51:c5:
f6:a1:71:30:04:56:86:91:1e:fd:a1:0f:cb:c8:ee:
3b:30:78:65:74:8a:dc:7a:ac:ce:2d:b8:64:a7:00:
23:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D1:07:17:47:03:68:97:27:DF:BE:3A:8F:C2:9F:28:BD:99:AA:FE
X509v3 Authority Key Identifier:
keyid:E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/d9EHF0cDaJcn3746j8KfKL2Zqv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.192.0/20
85.12.112.0/21
85.92.160.0/19
176.126.224.0/21
185.5.64.0/22
185.41.228.0/22
185.99.21.0/24
185.113.60.0/22
188.241.40.0/21
IPv6:
2a02:77c0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:4f:c6:a9:bc:c9:c5:59:dd:cd:7b:02:eb:6d:cd:88:b6:a4:
91:09:e0:e2:d4:e2:ed:8c:b7:91:a8:29:09:98:92:b8:30:6a:
fd:12:e9:52:9f:8b:8e:00:05:32:50:6a:2a:24:2c:98:22:cf:
1c:c7:0b:69:65:1c:7e:cf:01:1b:87:90:63:39:01:e1:2a:3a:
d2:d1:99:c2:0f:a0:cf:54:a1:a2:b1:b0:e5:37:3b:b8:13:3a:
ea:77:62:d3:8e:4b:91:05:44:e3:44:ba:a7:d5:2c:12:0e:1a:
d6:23:c3:9f:be:c9:a5:f2:a2:dc:99:fb:99:64:8d:cb:a4:b3:
5e:08:0f:2c:74:02:ec:0b:38:03:bd:ab:4a:2f:a5:f8:66:c0:
bf:56:22:bb:f6:77:71:9f:ec:5d:23:0c:49:68:2c:ef:ad:1a:
4d:6d:39:ef:6a:df:1b:d5:42:1b:b0:c1:9c:7e:78:30:db:eb:
8b:2c:f2:27:bc:ed:87:2f:9d:d5:b5:4a:85:e9:d5:89:44:03:
46:3f:7b:92:74:e3:d5:07:82:af:69:73:9c:ae:3b:57:bb:bb:
bc:62:98:5b:9b:4f:70:ba:6f:92:91:63:47:92:96:9d:14:8e:
63:61:2f:2a:75:4f:9f:69:53:80:02:e0:31:2f:33:55:c8:dd:
ee:2d:79:e7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZcn3mLJ/xQ7Ca0GeY08oG7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTY3OTRiOTFiODE0MDY0MTJhMTM3ODcwYmZkZTNiMTcw
ZGUwOTQwHhcNMjUwNTMxMTk0MjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QxMDcxNzQ3MDM2ODk3MjdkZmJlM2E4ZmMyOWYyOGJkOTlhYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbIu09qgX1yhYFXDbxI07gh+bmab
IUHG6ZRZl0NcVLiu5xE90bFsXHzdxO+BhXK80yhntXxd0oUtFYEbYXsL0t1k+V9Q
ZzCJElRzx1eAAc+epCDLUEbzvKFOb13JBdQA7z674eakNlRi0isLKp4eLKrdxUry
ZMWw1kkQO9I40WWQllm6d1Tpi7vYBjIJlqklqc/aT6pGPCul20yyw5ZanyQQFUTJ
Lr2h92BZkm6xVhg8tQBRnkUku+FSqWCIZ7hLZg1bZNYzf01O5CMSoQVVIzshUfWJ
hwaA5GpyGHWtUcX2oXEwBFaGkR79oQ/LyO47MHhldIrceqzOLbhkpwAj/QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHfRBxdHA2iXJ9++Oo/Cnyi9mar+MB8GA1UdIwQY
MBaAFOWmeUuRuBQGQSoTeHC/3jsXDeCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjIt
NTg3MjEwOWI2N2E4LzEvZDlFSEYwY0RhSmNuMzc0Nmo4S2ZLTDJacXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjItNTg3MjEwOWI2N2E4
LzEvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEUF7AAwQD
VQxwAwQFVVygAwQDsH7gAwQCuQVAAwQCuSnkAwQAuWMVAwQCuXE8AwQDvPEoMA0E
AgACMAcDBQAqAnfAMA0GCSqGSIb3DQEBCwUAA4IBAQAKT8apvMnFWd3NewLrbc2I
tqSRCeDi1OLtjLeRqCkJmJK4MGr9EulSn4uOAAUyUGoqJCyYIs8cxwtpZRx+zwEb
h5BjOQHhKjrS0ZnCD6DPVKGisbDlNzu4Ezrqd2LTjkuRBUTjRLqn1SwSDhrWI8Of
vsml8qLcmfuZZI3LpLNeCA8sdALsCzgDvatKL6X4ZsC/ViK79ndxn+xdIwxJaCzv
rRpNbTnvat8b1UIbsMGcfngw2+uLLPInvO2HL53VtUqF6dWJRANGP3uSdOPVB4Kv
aXOcrjtXu7u8Yphbm09wum+SkWNHkpadFI5jYS8qdU+faVOAAuAxLzNVyN3uLXnn
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:18:53 2025 by rpki-client