Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DYbOu8ah08gzpSqt-vAqQrEyB6A.roa
File: DYbOu8ah08gzpSqt-vAqQrEyB6A.roa (raw, json)
Hash identifier: 5+Tfn5B/z22zMmDFMyE0wRTH/m71VYIqsUSlgcosMtU=
Subject key identifier: 0D:86:CE:BB:C6:A1:D3:C8:33:A5:2A:AD:FA:F0:2A:42:B1:32:07:A0
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01986099F88D827658B9F770E6CB5992C24C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DYbOu8ah08gzpSqt-vAqQrEyB6A.roa
Signing time: Thu 31 Jul 2025 13:09:20 +0000
ROA not before: Thu 31 Jul 2025 13:09:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58087
IP address blocks: 5.253.247.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
45.11.229.0/24 maxlen: 24
45.13.225.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.90.98.0/23 maxlen: 23
45.131.64.0/24 maxlen: 24
45.133.74.0/24 maxlen: 24
109.71.252.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 07:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:60:99:f8:8d:82:76:58:b9:f7:70:e6:cb:59:92:c2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 31 13:09:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d86cebbc6a1d3c833a52aadfaf02a42b13207a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:c5:67:77:6c:8d:ca:9f:0c:f6:f7:0f:6e:
62:f8:f9:0e:31:49:6a:9f:ac:b2:23:e8:2f:e5:ae:
1e:f5:a0:c5:84:11:47:3a:c5:95:2b:cc:ca:aa:3e:
7c:0e:2a:f5:8c:df:cc:c9:1b:36:22:1a:a8:bc:31:
b8:45:4e:67:f2:c2:08:65:f7:69:97:67:96:a7:9b:
b8:69:e2:2c:5d:6a:68:b5:b5:66:94:f4:93:00:d2:
ba:7d:f8:15:24:32:79:7d:17:cb:2c:7c:ac:c8:20:
22:d4:86:ee:b8:af:a9:e5:a9:e9:7e:1d:5a:b0:c3:
26:da:73:05:33:cd:96:f3:28:2d:8e:f0:cd:8b:cd:
6b:10:ee:49:34:ab:4f:5e:0d:e9:16:28:63:7c:5a:
6f:4c:99:ea:0f:96:b5:21:e9:29:5a:95:b4:35:85:
8c:45:a9:ea:43:0c:53:a0:bc:43:c3:2e:39:cf:4b:
58:48:f5:58:f4:dd:29:4a:0e:24:c3:b9:d8:99:8b:
a3:6f:66:ce:10:5e:47:36:bd:90:a8:af:7b:7f:5b:
76:4c:4e:8e:1f:3c:e3:94:49:91:a0:c0:ae:74:66:
4d:51:73:1f:90:bf:6d:79:00:90:59:7a:53:46:b6:
ae:fe:89:d3:29:99:26:81:a5:b4:6b:e7:73:cf:57:
27:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:86:CE:BB:C6:A1:D3:C8:33:A5:2A:AD:FA:F0:2A:42:B1:32:07:A0
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/DYbOu8ah08gzpSqt-vAqQrEyB6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.247.0/24
37.221.93.0/24
45.11.229.0/24
45.13.225.0/24
45.86.155.0/24
45.90.98.0/23
45.131.64.0/24
45.133.74.0/24
109.71.252.0/24
194.15.36.0/24
Signature Algorithm: sha256WithRSAEncryption
10:64:c7:43:cd:91:13:b2:37:0f:48:11:f1:d5:e2:80:56:03:
01:71:a5:94:df:21:62:ed:93:9c:76:90:d4:d0:b1:f9:9a:8f:
26:a1:0d:12:ed:93:5b:fb:4c:78:77:b8:5e:b1:fd:65:0a:f2:
00:57:77:9e:68:ed:68:01:5d:6b:41:02:ee:0a:e9:1d:3f:7e:
d3:b1:51:e4:4f:b9:0c:fc:b1:1b:8e:78:ed:75:5b:30:ca:cd:
a5:7c:24:f7:27:62:0f:96:1e:79:bf:c3:a5:ce:2b:3a:12:d7:
3e:c9:e9:cf:9d:b6:2b:df:35:d4:7f:2f:d7:32:da:af:fc:4d:
52:c6:fc:ee:61:74:8e:1f:3d:3b:a2:9e:91:c9:5f:72:bd:b9:
15:b5:9e:3a:9e:20:dc:c8:d6:3a:a8:a4:a0:0a:3f:d8:f1:cc:
f9:42:0c:ff:3f:df:4f:7a:dd:76:3a:18:4e:cc:0e:87:9a:d1:
a6:b9:3f:a0:fd:df:4e:32:50:d5:72:68:5c:a0:61:55:a5:16:
1e:43:e4:82:df:6d:b2:b1:87:39:b9:da:d2:39:2c:81:6c:58:
e9:c7:e3:e5:05:1a:bc:46:e4:2e:f2:a1:98:c9:7a:e7:ef:1a:
a6:a3:90:22:58:2e:e1:d7:dd:7b:dc:81:0e:9c:0f:29:58:4d:
d8:57:ba:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZhgmfiNgnZYufdw5stZksJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNzMxMTMwOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg2Y2ViYmM2YTFkM2M4MzNhNTJhYWRmYWYwMmE0MmIxMzIwN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0XFZ3dsjcqfDPb3D25i+PkOMUlq
n6yyI+gv5a4e9aDFhBFHOsWVK8zKqj58Dir1jN/MyRs2IhqovDG4RU5n8sIIZfdp
l2eWp5u4aeIsXWpotbVmlPSTANK6ffgVJDJ5fRfLLHysyCAi1IbuuK+p5anpfh1a
sMMm2nMFM82W8ygtjvDNi81rEO5JNKtPXg3pFihjfFpvTJnqD5a1IekpWpW0NYWM
RanqQwxToLxDwy45z0tYSPVY9N0pSg4kw7nYmYujb2bOEF5HNr2QqK97f1t2TE6O
HzzjlEmRoMCudGZNUXMfkL9teQCQWXpTRrau/onTKZkmgaW0a+dzz1cneQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFA2GzrvGodPIM6UqrfrwKkKxMgegMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvRFliT3U4YWgwOGd6cFNxdC12QXFRckV5QjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABf33AwQA
Jd1dAwQALQvlAwQALQ3hAwQALVabAwQBLVpiAwQALYNAAwQALYVKAwQAbUf8AwQA
wg8kMA0GCSqGSIb3DQEBCwUAA4IBAQAQZMdDzZETsjcPSBHx1eKAVgMBcaWU3yFi
7ZOcdpDU0LH5mo8moQ0S7ZNb+0x4d7hesf1lCvIAV3eeaO1oAV1rQQLuCukdP37T
sVHkT7kM/LEbjnjtdVswys2lfCT3J2IPlh55v8Olzis6Etc+yenPnbYr3zXUfy/X
Mtqv/E1SxvzuYXSOHz07op6RyV9yvbkVtZ46niDcyNY6qKSgCj/Y8cz5Qgz/P99P
et12OhhOzA6HmtGmuT+g/d9OMlDVcmhcoGFVpRYeQ+SC322ysYc5udrSOSyBbFjp
x+PlBRq8RuQu8qGYyXrn7xqmo5AiWC7h19173IEOnA8pWE3YV7qe
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:50:56 2025 by rpki-client