Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rDhRYLoMMdDTAcbPUVzQo-xuLTc.roa
File: rDhRYLoMMdDTAcbPUVzQo-xuLTc.roa (raw, json)
Hash identifier: er8NQ2qL2T7rKcpUvAnC977xSMC0/2xbuX4/EOtjEb0=
Subject key identifier: AC:38:51:60:BA:0C:31:D0:D3:01:C6:CF:51:5C:D0:A3:EC:6E:2D:37
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0198791D310F496CBB9B820C6D0CAEEC3461
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rDhRYLoMMdDTAcbPUVzQo-xuLTc.roa
Signing time: Tue 05 Aug 2025 07:23:32 +0000
ROA not before: Tue 05 Aug 2025 07:23:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206576
IP address blocks: 5.181.72.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
83.150.252.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 22:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:1d:31:0f:49:6c:bb:9b:82:0c:6d:0c:ae:ec:34:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Aug 5 07:23:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac385160ba0c31d0d301c6cf515cd0a3ec6e2d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9b:d1:f3:91:ef:3d:3b:02:0f:be:8e:3f:59:
7c:dc:d6:c4:f3:80:31:89:86:7d:1d:c9:62:e8:14:
af:68:c3:1d:e9:3e:07:4c:d3:25:a3:86:cd:ab:60:
fc:f7:a9:ec:7f:74:d7:53:47:5b:9c:03:d2:8e:2e:
6d:49:b8:39:0c:c4:93:a9:e7:d3:e9:95:a0:f2:1e:
44:5e:68:a6:bd:97:b8:af:64:60:50:db:e5:98:f5:
56:ee:5d:6c:7e:f3:f9:d6:3a:18:b9:44:ca:03:0c:
b7:45:05:94:95:8e:79:58:a1:a7:08:f6:69:d1:84:
a9:91:61:2f:ca:9a:45:f6:91:bd:4f:47:8d:64:77:
b1:5f:b7:24:83:b2:94:d2:7c:1b:89:81:b8:21:0b:
2d:c5:8d:47:6e:42:5d:44:3c:39:ec:b0:e9:50:6d:
bd:29:dd:95:06:19:ed:0c:8c:4d:0a:87:5c:26:6a:
de:3e:b2:be:99:5e:88:d6:1f:9a:16:00:e7:c0:59:
ef:9a:82:a4:92:e0:73:ce:39:d8:b2:c3:7a:a1:6d:
0a:7b:71:85:1c:88:c1:7b:9e:79:ca:f2:66:1d:25:
12:26:b4:21:b0:e9:b2:92:21:34:6a:25:c2:6c:26:
b3:23:0f:97:86:20:42:de:81:7a:b4:58:09:31:2e:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:38:51:60:BA:0C:31:D0:D3:01:C6:CF:51:5C:D0:A3:EC:6E:2D:37
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rDhRYLoMMdDTAcbPUVzQo-xuLTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.72.0/22
45.137.44.0/22
83.150.252.0/22
185.90.0.0/22
185.182.200.0/23
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:20:aa:46:c4:bd:78:28:7e:b4:1f:a2:47:8b:a1:20:4b:47:
0d:63:83:36:f5:ba:b5:07:e6:4e:5a:f0:e5:ed:e3:f5:75:b7:
f9:6f:cb:09:f1:df:58:10:a9:90:f3:b2:2e:fb:f0:79:57:bf:
dd:fe:cf:5f:4a:30:3d:a1:67:be:48:43:09:29:7c:fb:d5:ea:
70:ab:d3:dd:db:5f:b6:32:46:34:77:4b:63:aa:47:8e:76:fb:
16:70:45:db:bf:ee:06:e7:39:3d:d4:a7:66:2a:0a:be:8e:9c:
8d:dd:25:b7:1b:3c:cc:03:77:50:83:9d:0b:12:20:0a:b5:67:
27:88:f1:2d:a3:04:1c:26:ba:04:8e:6d:ef:82:f8:74:34:5c:
56:bb:f3:c8:bd:e9:53:40:2a:43:b6:75:bc:eb:43:5d:6b:34:
d9:14:cc:5b:fc:46:46:39:4c:23:84:7d:11:81:a9:0a:e6:8a:
3d:e0:28:3f:b6:2d:31:b7:d7:94:ea:f4:81:65:77:be:d3:93:
c5:18:78:be:9d:fa:f6:bb:0d:15:7c:00:ba:e0:91:9d:a6:05:
9f:62:90:3f:a5:71:04:9f:12:d2:8f:99:4a:f4:db:2d:13:90:
b4:da:8d:d0:12:0c:71:1e:55:61:3a:04:07:9e:02:da:ad:55:
b8:eb:4f:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZh5HTEPSWy7m4IMbQyu7DRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwODA1MDcyMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM4NTE2MGJhMGMzMWQwZDMwMWM2Y2Y1MTVjZDBhM2VjNmUyZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JvR85HvPTsCD76OP1l83NbE84Ax
iYZ9Hcli6BSvaMMd6T4HTNMlo4bNq2D896nsf3TXU0dbnAPSji5tSbg5DMSTqefT
6ZWg8h5EXmimvZe4r2RgUNvlmPVW7l1sfvP51joYuUTKAwy3RQWUlY55WKGnCPZp
0YSpkWEvyppF9pG9T0eNZHexX7ckg7KU0nwbiYG4IQstxY1HbkJdRDw57LDpUG29
Kd2VBhntDIxNCodcJmrePrK+mV6I1h+aFgDnwFnvmoKkkuBzzjnYssN6oW0Ke3GF
HIjBe555yvJmHSUSJrQhsOmykiE0aiXCbCazIw+XhiBC3oF6tFgJMS5kOQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKw4UWC6DDHQ0wHGz1Fc0KPsbi03MB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvckRoUllMb01NZERUQWNiUFVWelFvLXh1TFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBbVIAwQC
LYksAwQCU5b8AwQCuVoAAwQBubbIAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+MA0GCSqGSIb3DQEBCwUAA4IBAQC3IKpGxL14KH60H6JHi6EgS0cNY4M29bq1
B+ZOWvDl7eP1dbf5b8sJ8d9YEKmQ87Iu+/B5V7/d/s9fSjA9oWe+SEMJKXz71epw
q9Pd21+2MkY0d0tjqkeOdvsWcEXbv+4G5zk91KdmKgq+jpyN3SW3GzzMA3dQg50L
EiAKtWcniPEtowQcJroEjm3vgvh0NFxWu/PIvelTQCpDtnW860NdazTZFMxb/EZG
OUwjhH0RgakK5oo94Cg/ti0xt9eU6vSBZXe+05PFGHi+nfr2uw0VfAC64JGdpgWf
YpA/pXEEnxLSj5lK9NstE5C02o3QEgxxHlVhOgQHngLarVW460/8
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:23:39 2025 by rpki-client