Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/twXbw9V-mlVQToWNCJXr3_iluuQ.roa
File: twXbw9V-mlVQToWNCJXr3_iluuQ.roa (raw, json)
Hash identifier: Bi2jEoYlsmKWeWWHEHMyUVPPeY0Z/PyYpTDcRdEeS4M=
Subject key identifier: B7:05:DB:C3:D5:7E:9A:55:50:4E:85:8D:08:95:EB:DF:F8:A5:BA:E4
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01987459A734313C0B2D717A9D081A4CF1B5
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/twXbw9V-mlVQToWNCJXr3_iluuQ.roa
Signing time: Mon 04 Aug 2025 09:11:29 +0000
ROA not before: Mon 04 Aug 2025 09:11:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:59:a7:34:31:3c:0b:2d:71:7a:9d:08:1a:4c:f1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Aug 4 09:11:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b705dbc3d57e9a55504e858d0895ebdff8a5bae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:83:ff:b8:3f:ca:1f:6c:2a:7a:bb:5b:d6:24:
2d:00:f3:00:89:f9:f7:e3:02:e8:2f:f8:3d:9d:db:
8b:b6:2d:29:3a:dc:bc:e4:f6:0d:84:90:9d:6e:c2:
c8:93:2a:a6:77:2a:92:b7:65:6b:59:a6:e5:36:07:
24:31:e8:71:85:6b:58:0f:7e:eb:18:a3:c4:cc:e9:
bc:4c:cb:0e:10:63:b8:bf:16:ed:57:d2:73:df:ee:
68:03:e5:43:04:9e:1a:0f:c9:8a:e3:f3:9c:ea:e6:
03:93:b4:cf:16:6c:2c:c7:f2:84:25:dd:81:40:c7:
c4:e7:df:ef:6a:2d:67:bc:28:86:51:74:3e:dd:13:
42:cd:43:57:90:a8:f0:4d:c0:71:83:89:c1:f2:ef:
46:ee:ea:66:de:f4:6c:43:27:4e:8d:d9:00:72:d6:
71:c6:0f:aa:91:d0:b0:99:d7:f2:b6:14:fa:72:b2:
33:d9:f7:6b:99:ea:32:5d:f0:7e:47:a8:d4:44:f7:
15:05:e1:83:cf:38:1b:45:cc:38:20:bd:47:4a:de:
cb:82:a9:27:88:af:22:06:87:00:44:4e:dd:89:e7:
e5:5e:9c:d1:47:26:d9:dd:97:de:5f:59:01:08:85:
05:f4:6c:16:d6:8c:ca:b9:5c:32:14:a8:5c:c3:75:
c0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:05:DB:C3:D5:7E:9A:55:50:4E:85:8D:08:95:EB:DF:F8:A5:BA:E4
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/twXbw9V-mlVQToWNCJXr3_iluuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.137.0/24
94.74.156.0/24
94.74.158.0/23
94.74.171.0/24
109.203.163.0/24
176.46.136.0/24
176.46.138.0/23
176.46.142.0/24
176.46.144.0/24
176.46.150.0/24
176.46.155.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:73:d6:40:36:60:a4:7e:f6:44:96:f1:ff:97:3b:df:a3:ba:
86:ca:48:df:ce:f4:60:83:81:21:1a:98:bf:34:1a:d6:cd:12:
3c:45:e9:71:2a:9d:e3:34:bf:8b:93:5e:4b:78:5a:45:d3:14:
0f:78:38:82:3a:1f:6c:bf:63:43:c2:00:00:29:3e:0c:86:47:
aa:c2:e6:03:af:dd:a6:3f:81:27:f3:70:b8:39:3c:cd:7c:81:
81:ce:7f:86:e6:51:3b:b1:c8:da:f3:9e:ed:6e:c7:f8:0d:2c:
66:63:fe:69:40:7d:65:3c:45:62:8c:90:b3:2c:61:d5:62:57:
5e:c2:f9:3d:d2:d3:ea:a7:c9:53:b0:f4:6e:03:d9:d4:c6:d4:
71:9c:d4:2a:73:50:c2:a8:dd:38:0f:02:ce:89:3b:eb:07:df:
2d:5e:4f:69:1a:a4:99:ae:e8:d9:fa:f6:90:c9:37:9e:24:81:
4a:64:f4:99:6f:c0:6d:9f:b5:8d:14:17:d6:02:bf:1e:69:3e:
9a:fc:2f:e3:f2:23:cb:86:2d:a4:80:7d:c6:6a:e4:69:f3:13:
d5:dc:08:1a:60:17:b8:8b:0a:14:89:a5:6e:a0:e8:98:c3:5e:
43:39:e3:fe:8e:c3:90:e2:ea:68:2a:34:74:28:c7:df:e1:4e:
6a:a1:8e:72
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZh0Wac0MTwLLXF6nQgaTPG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwODA0MDkxMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA1ZGJjM2Q1N2U5YTU1NTA0ZTg1OGQwODk1ZWJkZmY4YTViYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIP/uD/KH2wqertb1iQtAPMAifn3
4wLoL/g9nduLti0pOty85PYNhJCdbsLIkyqmdyqSt2VrWablNgckMehxhWtYD37r
GKPEzOm8TMsOEGO4vxbtV9Jz3+5oA+VDBJ4aD8mK4/Oc6uYDk7TPFmwsx/KEJd2B
QMfE59/vai1nvCiGUXQ+3RNCzUNXkKjwTcBxg4nB8u9G7upm3vRsQydOjdkActZx
xg+qkdCwmdfythT6crIz2fdrmeoyXfB+R6jURPcVBeGDzzgbRcw4IL1HSt7Lgqkn
iK8iBocARE7dieflXpzRRybZ3ZfeX1kBCIUF9GwW1ozKuVwyFKhcw3XA4wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLcF28PVfppVUE6FjQiV69/4pbrkMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdHdYYnc5Vi1tbFZRVG9XTkNKWHIzX2lsdXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXkqJAwQA
XkqcAwQBXkqeAwQAXkqrAwQAbcujAwQAsC6IAwQBsC6KAwQAsC6OAwQAsC6QAwQA
sC6WAwQAsC6bMA0GCSqGSIb3DQEBCwUAA4IBAQBLc9ZANmCkfvZElvH/lzvfo7qG
ykjfzvRgg4EhGpi/NBrWzRI8RelxKp3jNL+Lk15LeFpF0xQPeDiCOh9sv2NDwgAA
KT4MhkeqwuYDr92mP4En83C4OTzNfIGBzn+G5lE7scja857tbsf4DSxmY/5pQH1l
PEVijJCzLGHVYldewvk90tPqp8lTsPRuA9nUxtRxnNQqc1DCqN04DwLOiTvrB98t
Xk9pGqSZrujZ+vaQyTeeJIFKZPSZb8Btn7WNFBfWAr8eaT6a/C/j8iPLhi2kgH3G
auRp8xPV3AgaYBe4iwoUiaVuoOiYw15DOeP+jsOQ4upoKjR0KMff4U5qoY5y
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:07:58 2025 by rpki-client