Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/DCDhVbD3fsODPYm5sUm8pjAvYC4.roa
File: DCDhVbD3fsODPYm5sUm8pjAvYC4.roa (raw, json)
Hash identifier: 7lv1CrpPPfO+TV6Xk6IsNlr9S02akSFzspE/euO4HYY=
Subject key identifier: 0C:20:E1:55:B0:F7:7E:C3:83:3D:89:B9:B1:49:BC:A6:30:2F:60:2E
Certificate issuer: /CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Certificate serial: 019840EBFFF00932D188EF834D23AD57B9AA
Authority key identifier: DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/DCDhVbD3fsODPYm5sUm8pjAvYC4.roa
Signing time: Fri 25 Jul 2025 09:31:04 +0000
ROA not before: Fri 25 Jul 2025 09:31:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43019
IP address blocks: 77.75.88.0/24 maxlen: 24
77.75.89.0/24 maxlen: 24
77.75.90.0/24 maxlen: 24
77.75.91.0/24 maxlen: 24
77.75.92.0/24 maxlen: 24
77.75.92.32/27 maxlen: 27
77.75.93.0/24 maxlen: 24
77.75.94.0/24 maxlen: 24
77.75.95.0/24 maxlen: 24
77.75.95.64/26 maxlen: 26
77.75.95.128/27 maxlen: 27
185.206.200.0/24 maxlen: 24
185.206.201.0/24 maxlen: 24
185.206.201.144/28 maxlen: 28
185.206.201.212/30 maxlen: 30
185.206.202.0/24 maxlen: 24
185.206.203.0/24 maxlen: 24
2a0b:3f80::/29 maxlen: 29
2a0b:3f80::/32 maxlen: 32
2a0b:3f80:0:201::/64 maxlen: 64
2a0b:3f80:0:202::/64 maxlen: 64
2a0b:3f80:0:203::/64 maxlen: 64
2a0b:3f80:0:204::/64 maxlen: 64
2a0b:3f80:2::/126 maxlen: 126
2a0b:3f80:3::/126 maxlen: 126
2a0b:3f80:15::/48 maxlen: 48
2a0b:3f81::/32 maxlen: 32
2a0b:3f81::/48 maxlen: 48
2a0b:3f82::/32 maxlen: 32
2a0b:3f83::/32 maxlen: 32
2a0b:3f84::/32 maxlen: 32
2a0b:3f85::/32 maxlen: 32
2a0b:3f85:0:202::/64 maxlen: 64
2a0b:3f85:3::/126 maxlen: 126
2a0b:3f86::/32 maxlen: 32
2a0b:3f87::/32 maxlen: 32
2a0b:3f87:fc18::/48 maxlen: 48
2a0b:3f87:fc19::/48 maxlen: 48
2a0b:3f87:fc1a::/48 maxlen: 48
2a0b:3f87:fc1b::/48 maxlen: 48
2a0b:3f87:fc20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:eb:ff:f0:09:32:d1:88:ef:83:4d:23:ad:57:b9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Validity
Not Before: Jul 25 09:31:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c20e155b0f77ec3833d89b9b149bca6302f602e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:32:90:06:13:07:70:d8:91:ed:5f:df:6b:40:
25:15:35:15:b6:92:82:a7:e6:ef:19:84:f7:26:71:
2c:15:1f:fa:0e:8f:b1:77:c9:79:c8:88:78:73:af:
6c:da:96:77:9c:bb:77:8b:8d:30:14:4b:41:fd:02:
ce:08:90:f5:c6:26:2c:72:0f:58:41:e8:73:bc:b0:
9b:f3:5a:b8:6c:8e:71:11:60:b4:04:20:2f:df:ad:
6c:7c:09:e2:ae:b0:99:a2:28:1a:7c:a4:d4:69:ca:
46:a9:98:e8:61:eb:1b:25:80:3f:91:b3:1f:1e:74:
f7:c8:74:9e:c3:c3:4b:66:d0:67:0d:0f:27:08:54:
4c:44:73:34:fd:f6:49:c2:a6:56:bc:7d:54:0b:46:
7f:8b:e0:a0:9f:13:94:2a:3c:e2:18:da:42:d4:30:
30:ec:c3:ac:81:da:47:12:ce:b7:8f:1c:53:97:80:
68:43:01:7a:35:22:d3:0a:ea:06:81:85:67:e3:d1:
ad:44:df:4c:d3:aa:d1:ce:1d:52:93:f5:cb:d8:10:
94:14:3f:b3:0b:04:16:1a:47:9b:cb:67:9a:ec:9e:
9e:67:09:ce:ca:cb:2f:46:06:16:a2:ce:62:27:49:
3c:82:3e:0d:7f:dd:e9:30:95:57:68:8d:aa:bd:d5:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:20:E1:55:B0:F7:7E:C3:83:3D:89:B9:B1:49:BC:A6:30:2F:60:2E
X509v3 Authority Key Identifier:
keyid:DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/DCDhVbD3fsODPYm5sUm8pjAvYC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.88.0/21
185.206.200.0/22
IPv6:
2a0b:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:b0:84:4a:0b:07:d5:a0:16:7d:a3:3e:63:c2:f0:c4:c3:3e:
2e:40:f9:34:5c:2f:9a:47:e6:86:83:9f:df:db:7c:35:9d:fe:
d6:ba:52:39:4f:18:41:7c:e8:3f:83:a6:a8:7e:c5:cb:10:f3:
a2:ac:8d:8f:ae:c8:b5:81:2c:3b:3d:0d:e7:f3:c7:6d:27:28:
f9:17:cb:60:58:97:40:60:0e:3e:73:fb:6d:53:19:a4:cb:bb:
30:f3:54:43:e4:d8:bd:27:c0:8e:7f:35:ca:26:e9:48:59:9e:
b3:1e:16:06:7b:6f:36:f6:64:56:21:fc:9e:da:4b:98:15:e2:
ba:5f:d1:d5:4e:81:8e:61:83:fe:2e:2d:af:49:e5:d8:20:d6:
72:6f:8b:e0:b0:9e:5f:98:b4:85:a1:9c:eb:6f:be:0b:f3:ec:
80:60:81:71:40:36:a7:78:cd:fc:91:1c:53:84:fc:b7:64:d8:
03:21:c2:c8:37:7b:b6:6d:32:9b:df:c6:4e:3a:88:a9:02:34:
a3:35:bb:53:dc:05:00:b8:b2:d5:22:f7:6c:39:ed:e1:93:34:
40:47:1e:e5:14:39:1b:7a:35:31:bf:7e:8d:2d:72:a3:3c:85:
b6:e2:5c:4a:39:71:02:57:e5:bd:8a:cb:ef:f0:16:45:32:1b:
56:78:db:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZhA6//wCTLRiO+DTSOtV7mqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYTQ2YjFmY2Q5MmI0N2Y0ZjU1ZmFkMDM4Yzk1ODEzNDBh
OWQzNzAwHhcNMjUwNzI1MDkzMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzIwZTE1NWIwZjc3ZWMzODMzZDg5YjliMTQ5YmNhNjMwMmY2MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljKQBhMHcNiR7V/fa0AlFTUVtpKC
p+bvGYT3JnEsFR/6Do+xd8l5yIh4c69s2pZ3nLt3i40wFEtB/QLOCJD1xiYscg9Y
QehzvLCb81q4bI5xEWC0BCAv361sfAnirrCZoigafKTUacpGqZjoYesbJYA/kbMf
HnT3yHSew8NLZtBnDQ8nCFRMRHM0/fZJwqZWvH1UC0Z/i+CgnxOUKjziGNpC1DAw
7MOsgdpHEs63jxxTl4BoQwF6NSLTCuoGgYVn49GtRN9M06rRzh1Sk/XL2BCUFD+z
CwQWGkeby2ea7J6eZwnOyssvRgYWos5iJ0k8gj4Nf93pMJVXaI2qvdVz6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAwg4VWw937Dgz2JubFJvKYwL2AuMB8GA1UdIwQY
MBaAFNykax/NkrR/T1X60DjJWBNAqdNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmIt
YzZkMmI4ZDFmNTY2LzEvRENEaFZiRDNmc09EUFltNXNVbThwakF2WUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmItYzZkMmI4ZDFmNTY2
LzEvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTUtYAwQC
uc7IMA0EAgACMAcDBQMqCz+AMA0GCSqGSIb3DQEBCwUAA4IBAQBqsIRKCwfVoBZ9
oz5jwvDEwz4uQPk0XC+aR+aGg5/f23w1nf7WulI5TxhBfOg/g6aofsXLEPOirI2P
rsi1gSw7PQ3n88dtJyj5F8tgWJdAYA4+c/ttUxmky7sw81RD5Ni9J8COfzXKJulI
WZ6zHhYGe2829mRWIfye2kuYFeK6X9HVToGOYYP+Li2vSeXYINZyb4vgsJ5fmLSF
oZzrb74L8+yAYIFxQDaneM38kRxThPy3ZNgDIcLIN3u2bTKb38ZOOoipAjSjNbtT
3AUAuLLVIvdsOe3hkzRARx7lFDkbejUxv36NLXKjPIW24lxKOXECV+W9isvv8BZF
MhtWeNuf
-----END CERTIFICATE-----
Generated at Sun Aug 10 15:56:51 2025 by rpki-client