Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pbWYxLxu6nb9siV2JKRaQqW9vV8.roa
File: pbWYxLxu6nb9siV2JKRaQqW9vV8.roa (raw, json)
Hash identifier: clyaLe9dP8G7XuR+If5VrD3fJ73oe8Y9EuYBlsB2mmo=
Subject key identifier: A5:B5:98:C4:BC:6E:EA:76:FD:B2:25:76:24:A4:5A:42:A5:BD:BD:5F
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01976911B76931A22875F605571092B6154D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pbWYxLxu6nb9siV2JKRaQqW9vV8.roa
Signing time: Fri 13 Jun 2025 11:34:18 +0000
ROA not before: Fri 13 Jun 2025 11:34:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.81.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.141.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:11:b7:69:31:a2:28:75:f6:05:57:10:92:b6:15:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jun 13 11:34:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5b598c4bc6eea76fdb2257624a45a42a5bdbd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:68:ea:1b:db:50:cb:e2:77:e6:9b:63:f2:
bb:fb:28:ba:4f:d9:84:4f:06:2e:da:d9:27:1e:9d:
d6:8e:da:13:77:79:71:2e:8e:a4:10:88:3b:77:eb:
5d:90:49:5d:50:c3:d4:58:81:d2:11:4c:d3:9d:4f:
f8:3f:c8:e4:19:d7:2a:2b:90:32:b4:07:b5:d7:d0:
ef:cc:72:8c:54:1b:7b:ed:d5:33:45:18:d0:a8:5a:
42:3f:c3:ba:34:d7:ea:27:30:f8:c5:dc:3d:b5:f2:
fc:a6:e1:50:a3:07:39:82:bc:99:c8:2c:33:3c:5e:
4a:37:74:26:0d:25:ba:2b:61:91:f1:82:64:54:1d:
3d:15:b3:81:67:51:43:ee:b4:fb:38:83:ff:56:de:
57:a3:c6:0b:f5:9a:1a:e2:1c:7a:7b:cf:ee:62:35:
95:1c:e9:bd:53:f4:30:a9:39:3a:15:8a:e7:5e:a8:
e3:b6:fb:68:e4:ae:e1:13:7f:48:44:f9:11:0b:19:
97:46:f1:1e:c4:44:e2:3b:da:27:aa:08:2c:69:b3:
80:d2:69:66:9f:64:2b:34:b2:d5:94:e1:5b:60:5f:
17:4a:8c:74:33:10:3b:cb:4a:1e:08:9c:5e:a1:40:
03:c0:cd:1b:71:78:3b:14:2a:1e:24:6a:43:4c:a2:
b9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B5:98:C4:BC:6E:EA:76:FD:B2:25:76:24:A4:5A:42:A5:BD:BD:5F
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/pbWYxLxu6nb9siV2JKRaQqW9vV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.78.0/24
78.135.81.0/24
78.135.88.0/24
188.132.141.0/24
188.132.152.0/24
188.132.163.0/24
188.132.188.0/23
188.132.191.0/24
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
ac:ec:bb:b8:3b:83:a1:45:21:de:ca:27:e5:70:f6:6e:68:7b:
35:a8:6f:6d:f5:fc:e5:a8:20:da:fa:00:63:95:6a:45:44:3b:
a8:6c:06:1e:a0:41:5d:cf:c2:e3:1d:b7:9b:fe:2a:10:b3:dd:
7c:93:41:a6:22:4b:b8:dd:83:a0:b5:44:f6:5b:a9:cb:8b:06:
3e:7c:36:24:ec:83:b9:0a:cc:ea:f1:55:ff:86:43:cc:0f:f1:
4f:a3:f4:4d:df:5b:84:82:66:cc:11:99:a0:de:08:63:e7:ab:
c8:ca:05:8d:c2:91:d5:0c:26:b9:f9:32:bd:40:9a:c6:1c:e4:
3b:8c:16:40:5f:14:33:45:97:29:be:b4:26:50:d1:97:08:93:
32:ca:5f:65:a1:4a:54:7f:09:14:27:0a:24:8e:28:bb:47:a9:
ab:99:fe:a6:1b:96:21:5b:2d:36:9a:6e:f6:f0:0e:71:74:ae:
5a:c5:21:87:52:05:c2:85:3c:11:96:5b:77:ea:9e:db:77:13:
aa:1e:af:b6:9f:63:cf:1f:d7:9f:33:1f:de:90:dd:41:f1:85:
cc:c9:fc:46:c8:3f:3f:d0:16:70:2c:ca:ff:e1:81:7d:fa:21:
38:6c:19:56:29:61:50:32:0e:ca:f9:66:10:6c:62:9a:c7:69:
39:00:d8:d5
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZdpEbdpMaIodfYFVxCSthVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNjEzMTEzNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI1OThjNGJjNmVlYTc2ZmRiMjI1NzYyNGE0NWE0MmE1YmRiZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3Zo6hvbUMvid+abY/K7+yi6T9mE
TwYu2tknHp3WjtoTd3lxLo6kEIg7d+tdkEldUMPUWIHSEUzTnU/4P8jkGdcqK5Ay
tAe119DvzHKMVBt77dUzRRjQqFpCP8O6NNfqJzD4xdw9tfL8puFQowc5gryZyCwz
PF5KN3QmDSW6K2GR8YJkVB09FbOBZ1FD7rT7OIP/Vt5Xo8YL9Zoa4hx6e8/uYjWV
HOm9U/QwqTk6FYrnXqjjtvto5K7hE39IRPkRCxmXRvEexETiO9onqggsabOA0mlm
n2QrNLLVlOFbYF8XSox0MxA7y0oeCJxeoUADwM0bcXg7FCoeJGpDTKK5EwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKW1mMS8bup2/bIldiSkWkKlvb1fMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvcGJXWXhMeHU2bmI5c2lWMkpLUmFRcVc5dlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQATodIAwQA
TodOAwQATodRAwQATodYAwQAvISNAwQAvISYAwQAvISjAwQBvIS8AwQAvIS/AwQA
vITlAwQAvITsAwQA1EQ3MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEB
AKzsu7g7g6FFId7KJ+Vw9m5oezWob231/OWoINr6AGOVakVEO6hsBh6gQV3PwuMd
t5v+KhCz3XyTQaYiS7jdg6C1RPZbqcuLBj58NiTsg7kKzOrxVf+GQ8wP8U+j9E3f
W4SCZswRmaDeCGPnq8jKBY3CkdUMJrn5Mr1AmsYc5DuMFkBfFDNFlym+tCZQ0ZcI
kzLKX2WhSlR/CRQnCiSOKLtHqauZ/qYbliFbLTaabvbwDnF0rlrFIYdSBcKFPBGW
W3fqntt3E6oer7afY88f158zH96Q3UHxhczJ/EbIPz/QFnAsyv/hgX36IThsGVYp
YVAyDsr5ZhBsYprHaTkA2NU=
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:57:38 2025 by rpki-client