Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DPwZz44a0SIlqFLCKW0htkdMPoY.roa
File: DPwZz44a0SIlqFLCKW0htkdMPoY.roa (raw, json)
Hash identifier: d9tgMhBVAbT22h5OLZMfkC+rJIvzIpXwzoTGPpF0N0Q=
Subject key identifier: 0C:FC:19:CF:8E:1A:D1:22:25:A8:52:C2:29:6D:21:B6:47:4C:3E:86
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01975EB0DAA4D1B3988C1BB53CD510476DE1
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DPwZz44a0SIlqFLCKW0htkdMPoY.roa
Signing time: Wed 11 Jun 2025 11:12:17 +0000
ROA not before: Wed 11 Jun 2025 11:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60461
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.39.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
2a00:ccc5::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:b0:da:a4:d1:b3:98:8c:1b:b5:3c:d5:10:47:6d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jun 11 11:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cfc19cf8e1ad12225a852c2296d21b6474c3e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:c5:58:70:c8:4d:24:46:08:6b:9d:0b:4a:
46:f1:9a:38:08:c9:b8:26:cb:ee:20:85:ce:62:e4:
df:ac:46:27:89:aa:81:2c:cf:86:6b:a1:70:d9:ff:
fc:f3:ea:da:67:23:07:b2:b6:80:7f:fd:da:44:63:
49:a1:49:33:35:d7:f6:ef:d6:31:48:66:6c:ea:16:
6b:5b:62:2f:04:1b:4e:63:69:26:82:4f:96:4c:fb:
e8:0b:50:9b:c8:3b:14:00:e6:c4:b6:de:62:fc:75:
96:57:95:10:b0:4f:2b:fa:83:2b:dd:4a:d0:8a:85:
5d:17:40:e6:14:d5:aa:92:03:a3:1f:7c:7d:74:2e:
52:47:a7:f9:36:60:2d:b3:21:ea:28:1d:99:8e:70:
f4:1e:9c:40:ec:1f:60:d1:a8:6c:6f:2f:94:27:39:
c7:e8:ca:1a:67:77:eb:31:e0:ef:4c:b0:70:9d:85:
aa:4f:66:85:33:4f:eb:aa:17:7f:ae:6c:60:aa:9c:
62:6c:cf:37:6e:a9:39:6d:1f:75:e9:73:82:c5:32:
ec:b0:7a:51:49:56:00:68:5f:d0:f7:38:d6:ff:87:
5a:ee:f5:60:c2:a8:ac:0c:3d:5c:4e:56:1f:8a:7d:
08:ce:b9:79:f8:aa:82:ff:dd:ea:06:e6:ce:2c:d5:
dc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:FC:19:CF:8E:1A:D1:22:25:A8:52:C2:29:6D:21:B6:47:4C:3E:86
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DPwZz44a0SIlqFLCKW0htkdMPoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
185.14.92.0/23
IPv6:
2a00:ccc3::/32
2a00:ccc5::/32
Signature Algorithm: sha256WithRSAEncryption
63:13:ce:73:73:61:bf:f2:92:02:e7:11:7e:fb:a4:35:91:64:
41:7e:d8:26:32:6e:fb:21:72:d9:58:0c:1b:06:5b:f3:b0:80:
49:37:88:e9:6c:a3:e5:17:0d:c1:b2:f6:e9:8d:b9:68:90:38:
0d:94:ac:73:ac:e3:db:cb:c8:e6:ee:54:10:29:20:86:3b:74:
36:5a:44:31:5a:54:8b:d2:a1:8f:47:bc:ee:fc:23:9f:97:40:
f7:ae:e8:ff:7a:4b:30:5f:44:1d:5e:3a:20:89:c3:5c:56:59:
80:57:79:19:8b:e5:c8:1c:58:40:1f:7e:c0:e5:44:81:ea:4b:
80:df:55:4d:b3:fb:85:c5:0e:5a:30:e3:28:50:03:2f:4f:92:
e5:b3:03:6f:71:c9:e1:02:ef:f5:2f:6f:8e:88:0e:8a:fb:b2:
ef:e2:4b:d5:2b:4d:d9:d7:03:b1:fe:5d:57:c3:cb:da:15:b1:
e4:7d:3d:2f:ae:7a:e7:57:59:5d:98:e8:a5:01:f9:e5:22:6c:
8e:3b:ba:1a:35:4e:f4:cd:69:46:f3:51:25:3f:42:1c:03:a4:
b3:1a:a8:2d:ed:7c:d7:90:6f:95:19:5d:2f:b9:75:d1:f3:7c:
1f:5a:2d:5f:c3:6e:3c:68:0a:24:93:b6:09:43:2b:75:71:2d:
26:36:cb:28
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZdesNqk0bOYjBu1PNUQR23hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwNjExMTExMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ZjMTljZjhlMWFkMTIyMjVhODUyYzIyOTZkMjFiNjQ3NGMzZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFXFWHDITSRGCGudC0pG8Zo4CMm4
JsvuIIXOYuTfrEYniaqBLM+Ga6Fw2f/88+raZyMHsraAf/3aRGNJoUkzNdf279Yx
SGZs6hZrW2IvBBtOY2kmgk+WTPvoC1CbyDsUAObEtt5i/HWWV5UQsE8r+oMr3UrQ
ioVdF0DmFNWqkgOjH3x9dC5SR6f5NmAtsyHqKB2ZjnD0HpxA7B9g0ahsby+UJznH
6MoaZ3frMeDvTLBwnYWqT2aFM0/rqhd/rmxgqpxibM83bqk5bR916XOCxTLssHpR
SVYAaF/Q9zjW/4da7vVgwqisDD1cTlYfin0Izrl5+KqC/93qBubOLNXcUwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAz8Gc+OGtEiJahSwiltIbZHTD6GMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvRFB3Wno0NGEwU0lscUZMQ0tXMGh0a2RNUG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFJXIgAwQB
K/ugAwQAXpoyAwQAXpo3AwQCsGQkAwQBuQ5cMBQEAgACMA4DBQAqAMzDAwUAKgDM
xTANBgkqhkiG9w0BAQsFAAOCAQEAYxPOc3Nhv/KSAucRfvukNZFkQX7YJjJu+yFy
2VgMGwZb87CASTeI6Wyj5RcNwbL26Y25aJA4DZSsc6zj28vI5u5UECkghjt0NlpE
MVpUi9Khj0e87vwjn5dA967o/3pLMF9EHV46IInDXFZZgFd5GYvlyBxYQB9+wOVE
gepLgN9VTbP7hcUOWjDjKFADL0+S5bMDb3HJ4QLv9S9vjogOivuy7+JL1StN2dcD
sf5dV8PL2hWx5H09L65651dZXZjopQH55SJsjju6GjVO9M1pRvNRJT9CHAOksxqo
Le1815BvlRldL7l10fN8H1otX8NuPGgKJJO2CUMrdXEtJjbLKA==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:54:05 2025 by rpki-client