Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/2dDLJD08E9QpNd4AzHqAGaj9Rdc.roa
File: 2dDLJD08E9QpNd4AzHqAGaj9Rdc.roa (raw, json)
Hash identifier: kvq8BEE4NygHaJH3QQ2Qsn2UgSTjHUPYk5ETZ2RJd3E=
Subject key identifier: D9:D0:CB:24:3D:3C:13:D4:29:35:DE:00:CC:7A:80:19:A8:FD:45:D7
Certificate issuer: /CN=94306f68aea4bae124fac85f2c9aa3f5ae850113
Certificate serial: 01984D655C4B1A13B2B57ECC28C059801A59
Authority key identifier: 94:30:6F:68:AE:A4:BA:E1:24:FA:C8:5F:2C:9A:A3:F5:AE:85:01:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDBvaK6kuuEk-shfLJqj9a6FARM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/2dDLJD08E9QpNd4AzHqAGaj9Rdc.roa
Signing time: Sun 27 Jul 2025 19:39:04 +0000
ROA not before: Sun 27 Jul 2025 19:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 78.136.255.0/24 maxlen: 24
194.76.192.0/24 maxlen: 24
194.76.218.0/24 maxlen: 24
194.76.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/lDBvaK6kuuEk-shfLJqj9a6FARM.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/lDBvaK6kuuEk-shfLJqj9a6FARM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lDBvaK6kuuEk-shfLJqj9a6FARM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:65:5c:4b:1a:13:b2:b5:7e:cc:28:c0:59:80:1a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94306f68aea4bae124fac85f2c9aa3f5ae850113
Validity
Not Before: Jul 27 19:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d0cb243d3c13d42935de00cc7a8019a8fd45d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:89:f5:72:27:96:32:d4:a7:18:c6:6e:5f:
68:7a:c2:e5:24:bc:bc:49:19:46:6d:f5:c7:95:01:
8e:26:81:0e:d4:42:9b:04:39:51:56:e7:c1:a4:72:
fb:24:e4:40:0e:0a:47:31:09:41:55:ab:9a:62:4c:
70:d7:93:a6:ea:10:d9:11:8c:0f:6b:7e:1b:db:b5:
85:cb:42:63:35:68:a7:f2:17:0b:af:5c:42:ae:62:
1c:f8:a2:1b:60:2a:52:dc:ec:9d:ee:4c:4b:69:4e:
cf:d9:ec:ab:92:04:64:7d:fb:1a:8a:d7:4c:a4:14:
af:19:30:c1:33:a5:e0:cb:be:e0:7d:e2:10:6d:4f:
be:cb:b5:a9:a3:60:6d:78:cd:a8:fa:83:f0:59:20:
ee:2f:7e:32:61:29:b4:1d:25:99:d6:e3:65:df:17:
33:26:b9:de:18:bf:04:3c:8f:2b:72:cc:83:ac:82:
bd:11:67:e4:03:48:3a:d9:76:79:ae:29:cd:c1:28:
6b:23:d6:02:f7:cf:bc:0a:64:c2:91:5c:ca:f5:e1:
84:1e:18:44:2e:c8:ec:cb:c5:c7:5e:85:52:2b:98:
e3:71:9a:68:e1:c5:59:ec:34:8f:64:c4:32:e6:ca:
96:d6:cf:3b:58:16:41:8b:59:a7:58:6b:28:74:c2:
9e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D0:CB:24:3D:3C:13:D4:29:35:DE:00:CC:7A:80:19:A8:FD:45:D7
X509v3 Authority Key Identifier:
keyid:94:30:6F:68:AE:A4:BA:E1:24:FA:C8:5F:2C:9A:A3:F5:AE:85:01:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDBvaK6kuuEk-shfLJqj9a6FARM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/2dDLJD08E9QpNd4AzHqAGaj9Rdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5fd88e-ffb6-4652-a990-3d8bc89b4427/1/lDBvaK6kuuEk-shfLJqj9a6FARM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.255.0/24
194.76.192.0/24
194.76.218.0/24
194.76.238.0/24
Signature Algorithm: sha256WithRSAEncryption
57:32:87:4f:1b:33:16:40:76:35:6b:05:8d:b7:4c:27:5f:81:
0b:08:43:d2:92:bf:54:a0:6b:bc:16:fe:8d:83:6b:06:46:0d:
2c:c8:b1:c8:95:a3:9d:51:e3:c3:c1:43:88:ca:eb:11:7a:83:
3a:33:be:1a:57:10:7c:18:69:2e:f1:8c:13:ec:e6:18:4a:eb:
69:7f:a2:72:c7:95:78:b3:49:7c:b3:52:45:1e:bd:b6:3b:4f:
f5:f6:4b:3c:59:38:63:e3:68:32:cf:9b:c3:d4:85:ad:92:19:
b6:7e:05:65:bc:10:bc:c0:cc:fc:20:a8:45:0a:c4:1d:f8:79:
c7:f5:fb:60:d4:9a:a8:1c:7b:2b:d9:b7:a9:b6:5c:eb:18:4b:
11:36:1e:e3:c3:b4:29:84:c4:f4:3c:50:bc:6b:c1:77:7f:e1:
bd:78:46:17:05:61:e6:61:64:e7:19:30:af:00:c7:90:ac:d2:
e5:4b:5a:42:53:59:a0:d7:a9:2e:89:45:57:53:b9:3f:ac:5f:
89:77:69:85:2e:4a:9a:5b:c5:a1:d9:3e:79:ff:77:80:cd:dc:
f6:0a:bb:b0:a7:92:8d:f7:cc:16:86:43:a6:31:dd:18:c2:5f:
42:88:5c:65:d5:83:68:09:78:d1:a6:a7:8c:78:7f:8d:94:ce:
d2:ea:1c:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhNZVxLGhOytX7MKMBZgBpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MzA2ZjY4YWVhNGJhZTEyNGZhYzg1ZjJjOWFhM2Y1YWU4
NTAxMTMwHhcNMjUwNzI3MTkzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQwY2IyNDNkM2MxM2Q0MjkzNWRlMDBjYzdhODAxOWE4ZmQ0NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnOJ9XInljLUpxjGbl9oesLlJLy8
SRlGbfXHlQGOJoEO1EKbBDlRVufBpHL7JORADgpHMQlBVauaYkxw15Om6hDZEYwP
a34b27WFy0JjNWin8hcLr1xCrmIc+KIbYCpS3Oyd7kxLaU7P2eyrkgRkffsaitdM
pBSvGTDBM6Xgy77gfeIQbU++y7Wpo2BteM2o+oPwWSDuL34yYSm0HSWZ1uNl3xcz
JrneGL8EPI8rcsyDrIK9EWfkA0g62XZ5rinNwShrI9YC98+8CmTCkVzK9eGEHhhE
Lsjsy8XHXoVSK5jjcZpo4cVZ7DSPZMQy5sqW1s87WBZBi1mnWGsodMKeYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNnQyyQ9PBPUKTXeAMx6gBmo/UXXMB8GA1UdIwQY
MBaAFJQwb2iupLrhJPrIXyyao/WuhQETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbERCdmFLNmt1dUVrLXNoZkxKcWo5YTZGQVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81ZmQ4OGUtZmZiNi00NjUyLWE5OTAt
M2Q4YmM4OWI0NDI3LzEvMmRETEpEMDhFOVFwTmQ0QXpIcUFHYWo5UmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81ZmQ4OGUtZmZiNi00NjUyLWE5OTAtM2Q4YmM4OWI0NDI3
LzEvbERCdmFLNmt1dUVrLXNoZkxKcWo5YTZGQVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAToj/AwQA
wkzAAwQAwkzaAwQAwkzuMA0GCSqGSIb3DQEBCwUAA4IBAQBXModPGzMWQHY1awWN
t0wnX4ELCEPSkr9UoGu8Fv6Ng2sGRg0syLHIlaOdUePDwUOIyusReoM6M74aVxB8
GGku8YwT7OYYSutpf6Jyx5V4s0l8s1JFHr22O0/19ks8WThj42gyz5vD1IWtkhm2
fgVlvBC8wMz8IKhFCsQd+HnH9ftg1JqoHHsr2beptlzrGEsRNh7jw7QphMT0PFC8
a8F3f+G9eEYXBWHmYWTnGTCvAMeQrNLlS1pCU1mg16kuiUVXU7k/rF+Jd2mFLkqa
W8Wh2T55/3eAzdz2Cruwp5KN98wWhkOmMd0Ywl9CiFxl1YNoCXjRpqeMeH+NlM7S
6hzw
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:06:07 2025 by rpki-client