Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PgrI5bji_zwFyBCi5RYyHzPbacA.roa
File: PgrI5bji_zwFyBCi5RYyHzPbacA.roa (raw, json)
Hash identifier: d/pIIetAFcKmg7G7UtiuiDXJsY/AL/TAdDoGjhTKvgo=
Subject key identifier: 3E:0A:C8:E5:B8:E2:FF:3C:05:C8:10:A2:E5:16:32:1F:33:DB:69:C0
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01985AF567E9C20193D4396233B56375139C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PgrI5bji_zwFyBCi5RYyHzPbacA.roa
Signing time: Wed 30 Jul 2025 10:51:28 +0000
ROA not before: Wed 30 Jul 2025 10:51:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.26.0/24 maxlen: 24
152.53.27.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.41.0/24 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.58.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.74.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.97.0/24 maxlen: 24
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.164.0/22 maxlen: 22
152.53.168.0/22 maxlen: 22
152.53.176.0/22 maxlen: 22
152.53.180.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:f5:67:e9:c2:01:93:d4:39:62:33:b5:63:75:13:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jul 30 10:51:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e0ac8e5b8e2ff3c05c810a2e516321f33db69c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:fa:5e:7a:1e:a9:77:03:4b:4e:f0:6a:ab:
a5:72:27:b7:e2:da:f9:88:b0:cf:de:2a:e1:95:1a:
ee:c1:b3:1d:a3:55:8f:82:43:08:93:cc:bf:08:e7:
0f:4d:86:f4:c1:6f:36:3a:be:d2:12:6f:d4:52:73:
5e:d9:5f:09:5d:db:15:4f:47:42:c3:11:ab:b1:40:
19:23:05:ff:4e:d4:74:01:9f:8d:9f:46:18:98:b5:
ff:fe:11:b9:c1:5c:72:8c:c8:16:33:6a:6e:bb:ff:
a2:55:6c:df:bc:ea:dd:c0:fc:3b:0a:9d:0a:01:ab:
85:b2:b8:cc:95:ed:7a:f2:81:d0:ae:77:cb:10:6f:
34:9b:01:4f:ca:47:e2:27:b9:79:2a:d8:a5:30:75:
3f:f7:95:e6:94:ea:23:76:c5:eb:f2:85:a1:d0:fc:
4a:c5:d9:3b:57:35:d0:a8:16:59:19:59:a0:aa:c4:
45:83:f0:9a:d1:f3:9a:ff:63:c0:e9:c3:bf:30:70:
92:80:30:0e:05:8d:0b:d8:9c:8e:77:5b:23:b2:ea:
1c:0f:5b:a0:5e:b4:d5:3e:26:a1:88:57:4a:91:fb:
44:e2:c7:00:ec:bc:75:69:6b:45:1f:a4:2f:0d:fd:
78:6d:17:b2:31:e6:df:63:c5:ee:a0:c4:11:78:cc:
7e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0A:C8:E5:B8:E2:FF:3C:05:C8:10:A2:E5:16:32:1F:33:DB:69:C0
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PgrI5bji_zwFyBCi5RYyHzPbacA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:47:e3:07:36:15:a7:a3:e1:ed:3d:d0:78:76:f5:c6:d4:f7:
8a:71:51:12:cc:6e:27:93:58:5c:c3:15:b7:9f:55:b5:0a:c6:
45:12:3e:b3:cf:fb:05:ef:77:0d:8d:10:d9:37:8e:9f:d0:95:
ae:93:28:30:e8:ae:42:e3:f4:5a:7c:7a:3c:0a:db:e8:ae:b9:
d3:59:d9:17:ac:69:06:87:b7:ce:a2:8b:db:0f:16:2c:0f:7b:
ec:22:b1:d6:0f:81:37:9b:fc:8c:25:24:d2:8f:53:b0:16:73:
d6:dc:1d:5a:f0:d3:cb:11:35:ae:08:70:a3:c8:57:d0:f3:ca:
cf:b1:9f:37:ce:8a:59:6b:38:4d:d6:14:ec:0c:f1:b6:be:a3:
0e:cf:48:e3:0c:a2:4b:71:ba:5e:47:30:dd:f4:6a:17:49:d1:
54:e9:42:6f:0f:85:4f:8d:bf:e0:0a:60:1f:0c:9b:0d:0d:af:
b0:85:9f:26:07:fc:fc:bc:3f:c7:7b:98:ab:5a:8b:ac:c7:a8:
ab:2c:a3:8a:02:58:81:72:57:1d:d4:fc:a8:81:3f:a9:46:b6:
eb:39:aa:75:16:f7:90:5c:05:b3:d5:0f:b3:e3:01:1b:cc:08:
29:ab:cf:cf:0c:c2:2f:c2:77:17:a3:60:d7:56:bb:00:51:7c:
e6:28:1f:39
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZha9WfpwgGT1DliM7VjdROcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNzMwMTA1MTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBhYzhlNWI4ZTJmZjNjMDVjODEwYTJlNTE2MzIxZjMzZGI2OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusH6XnoeqXcDS07waqulcie34tr5
iLDP3irhlRruwbMdo1WPgkMIk8y/COcPTYb0wW82Or7SEm/UUnNe2V8JXdsVT0dC
wxGrsUAZIwX/TtR0AZ+Nn0YYmLX//hG5wVxyjMgWM2puu/+iVWzfvOrdwPw7Cp0K
AauFsrjMle168oHQrnfLEG80mwFPykfiJ7l5KtilMHU/95XmlOojdsXr8oWh0PxK
xdk7VzXQqBZZGVmgqsRFg/Ca0fOa/2PA6cO/MHCSgDAOBY0L2JyOd1sjsuocD1ug
XrTVPiahiFdKkftE4scA7Lx1aWtFH6QvDf14bReyMebfY8XuoMQReMx+bQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFD4KyOW44v88BcgQouUWMh8z22nAMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvUGdySTViamlfendGeUJDaTVSWXlIelBiYWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBADpH4wc2Faej4e090Hh29cbU94pxURLMbieTWFzDFbef
VbUKxkUSPrPP+wXvdw2NENk3jp/Qla6TKDDorkLj9Fp8ejwK2+iuudNZ2ResaQaH
t86ii9sPFiwPe+wisdYPgTeb/IwlJNKPU7AWc9bcHVrw08sRNa4IcKPIV9Dzys+x
nzfOillrOE3WFOwM8ba+ow7PSOMMoktxul5HMN30ahdJ0VTpQm8PhU+Nv+AKYB8M
mw0Nr7CFnyYH/Py8P8d7mKtai6zHqKsso4oCWIFyVx3U/KiBP6lGtus5qnUW95Bc
BbPVD7PjARvMCCmrz88Mwi/CdxejYNdWuwBRfOYoHzk=
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:51:02 2025 by rpki-client