Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/T5IqxO0s3d3X9Y1GttHlSthoJkA.roa
File: T5IqxO0s3d3X9Y1GttHlSthoJkA.roa (raw, json)
Hash identifier: jGjUBiUWn1NYJl7CNkq/qe+4X44OgJIbeG2hNg3nO48=
Subject key identifier: 4F:92:2A:C4:ED:2C:DD:DD:D7:F5:8D:46:B6:D1:E5:4A:D8:68:26:40
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019865EB7ED78B6B9949260C60E23A0C3F29
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/T5IqxO0s3d3X9Y1GttHlSthoJkA.roa
Signing time: Fri 01 Aug 2025 13:56:28 +0000
ROA not before: Fri 01 Aug 2025 13:56:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57276
IP address blocks: 37.157.32.0/22 maxlen: 22
37.157.36.0/22 maxlen: 22
82.163.112.0/22 maxlen: 22
82.163.116.0/22 maxlen: 22
82.163.124.0/23 maxlen: 23
82.163.126.0/23 maxlen: 23
185.53.224.0/23 maxlen: 23
185.53.226.0/23 maxlen: 23
195.250.16.0/24 maxlen: 24
195.250.17.0/24 maxlen: 24
195.250.18.0/24 maxlen: 24
195.250.19.0/24 maxlen: 24
2a01:a220::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 04:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:eb:7e:d7:8b:6b:99:49:26:0c:60:e2:3a:0c:3f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Aug 1 13:56:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f922ac4ed2cddddd7f58d46b6d1e54ad8682640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d3:bd:7f:78:09:c1:d3:f0:20:bf:5f:c1:72:
8c:6f:a9:1f:12:dc:e9:d5:01:d6:a5:61:e1:56:79:
53:7d:0c:d6:62:fe:cc:0e:51:dc:6c:67:cf:c3:53:
d3:03:97:b8:4d:6b:1e:6d:92:6f:57:b8:be:b5:eb:
d4:27:61:3b:92:ad:69:7c:2d:eb:5b:27:ac:b6:5c:
80:f5:4e:8f:3b:9c:fc:bc:a5:5d:b9:d1:3a:2b:02:
cc:5c:69:64:ba:6d:f0:19:bd:23:be:0a:8e:51:49:
d5:c4:fd:ec:51:ff:e8:95:b4:f0:9b:55:48:ec:28:
71:53:b2:33:9d:da:6e:ff:f7:1f:c4:ab:ec:1c:eb:
83:06:4a:25:a2:09:34:17:3f:05:12:95:7d:b9:43:
bc:7e:57:d1:64:a9:a3:12:e9:0c:d8:1c:87:1d:81:
9d:76:b3:75:59:5e:37:86:c8:2d:94:1f:a8:73:c6:
e4:c9:67:c2:25:d7:2b:20:83:48:5b:fe:85:18:54:
79:b3:b7:aa:bf:5f:fb:1c:fa:43:5d:f8:26:dc:26:
d2:8f:69:6a:21:f0:88:5b:d9:c1:0d:ee:17:18:14:
13:36:81:9b:e2:d8:0e:b8:ca:1b:7c:6a:2b:48:cf:
89:6b:b7:65:96:2a:ce:91:7d:88:e8:df:b0:6d:38:
30:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:92:2A:C4:ED:2C:DD:DD:D7:F5:8D:46:B6:D1:E5:4A:D8:68:26:40
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/T5IqxO0s3d3X9Y1GttHlSthoJkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.32.0/21
82.163.112.0/21
82.163.124.0/22
185.53.224.0/22
195.250.16.0/22
IPv6:
2a01:a220::/29
Signature Algorithm: sha256WithRSAEncryption
7d:7b:9f:e1:af:e1:c4:35:dd:bd:15:8e:7e:3e:30:38:a9:37:
69:cf:9b:86:ea:1c:93:a4:d6:f2:36:5e:8a:60:72:22:f5:eb:
5e:3a:11:25:60:d6:80:fe:35:3c:b8:8e:ca:71:bf:ba:09:f9:
71:ab:d5:93:f5:2f:a9:4d:0e:76:e6:0f:2e:02:67:aa:87:6b:
92:a8:d6:aa:e5:44:39:47:d8:2e:fd:53:7c:da:7c:0a:48:88:
25:d6:d0:72:36:ed:f7:ef:b1:56:44:f2:45:99:9c:33:a6:0c:
cd:3c:ea:86:02:7e:3a:84:d0:fe:f9:57:c4:b4:50:42:48:b9:
ff:06:7b:b8:a1:9f:f2:d3:09:0d:8e:32:d5:0d:d1:07:86:a3:
63:03:21:90:c9:3c:7b:a9:68:ac:b2:f8:90:e4:20:7e:88:3d:
27:85:f9:81:af:b4:55:3c:f4:77:9d:93:fa:53:25:2b:0b:2f:
de:b7:94:57:90:72:53:63:53:a0:38:ed:09:d0:64:fd:29:e9:
18:c9:95:0c:cd:97:e5:22:46:4f:85:c2:24:8c:c6:9c:38:b2:
cd:f4:ef:d8:6d:36:98:94:3c:ca:bf:87:1a:66:85:1f:99:35:
90:cb:53:f6:c7:b3:d6:d0:2c:01:f2:a1:55:6c:5c:ab:7d:cf:
c7:92:f9:5b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZhl637Xi2uZSSYMYOI6DD8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjUwODAxMTM1NjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkyMmFjNGVkMmNkZGRkZDdmNThkNDZiNmQxZTU0YWQ4NjgyNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtO9f3gJwdPwIL9fwXKMb6kfEtzp
1QHWpWHhVnlTfQzWYv7MDlHcbGfPw1PTA5e4TWsebZJvV7i+tevUJ2E7kq1pfC3r
WyestlyA9U6PO5z8vKVdudE6KwLMXGlkum3wGb0jvgqOUUnVxP3sUf/olbTwm1VI
7ChxU7Izndpu//cfxKvsHOuDBkologk0Fz8FEpV9uUO8flfRZKmjEukM2ByHHYGd
drN1WV43hsgtlB+oc8bkyWfCJdcrIINIW/6FGFR5s7eqv1/7HPpDXfgm3CbSj2lq
IfCIW9nBDe4XGBQTNoGb4tgOuMobfGorSM+Ja7dllirOkX2I6N+wbTgwMQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE+SKsTtLN3d1/WNRrbR5UrYaCZAMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvVDVJcXhPMHMzZDNYOVkxR3R0SGxTdGhvSmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJZ0gAwQD
UqNwAwQCUqN8AwQCuTXgAwQCw/oQMA0EAgACMAcDBQMqAaIgMA0GCSqGSIb3DQEB
CwUAA4IBAQB9e5/hr+HENd29FY5+PjA4qTdpz5uG6hyTpNbyNl6KYHIi9eteOhEl
YNaA/jU8uI7Kcb+6Cflxq9WT9S+pTQ525g8uAmeqh2uSqNaq5UQ5R9gu/VN82nwK
SIgl1tByNu3377FWRPJFmZwzpgzNPOqGAn46hND++VfEtFBCSLn/Bnu4oZ/y0wkN
jjLVDdEHhqNjAyGQyTx7qWissviQ5CB+iD0nhfmBr7RVPPR3nZP6UyUrCy/et5RX
kHJTY1OgOO0J0GT9KekYyZUMzZflIkZPhcIkjMacOLLN9O/YbTaYlDzKv4caZoUf
mTWQy1P2x7PW0CwB8qFVbFyrfc/Hkvlb
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:06:17 2025 by rpki-client