Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/DD7MG415kr5pDZ5NERV8_6UIOOg.roa
File: DD7MG415kr5pDZ5NERV8_6UIOOg.roa (raw, json)
Hash identifier: u4w0GFe68e8W5/D1x1XDL/I/y5A0DFg3JZSWmOmPxVs=
Subject key identifier: 0C:3E:CC:1B:8D:79:92:BE:69:0D:9E:4D:11:15:7C:FF:A5:08:38:E8
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 019763B99D0E9A3008391A412275A65F68BC
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/DD7MG415kr5pDZ5NERV8_6UIOOg.roa
Signing time: Thu 12 Jun 2025 10:39:58 +0000
ROA not before: Thu 12 Jun 2025 10:39:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:b9:9d:0e:9a:30:08:39:1a:41:22:75:a6:5f:68:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jun 12 10:39:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c3ecc1b8d7992be690d9e4d11157cffa50838e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:c1:d9:10:aa:c2:25:cb:7c:9c:63:e8:07:
90:16:3b:9b:a3:bd:14:ce:49:e2:d6:5f:b0:dc:8c:
85:3b:6b:02:e2:00:4f:64:ee:b9:32:3b:fd:6c:ed:
d8:8a:93:4f:5d:45:70:89:51:5a:2e:e7:a7:84:96:
1e:fb:2d:92:97:50:35:91:02:df:e3:8e:bb:9d:3c:
df:48:4f:d0:c4:82:7a:f1:4c:3e:4a:ee:28:ea:5a:
34:64:31:bb:88:f6:f4:88:c8:a4:03:73:56:79:dd:
45:a4:f1:e5:49:7e:e1:ce:a9:05:bb:b5:38:f0:ec:
b2:7c:f7:f4:71:00:6c:a6:bd:2f:b0:c9:8e:59:95:
af:9e:5b:64:4d:5c:3a:bf:5c:86:04:bf:42:4a:a3:
23:84:c9:7f:88:3f:a3:25:c3:5e:08:e6:d8:d9:68:
8a:da:e2:c4:bb:56:8b:e7:97:e5:4f:52:6f:8e:e0:
0b:b5:2c:86:48:36:a7:fa:51:d1:c3:fc:51:87:18:
a3:c8:b8:8c:ea:3a:38:76:48:b9:1d:41:01:f7:d5:
7c:62:92:79:fc:96:58:ec:6d:0b:8f:c9:c0:ac:9c:
4e:ff:dc:15:c9:e3:26:56:59:fd:8f:8e:d2:76:e4:
a5:26:92:6f:8e:7b:30:b3:ec:af:90:a2:f9:69:b3:
15:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:CC:1B:8D:79:92:BE:69:0D:9E:4D:11:15:7C:FF:A5:08:38:E8
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/DD7MG415kr5pDZ5NERV8_6UIOOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.36.0/23
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
89.32.64.0/22
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:a4:ff:8e:f5:fd:d7:0d:c8:54:5b:e4:c6:d0:fe:c3:b8:df:
48:ba:ad:4c:c0:52:54:b0:3b:1c:58:bc:85:8a:0a:d1:12:db:
c4:71:6c:35:a3:2c:a0:7b:36:93:e2:21:4f:b1:1b:f9:93:86:
5f:18:ec:94:b9:20:d6:f0:c9:72:de:e8:0a:38:2c:f8:98:1e:
6d:9d:48:c6:9a:3c:1a:f7:41:56:85:9f:a4:d3:f3:bd:31:57:
7a:19:41:9f:3b:40:3b:93:e0:f3:90:1a:34:44:7f:dc:61:68:
54:11:e5:95:b3:cc:09:b8:9d:95:78:cd:3d:df:4c:ce:3a:2a:
1e:e4:65:1c:09:2f:c1:0c:0a:40:64:68:13:65:c0:b2:cd:3e:
93:f7:aa:ec:61:91:ae:5a:58:4e:ae:e0:aa:9a:ce:26:18:cb:
03:18:74:8b:d6:67:62:cb:de:ea:10:74:3e:71:bf:1c:d5:c6:
b8:eb:d6:ac:b1:f6:6a:17:16:25:5c:0e:c4:34:81:c4:15:80:
c4:36:91:9d:1e:33:ea:b4:ab:0c:57:1f:0a:1c:5e:22:2a:ed:
1f:71:a9:2c:27:2d:b9:2f:c0:db:90:3c:18:01:78:0a:58:0b:
3d:e3:e7:3d:24:ea:1d:b6:f9:37:ab:04:2c:77:a5:3f:61:f6:
17:fe:ac:41
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZdjuZ0OmjAIORpBInWmX2i8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwNjEyMTAzOTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlY2MxYjhkNzk5MmJlNjkwZDllNGQxMTE1N2NmZmE1MDgzOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho7B2RCqwiXLfJxj6AeQFjubo70U
zkni1l+w3IyFO2sC4gBPZO65Mjv9bO3YipNPXUVwiVFaLuenhJYe+y2Sl1A1kQLf
4467nTzfSE/QxIJ68Uw+Su4o6lo0ZDG7iPb0iMikA3NWed1FpPHlSX7hzqkFu7U4
8OyyfPf0cQBspr0vsMmOWZWvnltkTVw6v1yGBL9CSqMjhMl/iD+jJcNeCObY2WiK
2uLEu1aL55flT1JvjuALtSyGSDan+lHRw/xRhxijyLiM6jo4dki5HUEB99V8YpJ5
/JZY7G0Lj8nArJxO/9wVyeMmVln9j47SduSlJpJvjnsws+yvkKL5abMV5wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFAw+zBuNeZK+aQ2eTREVfP+lCDjoMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvREQ3TUc0MTVrcjVwRFo1TkVSVjhfNlVJT09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQBBT3Q
AwQBBbVgAwQBBbskAwQAH9abAwQAJfxiAwQBJfxkAwQALvv6AwQALv2LAwQCWSBA
AwQAnv/vAwQDoiHIAwQAuUKsAwQAuUKuAwQBuUsWAwQBuVbQAwQCuVjIAwQAucHx
AwQAuc55AwQAudRyAwQAueEIMA0GCSqGSIb3DQEBCwUAA4IBAQCepP+O9f3XDchU
W+TG0P7DuN9Iuq1MwFJUsDscWLyFigrREtvEcWw1oyygezaT4iFPsRv5k4ZfGOyU
uSDW8Mly3ugKOCz4mB5tnUjGmjwa90FWhZ+k0/O9MVd6GUGfO0A7k+DzkBo0RH/c
YWhUEeWVs8wJuJ2VeM0930zOOioe5GUcCS/BDApAZGgTZcCyzT6T96rsYZGuWlhO
ruCqms4mGMsDGHSL1mdiy97qEHQ+cb8c1ca469assfZqFxYlXA7ENIHEFYDENpGd
HjPqtKsMVx8KHF4iKu0fcaksJy25L8DbkDwYAXgKWAs94+c9JOodtvk3qwQsd6U/
YfYX/qxB
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:55:34 2025 by rpki-client