Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/9Q1xAgRNiLot3-j54o5iFnxnl4s.roa
File: 9Q1xAgRNiLot3-j54o5iFnxnl4s.roa (raw, json)
Hash identifier: AzmmRL1ZS8f2sEp5vFxgu0dw+ympnZshyg3/a0ND1H8=
Subject key identifier: F5:0D:71:02:04:4D:88:BA:2D:DF:E8:F9:E2:8E:62:16:7C:67:97:8B
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 0197549CE549FFB8018FE059595B084AC7F4
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/9Q1xAgRNiLot3-j54o5iFnxnl4s.roa
Signing time: Mon 09 Jun 2025 12:14:17 +0000
ROA not before: Mon 09 Jun 2025 12:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8860
IP address blocks: 77.78.145.0/24 maxlen: 24
77.78.150.0/24 maxlen: 24
79.98.104.0/21 maxlen: 24
185.52.204.0/22 maxlen: 24
185.55.228.0/22 maxlen: 24
185.199.37.0/24 maxlen: 24
185.199.38.0/24 maxlen: 24
185.228.24.0/22 maxlen: 24
185.239.124.0/24 maxlen: 24
185.239.126.0/24 maxlen: 24
185.239.127.0/24 maxlen: 24
194.145.63.0/24 maxlen: 24
195.189.80.0/22 maxlen: 24
2a01:b6a0::/32 maxlen: 32
2a02:80e0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:9c:e5:49:ff:b8:01:8f:e0:59:59:5b:08:4a:c7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Jun 9 12:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f50d7102044d88ba2ddfe8f9e28e62167c67978b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:6d:99:99:57:19:61:28:34:f5:f2:07:a1:
d7:57:98:5d:d4:b8:85:2c:7c:f8:f9:b1:fd:ea:d0:
0d:a7:25:63:1c:14:0f:56:0b:b2:33:88:0d:d3:67:
78:24:2f:c7:e6:49:de:21:d2:68:db:26:23:e4:b7:
57:3b:f1:05:80:67:d7:5b:c7:f4:85:a8:55:65:84:
ba:6a:3c:bd:d7:c9:5f:25:01:6e:f1:4d:ad:85:14:
bb:a5:e5:e8:c4:12:db:0c:21:b5:77:d3:db:35:86:
92:59:97:d7:fb:db:9c:1f:0e:c4:2e:b3:70:11:89:
3c:37:40:61:42:85:8f:24:7f:d0:11:64:a4:2f:d8:
10:af:a4:87:29:1a:ef:00:de:43:ba:49:1e:ab:f8:
2e:18:2c:83:dd:91:d6:4b:18:b4:86:7e:27:a2:3a:
3d:72:7c:d6:30:36:f5:de:19:38:d2:e3:a7:88:7b:
2e:28:22:2a:bd:7a:2c:54:75:c6:f4:f2:10:e3:46:
cd:a8:b6:04:e9:5d:34:5c:11:71:68:09:07:53:23:
fd:3a:37:65:67:05:e9:ea:96:79:06:19:bf:bf:f5:
e3:23:3e:71:d9:c2:5e:fc:a8:6b:27:00:89:e8:07:
ab:27:cb:bb:b1:43:a0:d0:ec:51:6a:ce:40:51:5d:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0D:71:02:04:4D:88:BA:2D:DF:E8:F9:E2:8E:62:16:7C:67:97:8B
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/9Q1xAgRNiLot3-j54o5iFnxnl4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.145.0/24
77.78.150.0/24
79.98.104.0/21
185.52.204.0/22
185.55.228.0/22
185.199.37.0-185.199.38.255
185.228.24.0/22
185.239.124.0/24
185.239.126.0/23
194.145.63.0/24
195.189.80.0/22
IPv6:
2a01:b6a0::/32
2a02:80e0::/30
Signature Algorithm: sha256WithRSAEncryption
45:92:d3:b6:2d:98:30:7c:c1:c9:ed:ed:e3:f7:3b:23:5e:b8:
75:0d:4d:bc:77:a6:26:84:6c:22:73:8d:c8:6e:47:af:75:b4:
b5:b0:9c:86:99:82:d2:0b:51:a7:0d:a9:d6:4d:d1:0f:74:c8:
7f:58:77:9a:8f:a1:77:e6:6c:44:18:0d:6f:3c:2d:e5:aa:03:
cf:6d:8a:34:91:80:2c:8f:53:f7:e6:a5:e2:f3:49:f0:7b:a7:
1b:2a:c0:29:ea:aa:4e:d7:09:a1:7b:82:dd:b2:94:42:3a:2c:
39:d8:b3:35:0d:cb:6d:f2:d4:36:c4:2b:96:a7:58:9e:5c:7e:
ef:a7:6c:a0:da:92:41:bb:b5:49:da:8a:76:2a:cf:a7:fe:64:
a4:3c:b3:03:1c:35:e8:1c:e6:c3:b7:6e:04:8e:d0:10:ed:4a:
8d:69:e5:aa:f2:d0:db:72:40:48:c9:8a:42:1c:24:0d:30:6c:
43:9c:77:71:5a:d2:2b:16:d3:96:8d:87:f5:3a:52:bf:f5:33:
82:30:54:4b:d4:23:45:b4:55:5a:2d:03:dd:ae:07:7f:54:38:
da:7c:aa:2e:e3:e2:12:d8:07:48:11:a1:32:0e:be:2c:5b:ad:
bf:3b:59:e3:a2:46:f9:79:33:5d:1f:0a:29:c8:ab:d5:0d:0f:
9a:1e:8a:6c
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZdUnOVJ/7gBj+BZWVsISsf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjUwNjA5MTIxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBkNzEwMjA0NGQ4OGJhMmRkZmU4ZjllMjhlNjIxNjdjNjc5NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlttmZlXGWEoNPXyB6HXV5hd1LiF
LHz4+bH96tANpyVjHBQPVguyM4gN02d4JC/H5kneIdJo2yYj5LdXO/EFgGfXW8f0
hahVZYS6ajy918lfJQFu8U2thRS7peXoxBLbDCG1d9PbNYaSWZfX+9ucHw7ELrNw
EYk8N0BhQoWPJH/QEWSkL9gQr6SHKRrvAN5Dukkeq/guGCyD3ZHWSxi0hn4nojo9
cnzWMDb13hk40uOniHsuKCIqvXosVHXG9PIQ40bNqLYE6V00XBFxaAkHUyP9Ojdl
ZwXp6pZ5Bhm/v/XjIz5x2cJe/KhrJwCJ6AerJ8u7sUOg0OxRas5AUV3dwwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFPUNcQIETYi6Ld/o+eKOYhZ8Z5eLMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvOVExeEFnUk5pTG90My1qNTRvNWlGbnhubDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQATU6RAwQA
TU6WAwQDT2JoAwQCuTTMAwQCuTfkMAwDBAC5xyUDBAC5xyYDBAK55BgDBAC573wD
BAG5734DBADCkT8DBALDvVAwFAQCAAIwDgMFACoBtqADBQIqAoDgMA0GCSqGSIb3
DQEBCwUAA4IBAQBFktO2LZgwfMHJ7e3j9zsjXrh1DU28d6YmhGwic43IbkevdbS1
sJyGmYLSC1GnDanWTdEPdMh/WHeaj6F35mxEGA1vPC3lqgPPbYo0kYAsj1P35qXi
80nwe6cbKsAp6qpO1wmhe4LdspRCOiw52LM1Dctt8tQ2xCuWp1ieXH7vp2yg2pJB
u7VJ2op2Ks+n/mSkPLMDHDXoHObDt24EjtAQ7UqNaeWq8tDbckBIyYpCHCQNMGxD
nHdxWtIrFtOWjYf1OlK/9TOCMFRL1CNFtFVaLQPdrgd/VDjafKou4+IS2AdIEaEy
Dr4sW62/O1njokb5eTNdHwopyKvVDQ+aHops
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:35:32 2025 by rpki-client