Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r22Hc3aZehO4ryJLMybNp9PkMu4.roa
File: r22Hc3aZehO4ryJLMybNp9PkMu4.roa (raw, json)
Hash identifier: phlYHPJm5TFZgrSXsBlf2NKTqRMpX2y+XZjc7UJhwTo=
Subject key identifier: AF:6D:87:73:76:99:7A:13:B8:AF:22:4B:33:26:CD:A7:D3:E4:32:EE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01977501BE0EAEBF09857CD6DFC59A6527EC
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r22Hc3aZehO4ryJLMybNp9PkMu4.roa
Signing time: Sun 15 Jun 2025 19:12:17 +0000
ROA not before: Sun 15 Jun 2025 19:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 08:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:01:be:0e:ae:bf:09:85:7c:d6:df:c5:9a:65:27:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 15 19:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af6d877376997a13b8af224b3326cda7d3e432ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:7d:58:97:ee:08:0d:b8:a6:e6:93:d8:fa:
7e:16:7d:e3:a0:4e:f2:63:86:b5:fe:d3:da:d9:c7:
f7:bc:04:00:37:a6:c4:87:5a:14:07:14:4f:be:cc:
b0:28:01:9f:da:7e:04:e7:5a:04:71:34:4f:a3:39:
a3:92:5a:c5:16:38:39:54:33:4c:eb:58:cf:1b:8a:
d5:cb:45:02:4e:db:17:25:41:79:02:9a:2b:56:80:
1f:87:30:30:0d:30:84:b3:75:27:43:5e:30:47:af:
2d:0d:86:79:f5:e2:9c:7b:0c:ac:56:af:e5:51:05:
de:89:a4:99:75:1b:d0:2c:ea:4e:c8:1c:ea:c5:78:
88:3f:3a:d0:51:38:1f:17:53:4f:8b:70:7c:15:75:
28:97:45:bd:83:5e:ec:0d:5a:0d:0f:af:7c:1b:0e:
5e:a3:2d:26:4d:64:0d:33:c0:03:33:00:6c:dc:f0:
b5:08:84:0a:62:d0:9e:4e:57:c2:70:a2:69:b2:a5:
69:1e:86:24:20:09:56:41:de:c6:b5:06:54:3f:51:
25:e6:87:87:31:d2:3d:da:9a:8a:21:04:29:27:a8:
f8:24:96:48:f1:97:aa:27:81:ba:d0:b9:4f:36:9a:
47:ab:5d:e1:72:f2:c5:29:54:18:43:50:24:f1:b6:
32:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6D:87:73:76:99:7A:13:B8:AF:22:4B:33:26:CD:A7:D3:E4:32:EE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r22Hc3aZehO4ryJLMybNp9PkMu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.201.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
64:44:ba:48:91:19:57:4a:48:d5:c9:10:55:8f:0f:ea:fb:88:
32:44:6b:88:ab:28:fc:9e:30:4e:e1:4d:f9:e0:ec:fa:62:90:
82:4d:53:bb:82:8f:cc:bc:db:37:30:d3:10:39:28:d9:5f:b5:
12:d4:0e:f6:2a:8e:1a:77:ec:b1:16:42:78:5c:0d:4d:08:27:
f6:49:43:b1:ae:87:9f:5d:28:28:b2:62:71:db:4b:9f:0b:4c:
27:38:1a:ce:81:d8:24:79:56:cd:00:27:73:98:cd:cd:8c:e1:
3b:39:85:cb:28:5f:ce:8b:21:df:1a:38:2e:59:ae:31:de:00:
60:84:57:4c:1f:37:76:d2:e9:d3:21:86:88:b3:5c:67:a8:69:
59:23:bc:82:da:02:48:56:bb:29:b7:a4:94:ef:df:79:40:bb:
01:63:06:44:fc:ba:b7:41:ea:f7:8f:d1:88:48:8c:88:6d:55:
38:5d:07:76:37:e7:57:95:fd:d6:38:1e:f5:95:1a:da:fd:bf:
94:e9:08:65:83:4a:09:be:d8:63:5a:cf:e6:c7:f7:d2:bc:55:
2f:af:f2:80:89:b4:24:12:44:2f:81:04:58:8b:4c:0e:c7:00:
8a:4d:a7:14:50:d7:5f:20:a2:f7:7f:b7:3f:2d:39:df:8e:d7:
be:1d:eb:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZd1Ab4Orr8JhXzW38WaZSfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjE1MTkxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZkODc3Mzc2OTk3YTEzYjhhZjIyNGIzMzI2Y2RhN2QzZTQzMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6R9WJfuCA24puaT2Pp+Fn3joE7y
Y4a1/tPa2cf3vAQAN6bEh1oUBxRPvsywKAGf2n4E51oEcTRPozmjklrFFjg5VDNM
61jPG4rVy0UCTtsXJUF5AporVoAfhzAwDTCEs3UnQ14wR68tDYZ59eKcewysVq/l
UQXeiaSZdRvQLOpOyBzqxXiIPzrQUTgfF1NPi3B8FXUol0W9g17sDVoND698Gw5e
oy0mTWQNM8ADMwBs3PC1CIQKYtCeTlfCcKJpsqVpHoYkIAlWQd7GtQZUP1El5oeH
MdI92pqKIQQpJ6j4JJZI8ZeqJ4G60LlPNppHq13hcvLFKVQYQ1Ak8bYyjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK9th3N2mXoTuK8iSzMmzafT5DLuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcjIySGMzYVplaE80cnlKTE15Yk5wOVBrTXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTfKSAwQB
WJc4AwQAWNHJAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBkRLpIkRlXSkjVyRBV
jw/q+4gyRGuIqyj8njBO4U354Oz6YpCCTVO7go/MvNs3MNMQOSjZX7US1A72Ko4a
d+yxFkJ4XA1NCCf2SUOxroefXSgosmJx20ufC0wnOBrOgdgkeVbNACdzmM3NjOE7
OYXLKF/OiyHfGjguWa4x3gBghFdMHzd20unTIYaIs1xnqGlZI7yC2gJIVrspt6SU
7995QLsBYwZE/Lq3Qer3j9GISIyIbVU4XQd2N+dXlf3WOB71lRra/b+U6Qhlg0oJ
vthjWs/mx/fSvFUvr/KAibQkEkQvgQRYi0wOxwCKTacUUNdfIKL3f7c/LTnfjte+
HevZ
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:50:03 2025 by rpki-client