Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ddzuJKDdfBfD05pd5AAViQoA2Pc.roa
File: ddzuJKDdfBfD05pd5AAViQoA2Pc.roa (raw, json)
Hash identifier: 2lQWzIDIqMXuR/qxqLFrOSTAaFdBjF2vdhRCL0julW4=
Subject key identifier: 75:DC:EE:24:A0:DD:7C:17:C3:D3:9A:5D:E4:00:15:89:0A:00:D8:F7
Certificate issuer: /CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Certificate serial: 01987E9CE2B92B748A794CD141467F976E2D
Authority key identifier: C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ddzuJKDdfBfD05pd5AAViQoA2Pc.roa
Signing time: Wed 06 Aug 2025 09:01:07 +0000
ROA not before: Wed 06 Aug 2025 09:01:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29283
IP address blocks: 80.74.16.0/21 maxlen: 21
85.184.64.0/19 maxlen: 19
85.184.78.0/24 maxlen: 24
85.184.94.0/24 maxlen: 24
89.33.144.0/21 maxlen: 21
94.199.120.0/21 maxlen: 21
149.232.176.0/21 maxlen: 21
185.6.60.0/22 maxlen: 22
185.6.60.0/24 maxlen: 24
185.6.61.0/24 maxlen: 24
185.6.62.0/24 maxlen: 24
213.174.96.0/19 maxlen: 19
213.174.96.0/24 maxlen: 24
213.174.98.0/24 maxlen: 24
213.174.99.0/24 maxlen: 24
213.174.127.0/24 maxlen: 24
2a02:6c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:9c:e2:b9:2b:74:8a:79:4c:d1:41:46:7f:97:6e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Validity
Not Before: Aug 6 09:01:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75dcee24a0dd7c17c3d39a5de40015890a00d8f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:56:f8:d9:b9:53:eb:39:9b:78:39:1f:f1:
ee:ba:d5:9e:79:50:e5:cc:d1:e6:b1:28:62:59:aa:
22:ff:5b:d1:b8:ec:e8:28:f0:e0:3f:84:09:d4:4a:
7e:e2:75:4e:aa:36:33:06:8f:ca:0e:c9:e3:a1:81:
af:ae:86:e6:13:88:64:d6:08:78:f1:de:37:67:01:
1e:69:4a:1e:7c:22:a8:37:ba:e6:d5:b5:cc:6f:1b:
7b:8b:bb:ff:5f:02:60:2a:9b:1f:d4:66:de:66:e5:
43:74:49:50:a0:3c:33:38:b3:57:bc:d1:a2:ef:f9:
c9:02:2d:63:90:14:3a:ac:93:82:11:e8:98:3f:98:
99:09:4b:39:a6:3e:33:b8:db:70:e7:2a:17:6b:04:
8f:c1:d7:98:28:43:df:77:44:4f:87:44:2d:b3:a5:
ce:ba:07:86:8e:19:22:76:80:ba:e7:21:31:54:0b:
bb:71:c1:65:a6:64:75:e4:e0:9e:ce:b7:46:e2:4d:
31:92:ea:c1:07:e9:ff:c7:3d:cf:31:6c:3e:58:0f:
c3:df:e6:a1:bc:c2:f3:9b:95:77:1b:a1:d2:aa:22:
4b:21:9b:bc:27:64:00:29:a8:cf:7f:90:29:c2:ef:
3e:9d:5c:38:2d:68:95:eb:56:34:9a:39:a2:e7:0b:
ab:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DC:EE:24:A0:DD:7C:17:C3:D3:9A:5D:E4:00:15:89:0A:00:D8:F7
X509v3 Authority Key Identifier:
keyid:C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ddzuJKDdfBfD05pd5AAViQoA2Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.16.0/21
85.184.64.0/19
89.33.144.0/21
94.199.120.0/21
149.232.176.0/21
185.6.60.0/22
213.174.96.0/19
IPv6:
2a02:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
85:bb:99:22:64:7e:15:3f:fd:90:d7:47:e5:86:42:9f:f2:89:
e9:e5:14:a0:23:3c:2e:65:84:bf:df:6e:37:f7:20:42:92:af:
25:6c:46:e5:dd:e9:65:70:b0:b5:f9:d1:62:40:e8:4f:56:33:
ca:49:b9:b9:67:67:b1:29:b6:58:d4:19:cb:63:db:34:7f:78:
e3:79:31:2c:6d:e8:26:92:2b:6f:76:50:7c:41:a2:7b:6b:96:
6d:25:e0:d2:5f:a8:e6:b4:99:40:3f:9d:27:9c:2f:8e:9d:3d:
42:67:e5:80:b8:de:30:c7:da:73:79:e7:23:40:96:35:f3:3d:
14:1f:ab:26:34:d4:9d:5d:e6:fd:05:9e:20:b6:82:e2:ee:02:
59:fa:84:7c:43:54:8a:e0:71:ba:64:e0:f0:50:76:11:4d:b2:
de:48:9d:f2:a3:64:ed:36:58:8b:5c:ed:e7:b9:40:12:9a:dd:
25:d6:1c:25:06:5a:e8:1b:eb:de:23:b2:df:79:e8:cc:76:16:
1c:62:80:8f:a2:d6:df:de:0e:a7:a1:e1:88:7a:cd:4c:b5:75:
7e:b9:48:04:65:94:59:40:3c:c1:ee:d8:a5:84:bb:a9:e2:b4:
65:6d:2d:bf:8a:bc:a6:3d:da:f2:15:e2:f7:39:80:87:5f:2c:
26:a2:c0:2c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZh+nOK5K3SKeUzRQUZ/l24tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZWQ2NGM5M2RkZmRmMmY0OWI3ZWExYzIzZWFhZDA4NzAy
NDlhMzMwHhcNMjUwODA2MDkwMTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRjZWUyNGEwZGQ3YzE3YzNkMzlhNWRlNDAwMTU4OTBhMDBkOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuJW+Nm5U+s5m3g5H/HuutWeeVDl
zNHmsShiWaoi/1vRuOzoKPDgP4QJ1Ep+4nVOqjYzBo/KDsnjoYGvrobmE4hk1gh4
8d43ZwEeaUoefCKoN7rm1bXMbxt7i7v/XwJgKpsf1GbeZuVDdElQoDwzOLNXvNGi
7/nJAi1jkBQ6rJOCEeiYP5iZCUs5pj4zuNtw5yoXawSPwdeYKEPfd0RPh0Qts6XO
ugeGjhkidoC65yExVAu7ccFlpmR15OCezrdG4k0xkurBB+n/xz3PMWw+WA/D3+ah
vMLzm5V3G6HSqiJLIZu8J2QAKajPf5Apwu8+nVw4LWiV61Y0mjmi5wurMwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHXc7iSg3XwXw9OaXeQAFYkKANj3MB8GA1UdIwQY
MBaAFMntZMk9398vSbfqHCPqrQhwJJozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMt
MzVlZDViNTNkYTA1LzEvZGR6dUpLRGRmQmZEMDVwZDVBQVZpUW9BMlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMtMzVlZDViNTNkYTA1
LzEveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDUEoQAwQF
VbhAAwQDWSGQAwQDXsd4AwQDleiwAwQCuQY8AwQF1a5gMA0EAgACMAcDBQAqAmxA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFu5kiZH4VP/2Q10flhkKf8onp5RSgIzwuZYS/
32439yBCkq8lbEbl3ellcLC1+dFiQOhPVjPKSbm5Z2exKbZY1BnLY9s0f3jjeTEs
begmkitvdlB8QaJ7a5ZtJeDSX6jmtJlAP50nnC+OnT1CZ+WAuN4wx9pzeecjQJY1
8z0UH6smNNSdXeb9BZ4gtoLi7gJZ+oR8Q1SK4HG6ZODwUHYRTbLeSJ3yo2TtNliL
XO3nuUASmt0l1hwlBlroG+veI7LfeejMdhYcYoCPotbf3g6noeGIes1MtXV+uUgE
ZZRZQDzB7tilhLup4rRlbS2/irymPdryFeL3OYCHXywmosAs
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:45:34 2025 by rpki-client