Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/n4H0L8pd9dtyooZ66GTFACF9uP4.roa
File: n4H0L8pd9dtyooZ66GTFACF9uP4.roa (raw, json)
Hash identifier: EsCNeiet6gy+l9e7b24v9Y5k/1hPdo20KL/+pLnEisE=
Subject key identifier: 9F:81:F4:2F:CA:5D:F5:DB:72:A2:86:7A:E8:64:C5:00:21:7D:B8:FE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019777A910538F777146E828242F63C5BE3B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/n4H0L8pd9dtyooZ66GTFACF9uP4.roa
Signing time: Mon 16 Jun 2025 07:34:17 +0000
ROA not before: Mon 16 Jun 2025 07:34:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.148.51.0/24 maxlen: 24
194.39.216.0/24 maxlen: 24
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:a9:10:53:8f:77:71:46:e8:28:24:2f:63:c5:be:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jun 16 07:34:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f81f42fca5df5db72a2867ae864c500217db8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2f:fe:9c:48:41:42:8d:6d:60:0f:7b:63:fd:
8e:08:c3:9c:b0:e4:39:c3:c3:b8:d0:99:31:98:f2:
1d:6b:3d:95:2e:7c:c6:8b:0a:bd:f1:b6:4e:20:d0:
f8:80:a1:93:c2:98:22:02:3d:0a:5f:9b:ea:06:41:
96:13:3b:90:a7:48:8d:db:ec:9e:92:22:b3:0c:ed:
2d:7b:a3:52:d2:dc:84:d1:db:c5:1a:8f:b4:c8:86:
f8:f1:fa:b5:2a:a2:20:ca:66:bc:91:99:01:b9:34:
c0:85:6b:fe:c2:8b:1e:bc:38:d4:c9:47:b4:fd:ec:
ee:fa:12:51:00:32:08:a9:10:33:3c:28:78:5c:90:
00:81:2a:91:fb:76:15:7a:45:16:f8:0a:aa:c9:ae:
57:34:f1:6d:2a:3e:9f:15:a2:07:37:5b:fa:a5:9c:
7f:71:5a:d6:e4:73:9e:13:27:27:2c:a9:2c:1c:d3:
57:71:7f:78:99:86:d9:50:ae:e3:15:6e:ed:91:9b:
68:8b:cb:eb:ed:dc:31:fb:22:6c:d1:f7:a8:5d:58:
c9:da:3d:ad:2b:1d:aa:6d:8d:4a:94:ba:95:cb:29:
73:8a:7a:03:23:96:c3:5d:7a:6d:a0:3c:da:d1:9b:
f4:ea:1a:43:4c:96:90:62:58:e8:59:52:24:f7:eb:
82:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:81:F4:2F:CA:5D:F5:DB:72:A2:86:7A:E8:64:C5:00:21:7D:B8:FE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/n4H0L8pd9dtyooZ66GTFACF9uP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.51.0/24
194.39.216.0/24
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
2c:19:0a:1f:c9:aa:bc:e0:41:fd:a7:a2:d8:84:55:f2:1b:f9:
52:60:23:c2:d6:1c:d7:21:8f:c0:73:31:e9:49:3e:5b:c2:f7:
4d:bd:df:0a:f6:70:b7:41:a6:3b:7f:a8:66:4c:15:58:c2:dc:
9d:56:39:a4:e7:4c:d5:3f:52:da:1b:fd:7a:41:6c:38:91:61:
c5:8c:62:f7:9c:1a:a3:b3:7f:1a:7e:00:32:6d:fb:80:50:db:
a5:26:3f:58:8d:32:aa:7b:df:79:4d:09:da:be:e1:09:af:b3:
ba:b7:8c:75:d0:c7:12:32:fd:0e:e9:97:c5:50:e5:12:a9:10:
c9:1d:6e:25:d9:45:43:2e:66:ce:4f:22:42:98:a0:1b:b4:b5:
64:01:38:e0:eb:31:a6:93:3a:09:89:79:cd:98:48:a4:a1:73:
02:15:d7:3b:30:b3:8d:d2:d0:6a:3d:ec:66:61:14:56:e2:f7:
28:80:a6:66:0e:5c:e1:96:47:b1:50:a9:9f:a2:00:69:96:dc:
22:5f:17:eb:b1:f3:31:6d:87:c7:b6:26:8b:73:78:3f:94:60:
2f:6d:19:3d:06:4e:65:cf:8e:23:ff:7c:a3:cf:9e:31:07:8d:
b9:bd:3b:1a:5f:7f:26:42:59:e6:ec:40:c4:0c:d5:f5:48:62:
ef:f5:89:fb
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZd3qRBTj3dxRugoJC9jxb47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNjE2MDczNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgxZjQyZmNhNWRmNWRiNzJhMjg2N2FlODY0YzUwMDIxN2RiOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i/+nEhBQo1tYA97Y/2OCMOcsOQ5
w8O40JkxmPIdaz2VLnzGiwq98bZOIND4gKGTwpgiAj0KX5vqBkGWEzuQp0iN2+ye
kiKzDO0te6NS0tyE0dvFGo+0yIb48fq1KqIgyma8kZkBuTTAhWv+wosevDjUyUe0
/ezu+hJRADIIqRAzPCh4XJAAgSqR+3YVekUW+Aqqya5XNPFtKj6fFaIHN1v6pZx/
cVrW5HOeEycnLKksHNNXcX94mYbZUK7jFW7tkZtoi8vr7dwx+yJs0feoXVjJ2j2t
Kx2qbY1KlLqVyylzinoDI5bDXXptoDza0Zv06hpDTJaQYljoWVIk9+uCYwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ+B9C/KXfXbcqKGeuhkxQAhfbj+MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvbjRIMEw4cGQ5ZHR5b29aNjZHVEZBQ0Y5dVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQALZQzAwQA
wifYMBsEAgACMBUDBQAqDJ4GAwUCKg6pRAMFAioPO4AwDQYJKoZIhvcNAQELBQAD
ggEBACwZCh/JqrzgQf2notiEVfIb+VJgI8LWHNchj8BzMelJPlvC90293wr2cLdB
pjt/qGZMFVjC3J1WOaTnTNU/Utob/XpBbDiRYcWMYvecGqOzfxp+ADJt+4BQ26Um
P1iNMqp733lNCdq+4Qmvs7q3jHXQxxIy/Q7pl8VQ5RKpEMkdbiXZRUMuZs5PIkKY
oBu0tWQBOODrMaaTOgmJec2YSKShcwIV1zsws43S0Go97GZhFFbi9yiApmYOXOGW
R7FQqZ+iAGmW3CJfF+ux8zFth8e2JotzeD+UYC9tGT0GTmXPjiP/fKPPnjEHjbm9
OxpffyZCWebsQMQM1fVIYu/1ifs=
-----END CERTIFICATE-----
Generated at Wed Jun 18 20:58:33 2025 by rpki-client