Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iayVBGEmhohj1RDUjouGGyTsiOQ.roa
File: iayVBGEmhohj1RDUjouGGyTsiOQ.roa (raw, json)
Hash identifier: 0zVLCZ6OWJ8Luu0Jz9an4ZlCM3cLOlf9KWrqdRDxoH0=
Subject key identifier: 89:AC:95:04:61:26:86:88:63:D5:10:D4:8E:8B:86:1B:24:EC:88:E4
Certificate issuer: /CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Certificate serial: 01975984559E1E4048E35D5445FB35E85A06
Authority key identifier: EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iayVBGEmhohj1RDUjouGGyTsiOQ.roa
Signing time: Tue 10 Jun 2025 11:05:34 +0000
ROA not before: Tue 10 Jun 2025 11:05:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42232
IP address blocks: 46.251.0.0/21 maxlen: 21
79.121.82.0/23 maxlen: 23
88.87.248.0/22 maxlen: 22
88.87.252.0/22 maxlen: 22
91.147.200.0/22 maxlen: 22
91.147.204.0/22 maxlen: 22
91.147.224.0/21 maxlen: 21
91.147.248.0/22 maxlen: 22
91.147.252.0/22 maxlen: 22
94.248.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:84:55:9e:1e:40:48:e3:5d:54:45:fb:35:e8:5a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Validity
Not Before: Jun 10 11:05:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89ac95046126868863d510d48e8b861b24ec88e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4a:79:55:f2:e0:4f:22:16:e6:96:4c:57:10:
91:c0:79:f4:cd:c4:dc:4c:df:7e:23:4e:45:74:7f:
37:21:5a:5d:dd:8b:46:e1:87:76:48:26:57:98:3a:
9c:a6:1c:aa:48:eb:fc:e8:fe:1f:d2:07:c1:27:b0:
98:ea:97:61:68:e6:b3:b5:44:94:d9:63:3d:fe:e4:
cf:e3:89:92:82:e0:f3:16:a9:ff:9d:d8:2d:72:4b:
08:4f:8f:dc:0f:b5:fd:ed:83:8b:13:ff:2f:9d:92:
7c:a6:b2:7c:16:c2:db:fb:4a:88:14:41:aa:85:09:
13:f5:ff:45:2f:75:82:8e:c1:26:6c:e7:80:dd:84:
26:11:57:9b:98:99:01:1a:c6:bf:b9:c9:33:f8:75:
34:aa:a4:59:79:e6:a3:dd:18:ba:7c:f4:0e:c1:d3:
4d:f3:35:af:16:d8:c6:05:8b:4a:a5:c6:49:a5:4d:
b8:4a:c1:d5:9a:9c:b3:bb:65:b6:ca:f1:f6:77:67:
c4:59:52:1e:9a:d8:e7:62:97:56:a2:ea:a6:bb:a1:
09:7b:3a:7f:79:94:1b:ee:b2:63:49:c1:29:3a:1d:
b5:4f:87:cd:1b:91:74:4f:93:95:c8:08:cc:64:4f:
a0:a8:b0:55:94:09:89:0f:17:7b:7a:d3:b2:b2:8c:
9c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AC:95:04:61:26:86:88:63:D5:10:D4:8E:8B:86:1B:24:EC:88:E4
X509v3 Authority Key Identifier:
keyid:EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/iayVBGEmhohj1RDUjouGGyTsiOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.0.0/21
79.121.82.0/23
88.87.248.0/21
91.147.200.0/21
91.147.224.0/21
91.147.248.0/21
94.248.160.0/21
Signature Algorithm: sha256WithRSAEncryption
97:46:e1:71:4e:32:20:b6:69:d2:1c:96:73:be:a1:19:fb:df:
70:f0:45:c1:34:58:d1:eb:4d:ce:81:1c:a7:c4:9c:58:d5:04:
ed:18:84:b4:54:af:5f:93:5c:48:6d:c6:d9:d3:45:82:38:be:
44:7e:c3:14:22:3a:c4:ac:73:93:bd:09:7f:61:3e:90:88:60:
03:3f:33:a0:8d:2f:2f:5f:56:45:2b:e5:1f:23:14:5b:2d:6d:
49:f4:3e:a9:10:1a:30:15:df:b3:17:b9:95:69:88:01:8d:d3:
c9:f0:75:cc:31:be:48:b9:e6:16:4b:48:26:a6:36:6d:e7:8b:
84:43:82:b7:04:3e:42:c5:a4:ab:1f:12:17:7e:7e:ac:a2:24:
91:79:7a:f9:bd:0e:4c:5a:57:e1:e1:28:42:f1:0f:16:e2:96:
75:1c:95:a9:7b:3b:a1:ac:48:ca:57:6c:68:7e:0a:74:74:29:
18:22:c2:2b:95:d4:83:8e:b2:be:8f:70:09:c2:0e:45:79:30:
0e:62:1f:41:69:dc:41:d4:25:55:4f:ab:36:8b:5e:2f:76:4f:
e5:d8:ef:a5:97:0d:ed:ff:41:1d:c7:00:07:fe:8d:b6:b6:a6:
1b:88:c4:9e:2d:73:41:4d:14:b2:4e:35:4a:4f:f6:98:0b:31:
b4:b8:a6:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdZhFWeHkBI411URfs16FoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVmZDVkZTc4ZjkzYmNhZWFkMTVlMTRjMDA2ZWRiYmQx
YjU5NTUwHhcNMjUwNjEwMTEwNTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFjOTUwNDYxMjY4Njg4NjNkNTEwZDQ4ZThiODYxYjI0ZWM4OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Ep5VfLgTyIW5pZMVxCRwHn0zcTc
TN9+I05FdH83IVpd3YtG4Yd2SCZXmDqcphyqSOv86P4f0gfBJ7CY6pdhaOaztUSU
2WM9/uTP44mSguDzFqn/ndgtcksIT4/cD7X97YOLE/8vnZJ8prJ8FsLb+0qIFEGq
hQkT9f9FL3WCjsEmbOeA3YQmEVebmJkBGsa/uckz+HU0qqRZeeaj3Ri6fPQOwdNN
8zWvFtjGBYtKpcZJpU24SsHVmpyzu2W2yvH2d2fEWVIemtjnYpdWouqmu6EJezp/
eZQb7rJjScEpOh21T4fNG5F0T5OVyAjMZE+gqLBVlAmJDxd7etOysoycowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFImslQRhJoaIY9UQ1I6Lhhsk7IjkMB8GA1UdIwQY
MBaAFO8O/V3nj5O8rq0V4UwAbtu9G1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDkt
ZWE4NjUwOWMzYjMwLzEvaWF5VkJHRW1ob2hqMVJEVWpvdUdHeVRzaU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDktZWE4NjUwOWMzYjMw
LzEvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDLvsAAwQB
T3lSAwQDWFf4AwQDW5PIAwQDW5PgAwQDW5P4AwQDXvigMA0GCSqGSIb3DQEBCwUA
A4IBAQCXRuFxTjIgtmnSHJZzvqEZ+99w8EXBNFjR603OgRynxJxY1QTtGIS0VK9f
k1xIbcbZ00WCOL5EfsMUIjrErHOTvQl/YT6QiGADPzOgjS8vX1ZFK+UfIxRbLW1J
9D6pEBowFd+zF7mVaYgBjdPJ8HXMMb5IueYWS0gmpjZt54uEQ4K3BD5CxaSrHxIX
fn6soiSReXr5vQ5MWlfh4ShC8Q8W4pZ1HJWpezuhrEjKV2xofgp0dCkYIsIrldSD
jrK+j3AJwg5FeTAOYh9BadxB1CVVT6s2i14vdk/l2O+llw3t/0EdxwAH/o22tqYb
iMSeLXNBTRSyTjVKT/aYCzG0uKZg
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:11:03 2025 by rpki-client