Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/i3i8lSutN5bZ9tuFtM92GryC3Tg.roa
File: i3i8lSutN5bZ9tuFtM92GryC3Tg.roa (raw, json)
Hash identifier: 5ISoDWe4dlL7knoj3DcxHOeML9tN8TdDsmOzNTKQVvE=
Subject key identifier: 8B:78:BC:95:2B:AD:37:96:D9:F6:DB:85:B4:CF:76:1A:BC:82:DD:38
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 019873FE1868BD3590ACA85A19E3A3D813E4
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/i3i8lSutN5bZ9tuFtM92GryC3Tg.roa
Signing time: Mon 04 Aug 2025 07:31:28 +0000
ROA not before: Mon 04 Aug 2025 07:31:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213230
IP address blocks: 5.161.0.0/16 maxlen: 24
178.156.128.0/17 maxlen: 24
185.12.64.0/22 maxlen: 24
2a01:4ff::/40 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 19:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:fe:18:68:bd:35:90:ac:a8:5a:19:e3:a3:d8:13:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Aug 4 07:31:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b78bc952bad3796d9f6db85b4cf761abc82dd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:3a:d8:3d:e5:90:23:92:86:a4:7a:48:8e:
d0:a5:7b:42:ea:05:fa:c3:7e:8f:5b:bd:a3:31:38:
a6:1e:8f:1d:9a:29:b9:52:c8:77:ef:99:f2:52:48:
47:a3:97:57:52:12:f4:e4:48:31:38:9d:a8:1b:58:
bf:7b:ca:d4:c1:3c:1d:63:3f:36:30:69:30:05:40:
08:05:df:e5:51:99:a1:42:9d:a7:d5:54:31:fa:87:
bf:0f:fa:c2:5b:e7:0f:4f:70:e8:81:7d:2e:46:c4:
42:23:06:49:9a:06:57:35:34:61:00:73:c1:ce:64:
e8:69:3a:73:a9:49:b1:d7:54:c0:d4:82:31:4a:5b:
40:eb:3c:9e:89:9d:2b:ad:d5:29:2a:2c:32:05:9f:
08:8c:e9:12:bb:6f:bc:76:f5:f6:84:ee:b9:5d:1f:
bb:70:c6:c7:df:95:05:10:3f:6b:4e:5d:6c:a6:14:
52:9e:41:4a:66:0c:7c:0d:75:4c:41:63:a7:e3:a3:
b6:e1:04:46:2a:6e:c4:c3:e7:19:31:5b:b2:36:ee:
a0:29:88:06:7a:0e:2c:38:27:29:62:89:ac:b4:e1:
ba:92:3c:61:6a:06:cd:f4:91:15:59:8e:6c:7b:28:
33:83:a7:70:58:0e:1a:4e:1f:09:ab:e3:77:8d:19:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:78:BC:95:2B:AD:37:96:D9:F6:DB:85:B4:CF:76:1A:BC:82:DD:38
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/i3i8lSutN5bZ9tuFtM92GryC3Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.161.0.0/16
178.156.128.0/17
185.12.64.0/22
IPv6:
2a01:4ff::/40
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
7c:78:b1:db:e4:bd:3c:8d:68:a2:9b:7c:53:90:47:83:ec:db:
a5:20:b1:bb:bc:e6:14:59:0f:01:18:70:b2:a9:bd:e8:05:52:
cd:da:69:0d:5b:bd:1f:ac:fb:2b:a9:28:e9:6b:ae:0b:0f:13:
07:56:bb:be:b4:77:8d:e9:e2:38:37:50:d5:dd:b0:c4:89:ae:
aa:91:f5:de:ae:f2:4b:23:5f:da:10:13:f3:f8:67:d0:88:2e:
c6:a7:17:95:d4:6a:bb:bb:b3:75:4d:ad:fa:43:3d:91:16:6a:
4b:b5:b6:ca:14:fa:90:c0:55:08:8e:33:92:f3:a0:48:70:3a:
4c:3d:98:35:d2:ab:7a:53:54:a3:c0:6b:d6:23:a9:6a:3d:8c:
7c:64:44:76:fd:2f:72:3c:f6:53:0f:e3:05:5e:cc:69:48:fd:
de:79:ba:3e:6b:ee:99:be:4d:90:d2:c9:4e:d3:c8:57:0f:36:
70:f6:9b:c3:8b:ad:fa:e5:e4:ee:b5:0d:f0:1b:e9:bb:e1:73:
0e:43:2e:db:98:82:a5:56:41:7c:1a:63:98:46:0c:bc:56:d2:
92:c9:e6:02:2d:1d:b1:b3:bd:94:5a:eb:15:a4:eb:b0:b5:8d:
99:80:24:ce:fe:a4:d2:37:1a:dc:e0:5f:03:48:c9:29:80:12:
a1:cd:1d:64
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhz/hhovTWQrKhaGeOj2BPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjUwODA0MDczMTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc4YmM5NTJiYWQzNzk2ZDlmNmRiODViNGNmNzYxYWJjODJkZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHE62D3lkCOShqR6SI7QpXtC6gX6
w36PW72jMTimHo8dmim5Ush375nyUkhHo5dXUhL05EgxOJ2oG1i/e8rUwTwdYz82
MGkwBUAIBd/lUZmhQp2n1VQx+oe/D/rCW+cPT3DogX0uRsRCIwZJmgZXNTRhAHPB
zmToaTpzqUmx11TA1IIxSltA6zyeiZ0rrdUpKiwyBZ8IjOkSu2+8dvX2hO65XR+7
cMbH35UFED9rTl1sphRSnkFKZgx8DXVMQWOn46O24QRGKm7Ew+cZMVuyNu6gKYgG
eg4sOCcpYomstOG6kjxhagbN9JEVWY5seygzg6dwWA4aTh8Jq+N3jRnxMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIt4vJUrrTeW2fbbhbTPdhq8gt04MB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvaTNpOGxTdXRONWJaOXR1RnRNOTJHcnlDM1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAXBAIAATARAwMABaEDBAey
nIADBAK5DEAwFwQCAAIwEQMGACoBBP8AAwcAKgEE//8BMA0GCSqGSIb3DQEBCwUA
A4IBAQB8eLHb5L08jWiim3xTkEeD7NulILG7vOYUWQ8BGHCyqb3oBVLN2mkNW70f
rPsrqSjpa64LDxMHVru+tHeN6eI4N1DV3bDEia6qkfXervJLI1/aEBPz+GfQiC7G
pxeV1Gq7u7N1Ta36Qz2RFmpLtbbKFPqQwFUIjjOS86BIcDpMPZg10qt6U1SjwGvW
I6lqPYx8ZER2/S9yPPZTD+MFXsxpSP3eebo+a+6Zvk2Q0slO08hXDzZw9pvDi636
5eTutQ3wG+m74XMOQy7bmIKlVkF8GmOYRgy8VtKSyeYCLR2xs72UWusVpOuwtY2Z
gCTO/qTSNxrc4F8DSMkpgBKhzR1k
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:12:02 2025 by rpki-client