Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/P0vKfHac5CT_BT7yPQCsYl1WWII.roa
File: P0vKfHac5CT_BT7yPQCsYl1WWII.roa (raw, json)
Hash identifier: uQxBOc9YfEAZgrQ9NS51XAtmXM0ro5FrycI/kcc3aOE=
Subject key identifier: 3F:4B:CA:7C:76:9C:E4:24:FF:05:3E:F2:3D:00:AC:62:5D:56:58:82
Certificate issuer: /CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Certificate serial: 0197CB292BC2C0979FCBBDD08F32F995620A
Authority key identifier: 2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/P0vKfHac5CT_BT7yPQCsYl1WWII.roa
Signing time: Wed 02 Jul 2025 12:42:42 +0000
ROA not before: Wed 02 Jul 2025 12:42:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39093
IP address blocks: 45.158.144.0/22 maxlen: 22
88.81.96.0/19 maxlen: 19
185.46.252.0/22 maxlen: 22
185.212.184.0/24 maxlen: 24
2a02:3d8::/32 maxlen: 32
2a0f:6380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/LPtHb88xPP8pXeDRcJFWrwJT188.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/LPtHb88xPP8pXeDRcJFWrwJT188.mft
rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:29:2b:c2:c0:97:9f:cb:bd:d0:8f:32:f9:95:62:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Validity
Not Before: Jul 2 12:42:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4bca7c769ce424ff053ef23d00ac625d565882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f2:97:40:1d:c8:11:07:8d:34:3b:8b:a0:8b:
28:f9:96:c6:40:79:bb:eb:f7:24:55:c4:d2:aa:79:
a8:03:c1:05:4a:5b:3b:bd:d9:59:8b:64:e8:0e:30:
70:85:2f:47:c1:58:1b:cf:bd:8f:95:a6:42:be:51:
2e:14:28:fd:e9:fe:39:3e:d8:a1:ca:85:70:25:90:
88:30:b7:ae:e5:4a:b2:a9:62:30:ed:a1:11:7b:c7:
41:98:7a:1b:44:3f:1e:ff:c1:31:e4:f5:69:22:ac:
be:d2:85:89:35:53:61:36:2a:85:7a:fb:70:1f:bc:
e9:74:82:ef:4d:3f:9b:c3:ba:33:22:6f:2f:23:fe:
52:44:6a:e0:e6:27:ed:34:e4:70:97:a1:73:66:f2:
93:1c:0c:32:08:3d:67:d6:ae:06:a6:8f:eb:42:56:
b4:56:fa:1c:18:08:96:08:3b:fd:dc:39:d5:43:ac:
f6:d4:e9:48:fd:a9:d2:bd:44:a7:2c:5d:5a:20:53:
55:33:c0:9f:b4:ad:b1:ab:24:ab:b4:2d:c3:ec:21:
aa:07:9c:7e:21:e5:28:4c:28:f8:bd:5f:de:b0:55:
55:3e:d3:74:c8:cf:c5:4f:ca:e3:be:0e:2d:59:c8:
8b:28:c5:c6:59:88:bc:76:21:e7:03:68:d7:2e:39:
27:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4B:CA:7C:76:9C:E4:24:FF:05:3E:F2:3D:00:AC:62:5D:56:58:82
X509v3 Authority Key Identifier:
keyid:2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/P0vKfHac5CT_BT7yPQCsYl1WWII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/LPtHb88xPP8pXeDRcJFWrwJT188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.144.0/22
88.81.96.0/19
185.46.252.0/22
185.212.184.0/24
IPv6:
2a02:3d8::/32
2a0f:6380::/29
Signature Algorithm: sha256WithRSAEncryption
78:89:61:db:ac:9c:76:40:45:9a:1c:e2:95:ab:aa:f8:5c:d4:
63:36:fc:2b:61:2a:3e:26:2b:8a:44:bb:f4:dd:f0:5d:44:98:
b6:ea:4d:8f:d3:35:9b:d8:4d:50:f9:45:c8:10:d3:ad:fa:03:
8a:9a:17:f0:ad:f4:8a:23:59:73:e9:81:6f:ff:ba:4f:ba:de:
f8:8a:8b:b5:86:ed:41:7b:4c:8a:66:69:c0:fa:ed:f6:5b:7a:
71:d3:dc:ee:da:4e:61:69:e2:98:ca:ff:48:e2:51:2d:37:a3:
1e:a3:aa:75:4d:9e:d2:39:91:b9:43:91:3d:80:4c:26:48:29:
2c:c6:54:be:e0:9c:44:28:ff:77:40:68:b4:7f:2b:27:26:49:
2f:e6:14:33:fa:e6:24:c1:3b:b4:d3:88:7c:11:9f:65:28:6f:
cf:ad:ce:f1:13:95:87:68:c8:2b:04:20:d1:9e:16:a0:c0:09:
fd:2b:7b:58:0b:c5:85:32:f4:82:c8:9b:fd:32:1e:3b:d7:09:
22:7a:bb:8e:8f:b7:81:2f:31:b6:22:fb:f3:d3:8b:8e:5d:bb:
fa:c1:0e:a5:80:ce:a9:f8:e1:02:a0:31:69:40:76:f6:e2:e8:
5c:8a:77:a9:dd:9c:d9:8f:a4:78:b7:0b:82:7d:84:47:85:d6:
c1:ee:4e:7d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZfLKSvCwJefy73QjzL5lWIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZmI0NzZmY2YzMTNjZmYyOTVkZTBkMTcwOTE1NmFmMDI1
M2Q3Y2YwHhcNMjUwNzAyMTI0MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRiY2E3Yzc2OWNlNDI0ZmYwNTNlZjIzZDAwYWM2MjVkNTY1ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufKXQB3IEQeNNDuLoIso+ZbGQHm7
6/ckVcTSqnmoA8EFSls7vdlZi2ToDjBwhS9HwVgbz72PlaZCvlEuFCj96f45Ptih
yoVwJZCIMLeu5UqyqWIw7aERe8dBmHobRD8e/8Ex5PVpIqy+0oWJNVNhNiqFevtw
H7zpdILvTT+bw7ozIm8vI/5SRGrg5iftNORwl6FzZvKTHAwyCD1n1q4Gpo/rQla0
VvocGAiWCDv93DnVQ6z21OlI/anSvUSnLF1aIFNVM8CftK2xqySrtC3D7CGqB5x+
IeUoTCj4vV/esFVVPtN0yM/FT8rjvg4tWciLKMXGWYi8diHnA2jXLjknQQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFD9Lynx2nOQk/wU+8j0ArGJdVliCMB8GA1UdIwQY
MBaAFCz7R2/PMTz/KV3g0XCRVq8CU9fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFB0SGI4OHhQUDhwWGVEUmNKRldyd0pUMTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84MTFiMWItM2E3Mi00NDAyLWI0ZmQt
ZmE0ZGQyMWFlM2RjLzEvUDB2S2ZIYWM1Q1RfQlQ3eVBRQ3NZbDFXV0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84MTFiMWItM2E3Mi00NDAyLWI0ZmQtZmE0ZGQyMWFlM2Rj
LzEvTFB0SGI4OHhQUDhwWGVEUmNKRldyd0pUMTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLZ6QAwQF
WFFgAwQCuS78AwQAudS4MBQEAgACMA4DBQAqAgPYAwUDKg9jgDANBgkqhkiG9w0B
AQsFAAOCAQEAeIlh26ycdkBFmhzilauq+FzUYzb8K2EqPiYrikS79N3wXUSYtupN
j9M1m9hNUPlFyBDTrfoDipoX8K30iiNZc+mBb/+6T7re+IqLtYbtQXtMimZpwPrt
9lt6cdPc7tpOYWnimMr/SOJRLTejHqOqdU2e0jmRuUORPYBMJkgpLMZUvuCcRCj/
d0BotH8rJyZJL+YUM/rmJME7tNOIfBGfZShvz63O8ROVh2jIKwQg0Z4WoMAJ/St7
WAvFhTL0gsib/TIeO9cJInq7jo+3gS8xtiL789OLjl27+sEOpYDOqfjhAqAxaUB2
9uLoXIp3qd2c2Y+keLcLgn2ER4XWwe5OfQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:34:37 2025 by rpki-client