Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Rk4C3WZ64dU5ck2CefrfFFGD1zk.roa
File: Rk4C3WZ64dU5ck2CefrfFFGD1zk.roa (raw, json)
Hash identifier: 1gvsanw99eM5nOvRCOBpr8Hkec2UVtJ4uElma9qul9I=
Subject key identifier: 46:4E:02:DD:66:7A:E1:D5:39:72:4D:82:79:FA:DF:14:51:83:D7:39
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01963EE87862C544D9C4FD0F0E514F1FF88F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Rk4C3WZ64dU5ck2CefrfFFGD1zk.roa
Signing time: Wed 16 Apr 2025 14:02:24 +0000
ROA not before: Wed 16 Apr 2025 14:02:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 86.106.80.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:e8:78:62:c5:44:d9:c4:fd:0f:0e:51:4f:1f:f8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Apr 16 14:02:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=464e02dd667ae1d539724d8279fadf145183d739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:c8:d3:f6:d5:23:82:bd:c0:20:c6:db:83:
23:8b:09:04:4f:58:57:d6:de:26:fb:45:74:84:a7:
e6:45:f4:78:1d:84:9e:b6:57:b2:97:76:68:62:cb:
d2:3c:4e:f1:3a:6e:ea:7b:08:15:6e:6c:54:99:66:
f1:e2:c4:67:13:33:8b:3c:0d:79:27:60:67:14:71:
96:ba:d0:29:c6:28:8b:bb:6b:68:26:d4:2d:c2:7c:
37:e9:b5:27:f3:10:c7:2e:d8:6f:6f:3d:ff:86:0c:
b4:e6:3c:f7:a9:c7:f5:44:d8:66:54:1e:63:c1:26:
88:d2:70:83:1a:7f:cd:fb:2e:3b:ba:cb:48:4c:e1:
11:38:fd:90:a0:70:65:45:e3:af:21:1a:45:5e:97:
e0:0f:25:de:97:4e:5b:bb:84:48:01:b6:e1:02:12:
2a:8c:b8:9b:47:de:08:f9:52:49:f3:1a:b5:91:b7:
65:05:f6:12:ac:56:18:a6:0f:d9:c5:a0:25:38:e0:
d6:1c:da:21:1f:c7:f1:09:09:71:0d:f0:4e:eb:73:
7f:4d:4b:c5:0a:55:98:a0:32:34:cc:20:2f:9f:57:
2b:2a:9d:f8:10:87:4c:15:af:32:5e:60:1e:b9:0b:
97:b0:85:7b:b0:51:43:3f:08:f4:f3:2f:37:14:ab:
c5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4E:02:DD:66:7A:E1:D5:39:72:4D:82:79:FA:DF:14:51:83:D7:39
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Rk4C3WZ64dU5ck2CefrfFFGD1zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.80.0/24
89.45.34.0/24
93.114.187.0/24
188.215.72.0/24
188.215.95.0/24
Signature Algorithm: sha256WithRSAEncryption
21:2c:78:c8:91:bf:47:e9:04:60:9e:6c:70:8d:2d:f0:ef:b5:
16:2c:7d:aa:15:42:08:d5:28:94:ae:9c:73:79:98:93:4e:86:
2c:47:83:56:2f:1c:fd:77:b6:3a:0e:ba:41:c3:b2:a3:9c:d5:
de:1d:cf:80:81:3f:3f:e5:0a:5d:ad:af:a7:8b:61:bc:f8:e2:
c5:c5:03:87:f4:ba:49:90:17:55:1c:e6:f3:a0:7d:09:70:97:
b9:c6:7b:4f:7f:ab:04:58:5a:cb:f4:62:d1:61:cf:31:66:86:
38:a2:3b:9f:51:9c:57:bc:49:5d:7f:2d:cd:75:e0:e4:4e:0d:
93:94:b3:a8:d1:51:31:1e:78:9a:22:b7:d1:38:d4:72:e9:c5:
2a:6b:d8:a3:48:2c:67:7c:7f:a9:49:41:8b:fd:3b:58:9c:45:
49:fa:88:32:32:d6:53:fe:ed:18:b7:99:9a:26:0e:a5:07:65:
e0:7e:9f:b5:26:2e:ee:38:95:2c:5c:b9:1f:22:56:9a:a5:70:
23:d7:43:82:fb:1b:d2:b4:f2:4c:ff:2b:6b:a2:0f:66:2b:49:
7c:7e:df:d7:bb:3f:65:87:a3:12:17:33:0b:2b:3b:07:ba:40:
5b:9b:b2:2c:13:fd:fa:45:4e:a1:49:6e:e0:60:fa:59:8a:52:
1b:27:f9:14
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZY+6HhixUTZxP0PDlFPH/iPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwNDE2MTQwMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRlMDJkZDY2N2FlMWQ1Mzk3MjRkODI3OWZhZGYxNDUxODNkNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJfI0/bVI4K9wCDG24MjiwkET1hX
1t4m+0V0hKfmRfR4HYSetleyl3ZoYsvSPE7xOm7qewgVbmxUmWbx4sRnEzOLPA15
J2BnFHGWutApxiiLu2toJtQtwnw36bUn8xDHLthvbz3/hgy05jz3qcf1RNhmVB5j
wSaI0nCDGn/N+y47ustITOEROP2QoHBlReOvIRpFXpfgDyXel05bu4RIAbbhAhIq
jLibR94I+VJJ8xq1kbdlBfYSrFYYpg/ZxaAlOODWHNohH8fxCQlxDfBO63N/TUvF
ClWYoDI0zCAvn1crKp34EIdMFa8yXmAeuQuXsIV7sFFDPwj08y83FKvFEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEZOAt1meuHVOXJNgnn63xRRg9c5MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUms0QzNXWjY0ZFU1Y2syQ2VmcmZGRkdEMXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmpQAwQA
WS0iAwQAXXK7AwQAvNdIAwQAvNdfMA0GCSqGSIb3DQEBCwUAA4IBAQAhLHjIkb9H
6QRgnmxwjS3w77UWLH2qFUII1SiUrpxzeZiTToYsR4NWLxz9d7Y6DrpBw7KjnNXe
Hc+AgT8/5Qpdra+ni2G8+OLFxQOH9LpJkBdVHObzoH0JcJe5xntPf6sEWFrL9GLR
Yc8xZoY4ojufUZxXvEldfy3NdeDkTg2TlLOo0VExHniaIrfRONRy6cUqa9ijSCxn
fH+pSUGL/TtYnEVJ+ogyMtZT/u0Yt5maJg6lB2Xgfp+1Ji7uOJUsXLkfIlaapXAj
10OC+xvStPJM/ytrog9mK0l8ft/Xuz9lh6MSFzMLKzsHukBbm7IsE/36RU6hSW7g
YPpZilIbJ/kU
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:54:50 2025 by rpki-client