Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/3k17-uWuUEzIQWTV_aVrN2V9Ofg.roa
File: 3k17-uWuUEzIQWTV_aVrN2V9Ofg.roa (raw, json)
Hash identifier: lbMYwlKT8p0c2RnTCHNjGMo+pJEqRoXVFA94xVV3t/E=
Subject key identifier: DE:4D:7B:FA:E5:AE:50:4C:C8:41:64:D5:FD:A5:6B:37:65:7D:39:F8
Certificate issuer: /CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Certificate serial: 01987FDFA3CCA6103B4BCCE7D6ED6D48E365
Authority key identifier: 1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/3k17-uWuUEzIQWTV_aVrN2V9Ofg.roa
Signing time: Wed 06 Aug 2025 14:53:39 +0000
ROA not before: Wed 06 Aug 2025 14:53:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12722
IP address blocks: 5.45.80.0/22 maxlen: 22
37.252.0.0/23 maxlen: 23
91.193.180.0/22 maxlen: 22
185.4.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:df:a3:cc:a6:10:3b:4b:cc:e7:d6:ed:6d:48:e3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Validity
Not Before: Aug 6 14:53:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de4d7bfae5ae504cc84164d5fda56b37657d39f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4b:42:b1:fd:91:ca:25:b5:37:97:86:8b:21:
5e:74:9a:66:07:86:c0:ab:5e:93:39:33:b6:05:f0:
3f:e6:67:dc:a1:17:63:bb:7b:db:60:d2:77:44:b6:
19:6b:f8:51:01:aa:fc:76:71:a3:4b:e4:fb:06:cd:
0d:e2:5a:1d:00:dd:c5:2f:35:9b:be:c5:95:49:8f:
b0:83:b0:6f:9c:4a:8e:a1:69:15:3a:27:4c:80:a5:
63:57:9d:4f:d7:c3:36:1a:b0:38:6e:3d:0b:b9:b6:
88:39:ec:a2:47:60:9e:7b:c1:49:20:c8:b0:6f:bc:
f2:df:22:26:56:0b:25:c5:d8:df:6d:65:33:11:f2:
b7:48:4c:04:ca:eb:b4:ec:96:a1:08:33:07:c7:4a:
71:25:48:0b:53:23:ab:51:d8:48:4b:d1:ab:a6:03:
18:da:a9:7a:4f:90:9f:23:8e:bc:ab:7f:3a:26:f3:
68:78:c9:b3:3a:1c:aa:36:be:7d:17:2c:2b:b4:41:
92:cc:74:dc:95:56:3d:c9:dc:6d:eb:90:ba:55:b5:
bf:e6:41:2b:76:4a:ef:1d:7f:70:6a:3e:cb:fd:37:
86:81:89:22:b1:b7:f5:c3:42:40:ca:6f:0a:34:24:
f4:27:cb:03:ac:ed:69:7a:1f:3c:3d:9b:8c:f0:c2:
4e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4D:7B:FA:E5:AE:50:4C:C8:41:64:D5:FD:A5:6B:37:65:7D:39:F8
X509v3 Authority Key Identifier:
keyid:1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/3k17-uWuUEzIQWTV_aVrN2V9Ofg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.80.0/22
37.252.0.0/23
91.193.180.0/22
185.4.64.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:04:29:cc:bd:17:c7:f0:79:c9:ba:a7:02:96:55:11:df:b9:
e2:0f:eb:d6:ef:91:ee:d3:44:b2:1d:1b:c1:ea:d3:a1:2a:65:
4d:80:9a:19:3d:60:e1:41:51:93:d0:25:02:3f:57:9e:bc:ab:
84:91:a0:d9:60:9b:9b:ed:93:59:da:05:ed:9a:44:37:f1:e6:
1c:8e:f2:20:a8:60:ec:4d:a6:5a:62:3b:0f:25:cd:c6:f1:0c:
c3:ec:1d:5f:18:98:29:18:85:c4:87:ac:98:52:fb:0a:a7:3c:
89:aa:e4:29:31:a5:f6:e3:32:00:95:8c:53:d8:97:37:71:21:
3b:08:db:b9:db:70:61:20:7f:13:bb:7b:8b:32:e9:17:30:a8:
9f:64:cf:2b:52:ad:47:f3:04:8f:04:18:a9:2a:63:b5:62:a9:
c7:f9:5b:88:10:74:64:10:2b:5e:d7:54:f7:6c:67:f6:7f:1c:
ab:cb:49:53:f6:7c:21:e2:c4:a6:d3:32:4c:54:5a:9f:24:54:
74:b9:e3:b4:ab:23:b1:02:d4:c9:ed:b4:2f:a1:37:0d:f0:77:
88:5f:45:55:33:6e:2d:fd:e7:59:8e:0f:7a:69:04:7b:34:d2:
72:16:10:8d:e2:4b:a5:05:24:0e:3b:31:03:99:0f:96:ba:ed:
44:b4:91:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZh/36PMphA7S8zn1u1tSONlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRjMjI1OTVmYzFmNTg4ZmJjNGRkZTA3YzFjMzk0OTk4
ZjMzYTcwHhcNMjUwODA2MTQ1MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRkN2JmYWU1YWU1MDRjYzg0MTY0ZDVmZGE1NmIzNzY1N2QzOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ktCsf2RyiW1N5eGiyFedJpmB4bA
q16TOTO2BfA/5mfcoRdju3vbYNJ3RLYZa/hRAar8dnGjS+T7Bs0N4lodAN3FLzWb
vsWVSY+wg7BvnEqOoWkVOidMgKVjV51P18M2GrA4bj0LubaIOeyiR2Cee8FJIMiw
b7zy3yImVgslxdjfbWUzEfK3SEwEyuu07JahCDMHx0pxJUgLUyOrUdhIS9GrpgMY
2ql6T5CfI468q386JvNoeMmzOhyqNr59FywrtEGSzHTclVY9ydxt65C6VbW/5kEr
dkrvHX9waj7L/TeGgYkisbf1w0JAym8KNCT0J8sDrO1peh88PZuM8MJOrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN5Ne/rlrlBMyEFk1f2lazdlfTn4MB8GA1UdIwQY
MBaAFBpNwiWV/B9Yj7xN3gfBw5SZjzOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYt
MmI3OGIxOWI1YTg3LzEvM2sxNy11V3VVRXpJUVdUVl9hVnJOMlY5T2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYtMmI3OGIxOWI1YTg3
LzEvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBS1QAwQB
JfwAAwQCW8G0AwQCuQRAMA0GCSqGSIb3DQEBCwUAA4IBAQCzBCnMvRfH8HnJuqcC
llUR37niD+vW75Hu00SyHRvB6tOhKmVNgJoZPWDhQVGT0CUCP1eevKuEkaDZYJub
7ZNZ2gXtmkQ38eYcjvIgqGDsTaZaYjsPJc3G8QzD7B1fGJgpGIXEh6yYUvsKpzyJ
quQpMaX24zIAlYxT2Jc3cSE7CNu523BhIH8Tu3uLMukXMKifZM8rUq1H8wSPBBip
KmO1YqnH+VuIEHRkECte11T3bGf2fxyry0lT9nwh4sSm0zJMVFqfJFR0ueO0qyOx
AtTJ7bQvoTcN8HeIX0VVM24t/edZjg96aQR7NNJyFhCN4kulBSQOOzEDmQ+Wuu1E
tJF7
-----END CERTIFICATE-----
Generated at Thu Aug 7 05:06:13 2025 by rpki-client