Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tIJPHQmjQ__vvUY8fNfOImeVX9c.roa
File: tIJPHQmjQ__vvUY8fNfOImeVX9c.roa (raw, json)
Hash identifier: Sv5+Cztoy8Hv43j1RVAzcyLWHnuAL/KvuFjLzOOfGNU=
Subject key identifier: B4:82:4F:1D:09:A3:43:FF:EF:BD:46:3C:7C:D7:CE:22:67:95:5F:D7
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01986530BBB8DA2C888CB5DF6AA941AD9D03
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tIJPHQmjQ__vvUY8fNfOImeVX9c.roa
Signing time: Fri 01 Aug 2025 10:32:29 +0000
ROA not before: Fri 01 Aug 2025 10:32:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210415
IP address blocks: 31.15.7.0/24 maxlen: 24
45.130.163.0/24 maxlen: 24
45.137.139.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
91.132.30.0/24 maxlen: 24
185.226.192.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:30:bb:b8:da:2c:88:8c:b5:df:6a:a9:41:ad:9d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Aug 1 10:32:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4824f1d09a343ffefbd463c7cd7ce2267955fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5f:d4:fd:ba:a3:e3:c7:a8:c0:c8:69:eb:5f:
9c:f3:e7:20:93:01:c9:c8:20:0d:90:e6:68:e3:e5:
0b:38:60:4d:ec:eb:98:e2:cc:6a:2d:b7:21:59:de:
da:75:e1:ca:39:2f:5f:c5:a8:53:7f:3c:87:37:ac:
ca:fb:09:a4:dd:33:83:fb:d0:6e:6c:d2:dc:15:e8:
6f:01:56:3b:06:e6:4c:ac:b1:d6:1e:d0:38:2c:03:
ff:a8:85:83:92:d6:70:d7:be:a6:d0:a4:b3:92:7d:
42:c0:42:5f:26:91:70:5e:b5:c5:b4:41:e3:b5:2d:
90:65:e5:d4:7c:58:bc:7e:29:52:d8:e7:c2:d0:fe:
80:fb:a2:44:2e:29:7b:bc:05:f2:a3:30:38:4d:d8:
dd:76:4f:d3:b7:d7:10:f3:a2:a1:30:f1:f9:15:17:
01:fc:8f:96:1c:b1:fb:b6:05:52:d2:f9:ac:93:bd:
a0:6f:03:54:e3:07:9a:3d:c6:15:df:0c:9e:86:8c:
75:5d:86:75:aa:e9:67:ff:5d:d8:a0:c3:06:eb:57:
fb:72:9b:d4:d5:a6:71:ad:4e:2b:35:4e:a1:97:75:
b6:14:c5:9d:de:ad:86:7c:64:f9:7a:63:71:9c:f4:
10:90:2a:3f:3f:47:da:cb:64:45:6a:66:09:93:a4:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:82:4F:1D:09:A3:43:FF:EF:BD:46:3C:7C:D7:CE:22:67:95:5F:D7
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/tIJPHQmjQ__vvUY8fNfOImeVX9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.7.0/24
45.130.163.0/24
45.137.139.0/24
45.145.135.0/24
91.132.30.0/24
185.226.192.0/24
185.231.187.0/24
185.246.15.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:35:e9:d0:cd:f4:c2:f6:b7:0c:5f:5d:91:5e:9f:51:e9:28:
a7:d8:a3:c9:96:39:48:4d:7e:19:c7:a9:e2:f0:aa:38:d2:7a:
05:ef:10:4b:4e:88:0e:25:7a:a3:68:92:c3:26:e8:86:57:4e:
5b:ef:95:da:b2:c2:96:6d:6d:bf:02:67:40:90:61:2b:39:db:
41:75:13:1d:5c:e2:c2:36:b0:cb:10:d7:af:46:b8:71:b8:0b:
9c:e3:bb:29:a0:42:56:df:7e:06:71:f7:ec:ee:b7:23:c9:a6:
77:76:b3:5d:ed:8d:9c:72:25:ad:4f:b2:b5:6c:cc:d2:f6:ce:
3f:55:ff:56:21:32:9e:52:93:d4:60:9f:4e:86:75:1c:57:7e:
20:59:7e:6f:f7:8f:f0:97:cd:2d:e2:e5:e5:57:3c:f4:c3:b1:
a7:2b:ad:ef:7c:95:cf:42:30:d0:6d:ff:96:f7:10:de:c8:76:
05:9e:f5:c2:dd:68:5c:67:9b:0c:7f:05:d6:97:c5:c4:7e:b4:
a9:4f:a6:f3:af:8d:b0:33:1a:88:76:9b:1b:98:81:f9:84:35:
fc:a2:68:f9:27:db:a4:79:1a:fe:e1:e3:48:12:9f:26:8d:ce:
99:7d:5d:8c:ce:f1:1f:4e:32:77:cf:4a:cb:b6:97:f6:98:a6:
2f:b9:d9:10
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZhlMLu42iyIjLXfaqlBrZ0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwODAxMTAzMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgyNGYxZDA5YTM0M2ZmZWZiZDQ2M2M3Y2Q3Y2UyMjY3OTU1ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV/U/bqj48eowMhp61+c8+cgkwHJ
yCANkOZo4+ULOGBN7OuY4sxqLbchWd7adeHKOS9fxahTfzyHN6zK+wmk3TOD+9Bu
bNLcFehvAVY7BuZMrLHWHtA4LAP/qIWDktZw176m0KSzkn1CwEJfJpFwXrXFtEHj
tS2QZeXUfFi8filS2OfC0P6A+6JELil7vAXyozA4Tdjddk/Tt9cQ86KhMPH5FRcB
/I+WHLH7tgVS0vmsk72gbwNU4weaPcYV3wyehox1XYZ1quln/13YoMMG61f7cpvU
1aZxrU4rNU6hl3W2FMWd3q2GfGT5emNxnPQQkCo/P0fay2RFamYJk6SAXQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLSCTx0Jo0P/771GPHzXziJnlV/XMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvdElKUEhRbWpRX192dlVZOGZOZk9JbWVWWDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHw8HAwQA
LYKjAwQALYmLAwQALZGHAwQAW4QeAwQAueLAAwQAuee7AwQAufYPMA0GCSqGSIb3
DQEBCwUAA4IBAQCzNenQzfTC9rcMX12RXp9R6Sin2KPJljlITX4Zx6ni8Ko40noF
7xBLTogOJXqjaJLDJuiGV05b75XassKWbW2/AmdAkGErOdtBdRMdXOLCNrDLENev
RrhxuAuc47spoEJW334Gcffs7rcjyaZ3drNd7Y2cciWtT7K1bMzS9s4/Vf9WITKe
UpPUYJ9OhnUcV34gWX5v94/wl80t4uXlVzz0w7GnK63vfJXPQjDQbf+W9xDeyHYF
nvXC3WhcZ5sMfwXWl8XEfrSpT6bzr42wMxqIdpsbmIH5hDX8omj5J9ukeRr+4eNI
Ep8mjc6ZfV2MzvEfTjJ3z0rLtpf2mKYvudkQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:54:59 2025 by rpki-client