Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k0PJiAUjWBubu9XwvKn10rYGqjE.roa
File: k0PJiAUjWBubu9XwvKn10rYGqjE.roa (raw, json)
Hash identifier: NK3NBpBMHUxOsUo/OfUE1prqcEFuGBf1TQEWPFh1S6I=
Subject key identifier: 93:43:C9:88:05:23:58:1B:9B:BB:D5:F0:BC:A9:F5:D2:B6:06:AA:31
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01983772C559567F689E1B3946CC96319612
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k0PJiAUjWBubu9XwvKn10rYGqjE.roa
Signing time: Wed 23 Jul 2025 13:22:05 +0000
ROA not before: Wed 23 Jul 2025 13:22:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 45.135.180.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
93.115.172.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
202.71.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:72:c5:59:56:7f:68:9e:1b:39:46:cc:96:31:96:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 23 13:22:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9343c9880523581b9bbbd5f0bca9f5d2b606aa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b7:fd:11:b1:5e:6c:ec:08:c5:b1:d2:bb:a4:
44:3b:7e:48:ac:d0:85:47:07:7b:4e:5f:fc:50:04:
46:8c:eb:5b:dd:26:69:7a:3b:b8:f7:ba:bb:1f:f2:
78:57:18:64:38:51:7d:2d:b0:ba:d3:e0:bc:2a:c8:
1a:35:50:99:41:6b:f4:15:b8:a7:b2:0c:4b:f0:8b:
c9:74:b6:9d:7d:d3:31:5d:76:7d:5a:c3:d9:37:4a:
0a:c1:c5:24:5b:25:84:c2:e7:ce:15:40:e1:6f:0a:
a6:8c:bc:38:05:da:30:cb:24:e0:df:0d:20:04:96:
eb:ce:8f:64:66:0a:e5:83:a6:db:79:75:39:82:1d:
9c:74:b6:bb:e5:c1:94:c6:3e:9b:87:c6:be:93:e6:
10:58:d1:d7:04:a3:a1:91:70:fe:b8:59:ea:bc:76:
9a:3e:0c:c0:4f:29:d8:b6:90:b5:8d:9e:1a:c8:89:
75:56:6d:97:76:ec:9f:4f:a1:f4:5d:41:9e:7e:c8:
8b:2e:78:ed:b4:df:49:b9:82:b0:dc:60:5d:a4:21:
c2:9c:cb:0e:c0:ab:aa:4b:00:6b:b6:a7:1f:57:5c:
e3:08:ab:c7:d9:b6:8d:02:33:83:63:dc:30:f5:92:
67:14:95:b5:a7:48:61:d4:21:11:ba:7e:5b:ca:37:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:43:C9:88:05:23:58:1B:9B:BB:D5:F0:BC:A9:F5:D2:B6:06:AA:31
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k0PJiAUjWBubu9XwvKn10rYGqjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.180.0/24
89.35.131.0/24
93.115.172.0/24
194.58.47.0/24
202.71.14.0/24
Signature Algorithm: sha256WithRSAEncryption
85:1c:70:6d:01:ab:b9:09:14:5e:35:83:1d:3e:a6:06:83:b8:
8f:14:c7:6e:8e:6b:49:1c:df:fd:39:ad:49:ca:58:22:d7:76:
94:9a:21:e2:ad:25:c7:28:6e:60:8a:3d:45:83:99:fc:33:8b:
15:c8:d6:a1:e3:bf:9b:1a:3f:31:80:dd:c7:b6:d0:9a:7d:f3:
9c:d5:79:06:c4:63:1c:55:d9:17:80:d5:88:d0:ac:9d:ad:ce:
67:fe:1c:c2:d2:97:14:d4:3e:69:8f:40:4e:4c:72:a0:44:0d:
44:f6:36:6d:60:9a:53:8b:10:77:e8:d1:67:71:bc:1a:f0:3b:
5e:46:0a:cb:5e:d5:fc:4a:e0:b1:56:a7:0b:9f:a5:db:42:4f:
51:ff:e5:20:59:b6:2a:dc:15:1e:72:96:d2:d5:9b:f7:f2:36:
22:33:25:d7:54:84:4b:9d:d9:79:78:76:e3:34:07:57:5e:c7:
ae:70:9f:dc:5a:37:ef:7f:9f:75:ba:42:3e:ab:e6:74:92:ca:
7f:78:65:2c:3d:b0:6c:4c:2c:12:b5:7b:2f:a9:52:bb:37:65:
71:81:d1:60:51:c9:b7:e4:45:13:3b:e5:f7:95:b8:a9:b0:f1:
12:4c:80:90:39:7a:27:74:29:25:fd:59:13:e0:c7:12:e9:c7:
da:81:64:e6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZg3csVZVn9onhs5RsyWMZYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNzIzMTMyMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQzYzk4ODA1MjM1ODFiOWJiYmQ1ZjBiY2E5ZjVkMmI2MDZhYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37f9EbFebOwIxbHSu6REO35IrNCF
Rwd7Tl/8UARGjOtb3SZpeju497q7H/J4VxhkOFF9LbC60+C8KsgaNVCZQWv0Fbin
sgxL8IvJdLadfdMxXXZ9WsPZN0oKwcUkWyWEwufOFUDhbwqmjLw4BdowyyTg3w0g
BJbrzo9kZgrlg6bbeXU5gh2cdLa75cGUxj6bh8a+k+YQWNHXBKOhkXD+uFnqvHaa
PgzATynYtpC1jZ4ayIl1Vm2XduyfT6H0XUGefsiLLnjttN9JuYKw3GBdpCHCnMsO
wKuqSwBrtqcfV1zjCKvH2baNAjODY9ww9ZJnFJW1p0hh1CERun5byjeFSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJNDyYgFI1gbm7vV8Lyp9dK2BqoxMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvazBQSmlBVWpXQnVidTlYd3ZLbjEwcllHcWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYe0AwQA
WSODAwQAXXOsAwQAwjovAwQAykcOMA0GCSqGSIb3DQEBCwUAA4IBAQCFHHBtAau5
CRReNYMdPqYGg7iPFMdujmtJHN/9Oa1Jylgi13aUmiHirSXHKG5gij1Fg5n8M4sV
yNah47+bGj8xgN3HttCaffOc1XkGxGMcVdkXgNWI0Kydrc5n/hzC0pcU1D5pj0BO
THKgRA1E9jZtYJpTixB36NFncbwa8DteRgrLXtX8SuCxVqcLn6XbQk9R/+UgWbYq
3BUecpbS1Zv38jYiMyXXVIRLndl5eHbjNAdXXseucJ/cWjfvf591ukI+q+Z0ksp/
eGUsPbBsTCwStXsvqVK7N2VxgdFgUcm35EUTO+X3lbipsPESTICQOXondCkl/VkT
4McS6cfagWTm
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:44:00 2025 by rpki-client