Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/FhTNQuO8GKVkod7A6XXcU1WHcf8.roa
File: FhTNQuO8GKVkod7A6XXcU1WHcf8.roa (raw, json)
Hash identifier: KylaeN6z99E+TItBG5Fd7EYB3/h46/Ia1oxiWBq5e+A=
Subject key identifier: 16:14:CD:42:E3:BC:18:A5:64:A1:DE:C0:E9:75:DC:53:55:87:71:FF
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 019764AF46617A8A335A7DA7A427A2F1F501
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/FhTNQuO8GKVkod7A6XXcU1WHcf8.roa
Signing time: Thu 12 Jun 2025 15:08:17 +0000
ROA not before: Thu 12 Jun 2025 15:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 145.4.224.0/20 maxlen: 20
145.15.108.0/22 maxlen: 22
145.15.108.0/24 maxlen: 24
145.15.109.0/24 maxlen: 24
145.15.110.0/24 maxlen: 24
145.15.111.0/24 maxlen: 24
145.15.114.0/24 maxlen: 24
145.15.115.0/24 maxlen: 24
145.15.208.0/21 maxlen: 21
145.78.0.0/16 maxlen: 16
145.78.28.0/24 maxlen: 24
145.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:af:46:61:7a:8a:33:5a:7d:a7:a4:27:a2:f1:f5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jun 12 15:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1614cd42e3bc18a564a1dec0e975dc53558771ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:16:fd:21:a1:ae:38:b6:40:d0:26:07:63:
7b:9f:79:5b:81:db:10:2c:2a:32:42:1d:7c:2a:a0:
64:47:6e:8c:4c:8f:7e:a0:e6:25:6c:58:31:88:c8:
be:65:64:82:b7:7a:e7:cc:83:5a:14:00:20:b7:1b:
55:6a:c7:69:57:7a:5a:ca:ed:d6:2c:be:64:8c:2f:
c4:77:c7:8a:7f:d6:f3:83:e3:d6:4b:45:64:ed:4f:
c6:af:71:af:c3:f5:ca:5b:e0:e8:b4:d1:a3:38:84:
4a:e8:f6:42:97:8a:bf:50:6a:64:dc:bb:fe:88:14:
65:89:da:f0:97:75:48:44:fd:f9:c3:e8:4c:06:27:
ad:e9:36:c8:f3:a1:e0:26:35:2a:7d:44:c3:83:d7:
37:d4:8b:1b:2d:77:36:b5:ce:ae:9d:9c:46:ea:47:
85:78:00:9a:a9:13:9d:0b:a7:1b:c2:df:e5:fa:29:
10:2b:f9:d5:61:e5:94:da:0f:4c:2c:05:69:48:4f:
d5:d9:2c:4f:ac:fe:52:ad:4f:4b:6e:8f:b9:a5:13:
24:2a:d7:ee:7a:37:ae:cc:41:ec:7e:fa:a3:5c:b8:
07:96:a3:b0:73:df:57:e8:7e:99:30:5e:c2:73:b9:
e9:fa:f3:4d:4c:67:1a:76:2a:68:4d:00:13:43:17:
d6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:14:CD:42:E3:BC:18:A5:64:A1:DE:C0:E9:75:DC:53:55:87:71:FF
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/FhTNQuO8GKVkod7A6XXcU1WHcf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.4.224.0/20
145.15.108.0/22
145.15.114.0/23
145.15.208.0/21
145.78.0.0/16
145.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:ce:7a:49:6b:1c:58:86:7f:75:a6:94:03:b7:05:e6:75:00:
6c:eb:09:83:6a:07:66:2a:40:29:dc:36:97:0e:46:b5:61:a3:
88:33:36:e0:59:dc:67:4d:b8:cb:a0:da:21:f9:26:81:47:18:
cd:cc:1d:85:1e:a7:31:98:35:18:fd:0f:41:fe:4a:13:ba:01:
a9:86:57:97:c4:73:75:0a:d6:0f:11:5e:d9:7a:49:8e:49:f1:
b2:2a:d9:01:29:12:54:66:39:1d:c1:28:5a:e0:b7:6b:cb:07:
27:2d:16:35:16:75:4a:25:8c:be:66:78:99:3f:e3:c9:29:e4:
ac:ff:2c:62:db:6b:bc:51:6c:3f:82:76:4f:a6:c9:b8:1f:42:
d3:86:9d:30:1d:6a:90:d9:73:15:1e:bb:e4:7b:74:07:b5:e3:
29:e5:5e:d3:7b:60:70:f4:8d:f7:84:51:92:fa:db:74:1c:4b:
82:e0:e8:9d:c9:11:0e:1e:15:bc:20:22:90:7c:fa:c9:53:59:
f5:32:cd:2f:bd:3b:f0:92:81:c8:d0:6b:de:c7:1b:ec:dd:fe:
6c:74:08:f0:51:06:c0:07:99:6a:72:96:2c:76:17:68:c3:1d:
d5:d8:5a:da:05:0a:c1:8b:76:39:37:25:12:d9:1f:ba:de:79:
4a:03:dd:f3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZdkr0ZheoozWn2npCei8fUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwNjEyMTUwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjE0Y2Q0MmUzYmMxOGE1NjRhMWRlYzBlOTc1ZGM1MzU1ODc3MWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1oW/SGhrji2QNAmB2N7n3lbgdsQ
LCoyQh18KqBkR26MTI9+oOYlbFgxiMi+ZWSCt3rnzINaFAAgtxtVasdpV3payu3W
LL5kjC/Ed8eKf9bzg+PWS0Vk7U/Gr3Gvw/XKW+DotNGjOIRK6PZCl4q/UGpk3Lv+
iBRlidrwl3VIRP35w+hMBiet6TbI86HgJjUqfUTDg9c31IsbLXc2tc6unZxG6keF
eACaqROdC6cbwt/l+ikQK/nVYeWU2g9MLAVpSE/V2SxPrP5SrU9Lbo+5pRMkKtfu
ejeuzEHsfvqjXLgHlqOwc99X6H6ZMF7Cc7np+vNNTGcadipoTQATQxfWIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBYUzULjvBilZKHewOl13FNVh3H/MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvRmhUTlF1TzhHS1Zrb2Q3QTZYWGNVMVdIY2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQEkQTgAwQC
kQ9sAwQBkQ9yAwQDkQ/QAwMAkU4DAwCRdzANBgkqhkiG9w0BAQsFAAOCAQEAjs56
SWscWIZ/daaUA7cF5nUAbOsJg2oHZipAKdw2lw5GtWGjiDM24FncZ024y6DaIfkm
gUcYzcwdhR6nMZg1GP0PQf5KE7oBqYZXl8RzdQrWDxFe2XpJjknxsirZASkSVGY5
HcEoWuC3a8sHJy0WNRZ1SiWMvmZ4mT/jySnkrP8sYttrvFFsP4J2T6bJuB9C04ad
MB1qkNlzFR675Ht0B7XjKeVe03tgcPSN94RRkvrbdBxLguDonckRDh4VvCAikHz6
yVNZ9TLNL7078JKByNBr3scb7N3+bHQI8FEGwAeZanKWLHYXaMMd1dha2gUKwYt2
OTclEtkfut55SgPd8w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:18:52 2025 by rpki-client