Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4TPLfVp0t532kWyl3VDz-4PJ25A.roa
File: 4TPLfVp0t532kWyl3VDz-4PJ25A.roa (raw, json)
Hash identifier: vammW+ClNxZ6kNCyg85Uak7VZuceBR4SPNuw0dX0Hts=
Subject key identifier: E1:33:CB:7D:5A:74:B7:9D:F6:91:6C:A5:DD:50:F3:FB:83:C9:DB:90
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01986590DE714EE35BC347609DF42252DFE7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4TPLfVp0t532kWyl3VDz-4PJ25A.roa
Signing time: Fri 01 Aug 2025 12:17:29 +0000
ROA not before: Fri 01 Aug 2025 12:17:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20860
IP address blocks: 77.107.88.0/24 maxlen: 24
81.168.83.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
217.145.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:90:de:71:4e:e3:5b:c3:47:60:9d:f4:22:52:df:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 1 12:17:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e133cb7d5a74b79df6916ca5dd50f3fb83c9db90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a3:b2:57:bb:2b:52:77:ce:ca:26:5b:4b:a2:
4a:0f:1c:cd:e2:b0:bb:bc:48:c8:e0:96:a6:4a:ab:
53:f0:46:b1:f2:26:de:35:27:2a:80:a1:22:9e:47:
c0:c6:4f:fe:b5:6a:8d:1f:6f:f4:07:99:4a:e8:97:
68:ac:25:e9:36:dd:5c:18:10:8e:79:2e:a0:f8:8d:
92:c6:48:60:e0:39:8a:a8:94:d3:82:fb:94:39:cf:
b1:60:27:ce:8c:33:31:9d:cc:47:62:fb:e3:4c:7e:
4d:35:64:b0:0a:94:fe:15:b2:49:74:aa:6c:30:95:
6a:9e:a3:f9:06:b2:00:59:9f:f5:4b:dc:10:63:c3:
7e:90:d9:61:ec:f0:b4:0e:99:f2:8d:5d:c4:1e:d8:
ea:12:ca:ef:46:f6:cd:69:2e:9b:da:c0:41:6d:97:
95:74:e7:1b:91:80:ca:1d:c4:d4:48:c4:c3:e9:34:
00:f9:23:a5:69:97:1c:a2:1d:87:e5:ce:4c:18:7b:
26:02:21:b3:0d:df:df:a7:7f:ef:12:9c:db:99:1e:
31:c5:5c:30:0c:d1:78:55:da:39:f9:9f:b3:9d:e0:
ee:d6:40:bc:8a:0b:b8:3b:8e:1e:46:0c:a8:5a:6b:
38:43:3e:ce:b5:4f:d6:b4:ab:86:5f:fb:6f:44:4d:
13:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:33:CB:7D:5A:74:B7:9D:F6:91:6C:A5:DD:50:F3:FB:83:C9:DB:90
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4TPLfVp0t532kWyl3VDz-4PJ25A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.88.0/24
81.168.83.0/24
81.168.119.0/24
217.145.73.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5d:46:30:18:66:54:c6:68:f7:bf:bb:7b:7e:1b:1c:36:03:
6c:e0:1e:1f:89:c5:9d:90:c1:56:2a:a9:f6:59:00:a1:32:25:
c2:ec:b3:28:7c:79:1a:01:83:4f:df:76:95:de:3e:18:2f:7f:
46:f8:87:dc:f6:28:e4:3d:0f:91:31:9c:2e:80:40:1b:08:e2:
0c:fe:5f:d8:33:e5:09:6a:50:44:d6:a1:c7:61:ba:c1:09:46:
9e:6a:d2:0a:9f:7c:f8:c5:8d:4c:f4:ca:1a:20:5e:ef:be:ea:
ad:62:70:17:cc:98:7d:9f:9f:5a:d6:64:0b:41:07:28:66:c3:
62:a0:61:ad:88:d8:66:e9:c2:b3:bd:53:a5:33:6f:4a:e4:bf:
ac:46:61:36:eb:69:4f:d7:3e:b0:8d:aa:08:d2:df:f3:b3:9a:
78:a0:bd:aa:25:e9:41:4d:01:60:3d:26:05:aa:1e:d2:8e:20:
e8:5f:d2:40:08:9e:cc:e6:ca:47:e3:ed:b8:85:a5:a3:24:c0:
ff:c6:ae:69:9d:dc:fa:a0:d2:c5:a1:46:18:de:1f:e4:c2:f9:
49:41:10:b6:5a:80:c0:7b:de:bd:0c:28:6f:bf:39:8b:d6:dd:
30:fe:72:a3:74:45:35:60:25:4f:85:a4:e1:63:5c:44:65:f8:
53:a1:09:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhlkN5xTuNbw0dgnfQiUt/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODAxMTIxNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMzY2I3ZDVhNzRiNzlkZjY5MTZjYTVkZDUwZjNmYjgzYzlkYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KOyV7srUnfOyiZbS6JKDxzN4rC7
vEjI4JamSqtT8Eax8ibeNScqgKEinkfAxk/+tWqNH2/0B5lK6JdorCXpNt1cGBCO
eS6g+I2Sxkhg4DmKqJTTgvuUOc+xYCfOjDMxncxHYvvjTH5NNWSwCpT+FbJJdKps
MJVqnqP5BrIAWZ/1S9wQY8N+kNlh7PC0DpnyjV3EHtjqEsrvRvbNaS6b2sBBbZeV
dOcbkYDKHcTUSMTD6TQA+SOlaZccoh2H5c5MGHsmAiGzDd/fp3/vEpzbmR4xxVww
DNF4Vdo5+Z+zneDu1kC8igu4O44eRgyoWms4Qz7OtU/WtKuGX/tvRE0T6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOEzy31adLed9pFspd1Q8/uDyduQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNFRQTGZWcDB0NTMya1d5bDNWRHotNFBKMjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWtYAwQA
UahTAwQAUah3AwQA2ZFJMA0GCSqGSIb3DQEBCwUAA4IBAQA0XUYwGGZUxmj3v7t7
fhscNgNs4B4ficWdkMFWKqn2WQChMiXC7LMofHkaAYNP33aV3j4YL39G+Ifc9ijk
PQ+RMZwugEAbCOIM/l/YM+UJalBE1qHHYbrBCUaeatIKn3z4xY1M9MoaIF7vvuqt
YnAXzJh9n59a1mQLQQcoZsNioGGtiNhm6cKzvVOlM29K5L+sRmE262lP1z6wjaoI
0t/zs5p4oL2qJelBTQFgPSYFqh7SjiDoX9JACJ7M5spH4+24haWjJMD/xq5pndz6
oNLFoUYY3h/kwvlJQRC2WoDAe969DChvvzmL1t0w/nKjdEU1YCVPhaThY1xEZfhT
oQlO
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:31:15 2025 by rpki-client