Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/04qRvXpisAlJju5q3bLKILC0LVE.roa
File: 04qRvXpisAlJju5q3bLKILC0LVE.roa (raw, json)
Hash identifier: SMJIcHhYL5Jlgz2ZLu2vhAU/XWZpT+AXSJE69y+L74Q=
Subject key identifier: D3:8A:91:BD:7A:62:B0:09:49:8E:EE:6A:DD:B2:CA:20:B0:B4:2D:51
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 019880C919211AC5F34BE43873A828C565C6
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/04qRvXpisAlJju5q3bLKILC0LVE.roa
Signing time: Wed 06 Aug 2025 19:08:39 +0000
ROA not before: Wed 06 Aug 2025 19:08:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206238
IP address blocks: 31.14.180.0/23 maxlen: 23
91.132.40.0/22 maxlen: 22
178.239.16.0/22 maxlen: 24
188.212.112.0/22 maxlen: 22
188.213.88.0/21 maxlen: 24
194.145.194.0/23 maxlen: 23
217.148.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 04:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:c9:19:21:1a:c5:f3:4b:e4:38:73:a8:28:c5:65:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Aug 6 19:08:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d38a91bd7a62b009498eee6addb2ca20b0b42d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1e:31:a7:47:e2:ff:28:14:cc:c9:a0:f7:02:
79:10:af:d8:16:4b:49:4b:b9:a3:df:0d:64:ac:5e:
47:ab:34:04:2f:dc:36:38:3e:23:1e:d3:65:78:cc:
a2:3d:37:ed:03:dd:05:75:8e:0f:63:bb:fc:02:cb:
0c:3b:11:9b:01:21:e6:e0:a7:9d:06:7c:b8:60:f9:
82:a6:30:4f:57:df:56:a5:4e:03:b2:a2:d1:57:6c:
b1:66:ee:71:08:e1:1d:63:19:79:6e:71:14:54:11:
cd:a3:59:bb:a4:5e:02:77:a4:d6:44:e2:c9:a7:a2:
87:24:f4:61:37:22:78:5a:46:9c:37:91:9b:d4:75:
b2:d8:ee:6f:d9:35:47:eb:7c:6d:06:04:1f:23:2c:
7f:fc:a5:be:d2:6a:39:e6:02:81:bb:c4:55:55:a6:
6e:f2:2d:1e:06:02:ae:f6:da:7f:fd:9a:89:58:8f:
83:7d:23:9d:c6:fa:a5:02:3e:11:75:8f:72:2d:68:
5a:fe:1f:fc:67:0a:fc:a1:d4:60:dc:0b:09:d8:44:
33:77:2b:a7:d5:dd:b9:6b:7d:6d:63:3c:67:6e:52:
3b:40:a0:a4:26:41:bd:18:72:56:5c:bd:ff:aa:32:
6d:07:65:54:92:a2:e7:a5:9a:80:a4:89:7d:53:03:
a4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8A:91:BD:7A:62:B0:09:49:8E:EE:6A:DD:B2:CA:20:B0:B4:2D:51
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/04qRvXpisAlJju5q3bLKILC0LVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0/23
91.132.40.0/22
178.239.16.0/22
188.212.112.0/22
188.213.88.0/21
194.145.194.0/23
217.148.134.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:be:42:c0:be:04:ad:64:27:b0:2a:f0:59:68:33:bd:39:c6:
9e:e6:15:7b:4d:14:85:07:4c:8b:cd:d8:b3:5c:7e:97:96:96:
f8:0e:f5:96:a1:35:0d:1f:96:d2:28:6d:72:34:7d:46:c5:be:
6c:de:3c:2a:9c:0c:89:66:ad:0d:55:fc:fb:22:e5:b3:ee:13:
26:ec:63:da:07:17:93:0d:32:1f:be:60:20:8e:d8:ed:73:7f:
80:3b:c3:b3:25:aa:6e:26:46:51:53:22:43:e9:cc:cd:3f:17:
71:4f:5c:d2:b5:f7:bc:4f:cf:81:77:22:d9:5e:e6:59:bb:db:
13:97:2f:a5:b8:3f:99:ad:c3:b3:62:3a:cc:61:e4:8d:ae:e2:
76:6e:d8:33:a0:4a:43:78:db:8b:51:c1:fd:dd:04:c0:99:0a:
e2:d5:de:ac:ac:cd:25:34:92:a0:09:5f:b4:d1:15:22:02:34:
a2:22:3d:48:9b:a4:3a:b5:05:b5:4d:27:4a:45:fd:69:e7:e5:
48:5a:54:e4:5d:0f:4d:35:da:99:50:49:c8:de:8f:46:1d:85:
18:25:eb:f8:25:72:6c:71:f7:16:b5:83:9a:c8:72:66:de:a2:
7e:94:02:01:cd:7c:29:32:2c:ba:56:16:5c:a1:e7:52:23:2b:
bd:b8:b2:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZiAyRkhGsXzS+Q4c6goxWXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjUwODA2MTkwODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhhOTFiZDdhNjJiMDA5NDk4ZWVlNmFkZGIyY2EyMGIwYjQyZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR4xp0fi/ygUzMmg9wJ5EK/YFktJ
S7mj3w1krF5HqzQEL9w2OD4jHtNleMyiPTftA90FdY4PY7v8AssMOxGbASHm4Ked
Bny4YPmCpjBPV99WpU4DsqLRV2yxZu5xCOEdYxl5bnEUVBHNo1m7pF4Cd6TWROLJ
p6KHJPRhNyJ4WkacN5Gb1HWy2O5v2TVH63xtBgQfIyx//KW+0mo55gKBu8RVVaZu
8i0eBgKu9tp//ZqJWI+DfSOdxvqlAj4RdY9yLWha/h/8Zwr8odRg3AsJ2EQzdyun
1d25a31tYzxnblI7QKCkJkG9GHJWXL3/qjJtB2VUkqLnpZqApIl9UwOkAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNOKkb16YrAJSY7uat2yyiCwtC1RMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvMDRxUnZYcGlzQWxKanU1cTNiTEtJTEMwTFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBHw60AwQC
W4QoAwQCsu8QAwQCvNRwAwQDvNVYAwQBwpHCAwQB2ZSGMA0GCSqGSIb3DQEBCwUA
A4IBAQAdvkLAvgStZCewKvBZaDO9Ocae5hV7TRSFB0yLzdizXH6Xlpb4DvWWoTUN
H5bSKG1yNH1Gxb5s3jwqnAyJZq0NVfz7IuWz7hMm7GPaBxeTDTIfvmAgjtjtc3+A
O8OzJapuJkZRUyJD6czNPxdxT1zStfe8T8+BdyLZXuZZu9sTly+luD+ZrcOzYjrM
YeSNruJ2btgzoEpDeNuLUcH93QTAmQri1d6srM0lNJKgCV+00RUiAjSiIj1Im6Q6
tQW1TSdKRf1p5+VIWlTkXQ9NNdqZUEnI3o9GHYUYJev4JXJscfcWtYOayHJm3qJ+
lAIBzXwpMiy6VhZcoedSIyu9uLKv
-----END CERTIFICATE-----
Generated at Sun Aug 10 10:46:11 2025 by rpki-client