Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Ch-PYAhyFagok0fhupPjZ_Lqcbg.roa
File: Ch-PYAhyFagok0fhupPjZ_Lqcbg.roa (raw, json)
Hash identifier: MkUDcB5uA+GO6qe6fT2sF+iljffZj0n8p1hLZtz2zP0=
Subject key identifier: 0A:1F:8F:60:08:72:15:A8:28:93:47:E1:BA:93:E3:67:F2:EA:71:B8
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01985EE1BD314DB08060EDEDA5064C36D56E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Ch-PYAhyFagok0fhupPjZ_Lqcbg.roa
Signing time: Thu 31 Jul 2025 05:08:29 +0000
ROA not before: Thu 31 Jul 2025 05:08:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 45.10.40.0/24 maxlen: 24
45.10.41.0/24 maxlen: 24
45.10.43.0/24 maxlen: 24
88.218.168.0/24 maxlen: 24
88.218.170.0/24 maxlen: 24
93.183.80.0/22 maxlen: 24
185.197.75.0/24 maxlen: 24
193.188.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 09:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5e:e1:bd:31:4d:b0:80:60:ed:ed:a5:06:4c:36:d5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jul 31 05:08:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a1f8f60087215a8289347e1ba93e367f2ea71b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1a:0d:b2:e8:0b:68:a5:83:c3:81:a4:34:5b:
e3:9a:ea:11:a6:69:db:51:0a:09:6d:2d:68:00:3e:
95:09:e2:48:1e:a0:b3:5c:f9:4c:fd:37:0b:88:48:
0f:d5:97:5f:2e:2c:38:13:f5:61:e4:10:36:54:9c:
43:de:53:77:30:e2:40:bf:bc:28:bf:31:b7:dd:36:
97:5d:cb:1b:5d:17:92:77:61:d9:53:fc:4c:5a:6b:
84:11:10:6f:50:4e:cc:42:d4:6d:dc:93:df:46:d4:
ad:ce:bc:4f:45:d8:49:36:17:50:50:e7:60:8f:d1:
84:92:d8:33:92:14:f5:3b:dd:1f:44:02:8a:95:1e:
13:7c:79:fd:e2:28:50:00:74:35:2b:21:0e:33:06:
94:a2:50:37:12:fe:5c:b4:d8:c7:3a:9b:a4:15:89:
bd:8b:22:71:54:5c:18:15:d9:6b:ec:f4:6d:4c:35:
36:04:b4:60:e1:b3:e3:26:89:a5:fc:04:76:dd:bd:
bf:68:6d:dc:b5:b1:bc:0f:c4:3b:49:5b:83:15:e2:
80:91:54:64:cd:53:45:5b:73:ac:a4:0d:2f:49:d9:
6e:fc:a1:ba:07:b1:85:46:3c:5b:4b:8d:a0:64:e1:
75:61:12:a7:3d:ca:33:d3:f1:38:82:0b:0c:07:a9:
6f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1F:8F:60:08:72:15:A8:28:93:47:E1:BA:93:E3:67:F2:EA:71:B8
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Ch-PYAhyFagok0fhupPjZ_Lqcbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.40.0/23
45.10.43.0/24
88.218.168.0/24
88.218.170.0/24
93.183.80.0/22
185.197.75.0/24
193.188.23.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:95:ca:a4:6e:14:16:8f:15:a3:98:17:26:cd:8f:d2:2c:17:
28:4c:93:6a:f0:76:a3:8d:59:ac:c3:74:c5:8a:2e:cc:4a:57:
7c:d5:98:13:dc:af:ac:f5:00:f3:86:00:c4:63:71:c7:46:a9:
44:0e:cf:a5:0c:75:4d:bd:c1:89:9b:cf:f1:7f:6a:d4:08:7c:
f4:e0:34:d8:36:4f:db:c2:3d:0b:06:d3:59:e9:17:f4:fc:14:
86:dc:50:5a:11:0c:62:58:03:53:93:0d:a9:04:f2:e9:42:2f:
85:0f:c9:a4:db:ea:a0:9c:f6:1a:6e:59:09:0f:bd:9e:c6:2d:
da:49:e6:c5:14:c3:53:d1:9d:f3:d1:a8:9a:38:20:af:0c:f5:
9d:3b:84:cb:0d:c6:9d:32:7e:f8:71:66:0a:11:eb:f3:5b:d8:
f5:4d:79:5b:d3:66:bc:12:1f:8f:54:65:5a:48:47:56:d5:6b:
5e:9e:90:1c:8b:5c:3b:5d:d6:89:bd:12:dc:6d:1d:68:37:60:
d6:2a:8b:1a:09:52:9e:53:dd:ca:08:f4:d9:48:6f:fd:d9:a8:
35:7d:55:73:9f:7f:5e:3d:98:26:c4:b6:c7:c3:6b:7d:64:4c:
83:69:6a:af:0e:d9:77:b4:0c:8e:32:21:54:8f:58:ad:3e:16:
53:bf:28:c4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhe4b0xTbCAYO3tpQZMNtVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjUwNzMxMDUwODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFmOGY2MDA4NzIxNWE4Mjg5MzQ3ZTFiYTkzZTM2N2YyZWE3MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRoNsugLaKWDw4GkNFvjmuoRpmnb
UQoJbS1oAD6VCeJIHqCzXPlM/TcLiEgP1ZdfLiw4E/Vh5BA2VJxD3lN3MOJAv7wo
vzG33TaXXcsbXReSd2HZU/xMWmuEERBvUE7MQtRt3JPfRtStzrxPRdhJNhdQUOdg
j9GEktgzkhT1O90fRAKKlR4TfHn94ihQAHQ1KyEOMwaUolA3Ev5ctNjHOpukFYm9
iyJxVFwYFdlr7PRtTDU2BLRg4bPjJoml/AR23b2/aG3ctbG8D8Q7SVuDFeKAkVRk
zVNFW3OspA0vSdlu/KG6B7GFRjxbS42gZOF1YRKnPcoz0/E4ggsMB6lvUQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAofj2AIchWoKJNH4bqT42fy6nG4MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQ2gtUFlBaHlGYWdvazBmaHVwUGpaX0xxY2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLQooAwQA
LQorAwQAWNqoAwQAWNqqAwQCXbdQAwQAucVLAwQAwbwXMA0GCSqGSIb3DQEBCwUA
A4IBAQB9lcqkbhQWjxWjmBcmzY/SLBcoTJNq8HajjVmsw3TFii7MSld81ZgT3K+s
9QDzhgDEY3HHRqlEDs+lDHVNvcGJm8/xf2rUCHz04DTYNk/bwj0LBtNZ6Rf0/BSG
3FBaEQxiWANTkw2pBPLpQi+FD8mk2+qgnPYablkJD72exi3aSebFFMNT0Z3z0aia
OCCvDPWdO4TLDcadMn74cWYKEevzW9j1TXlb02a8Eh+PVGVaSEdW1WtenpAci1w7
XdaJvRLcbR1oN2DWKosaCVKeU93KCPTZSG/92ag1fVVzn39ePZgmxLbHw2t9ZEyD
aWqvDtl3tAyOMiFUj1itPhZTvyjE
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:19:45 2025 by rpki-client