Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/krCyhkuDWdtiE8IBk6ZAqu30Qw0.roa
File: krCyhkuDWdtiE8IBk6ZAqu30Qw0.roa (raw, json)
Hash identifier: ajTMX25iwhDAaSs7jdJKz1hQnILnvbn3Eu+OgcDLty8=
Subject key identifier: 92:B0:B2:86:4B:83:59:DB:62:13:C2:01:93:A6:40:AA:ED:F4:43:0D
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 01983D5B38EB827DEEE6A23E56F59BA346AC
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/krCyhkuDWdtiE8IBk6ZAqu30Qw0.roa
Signing time: Thu 24 Jul 2025 16:54:05 +0000
ROA not before: Thu 24 Jul 2025 16:54:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.164.0/24 maxlen: 24
194.246.36.0/24 maxlen: 24
194.246.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3d:5b:38:eb:82:7d:ee:e6:a2:3e:56:f5:9b:a3:46:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jul 24 16:54:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92b0b2864b8359db6213c20193a640aaedf4430d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:83:62:e9:62:e4:64:03:30:6f:9f:1a:ec:
de:b7:54:56:09:9e:b3:c0:6a:65:9c:23:7a:96:c6:
95:4d:09:83:84:99:09:53:40:5c:e7:c8:e7:d7:f5:
c2:19:ff:ac:7a:f9:9e:2c:5d:eb:e0:63:d1:ab:83:
cc:a9:fa:bf:01:25:99:74:c3:d9:f2:6b:7b:13:d1:
e8:f3:c2:73:43:1d:3d:2b:e5:39:f3:a8:25:0e:db:
c3:5f:4a:e6:d0:ae:f8:3d:63:f8:0b:57:e4:c6:d3:
37:a9:5c:08:2e:a3:79:12:9a:5f:59:97:d5:13:c6:
e2:c6:5f:e9:ea:5f:9d:17:02:06:25:1a:4c:55:93:
cb:20:fa:7c:1e:8e:1b:a3:58:b9:82:32:76:0d:3e:
39:02:91:58:40:7f:60:a8:d0:ae:26:68:c4:a2:ea:
d5:ab:c8:98:9f:7c:4e:08:55:23:55:5f:68:eb:de:
60:ff:8b:1c:67:36:82:b8:d6:52:3f:a7:0c:10:1b:
af:dd:b3:68:95:e5:f5:72:e0:10:e9:be:56:a1:9c:
84:b2:dd:51:32:82:ac:34:54:7e:ee:1b:90:0b:42:
08:30:c6:c0:42:b5:dc:47:44:4d:9a:65:b6:b6:6c:
54:5c:09:50:e1:dd:c7:4f:e5:dc:6e:22:dd:b6:66:
94:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B0:B2:86:4B:83:59:DB:62:13:C2:01:93:A6:40:AA:ED:F4:43:0D
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/krCyhkuDWdtiE8IBk6ZAqu30Qw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
194.246.36.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:29:92:68:d2:9d:cd:fe:d7:33:51:e0:9d:31:61:d2:45:6a:
7c:08:98:24:b5:f3:ef:a0:e5:16:fe:8f:e1:0b:1a:10:2e:64:
30:48:82:a3:c2:bc:40:4d:82:47:31:85:8a:7d:00:67:18:80:
a5:4e:7b:35:5a:59:c4:ad:a9:5e:79:fd:18:75:62:5b:cc:18:
e6:fb:76:f4:87:3f:50:d0:e2:27:f6:31:7f:21:14:1a:42:60:
85:27:9c:bb:bf:a9:3c:0b:0e:0b:1a:01:27:f9:7f:4c:5d:38:
a0:cc:3d:67:c2:10:b1:fb:25:27:0f:f9:ca:ff:17:26:f9:73:
7a:13:f1:9d:29:f3:63:42:c4:e9:90:b0:37:16:99:4a:74:46:
31:99:f2:fc:3f:4f:c5:23:f6:5a:6c:c7:04:89:d7:f2:86:dd:
9f:28:65:84:2b:6c:80:5a:27:00:db:ff:70:09:53:b0:a5:4e:
5f:f9:4c:1b:d6:97:fb:ee:78:50:a5:3e:64:35:96:44:5e:f5:
fe:dd:33:b1:ee:6d:2f:11:85:1c:b6:9a:50:7b:0a:d5:02:85:
ef:49:40:08:28:99:55:07:f5:42:ea:7e:02:bb:7c:4d:96:2c:
e4:cf:2b:01:7b:ca:ff:0b:9a:dc:e7:fe:67:0e:a4:d0:c3:e0:
12:2c:10:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZg9Wzjrgn3u5qI+VvWbo0asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwNzI0MTY1NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIwYjI4NjRiODM1OWRiNjIxM2MyMDE5M2E2NDBhYWVkZjQ0MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLODYuli5GQDMG+fGuzet1RWCZ6z
wGplnCN6lsaVTQmDhJkJU0Bc58jn1/XCGf+sevmeLF3r4GPRq4PMqfq/ASWZdMPZ
8mt7E9Ho88JzQx09K+U586glDtvDX0rm0K74PWP4C1fkxtM3qVwILqN5EppfWZfV
E8bixl/p6l+dFwIGJRpMVZPLIPp8Ho4bo1i5gjJ2DT45ApFYQH9gqNCuJmjEourV
q8iYn3xOCFUjVV9o695g/4scZzaCuNZSP6cMEBuv3bNoleX1cuAQ6b5WoZyEst1R
MoKsNFR+7huQC0IIMMbAQrXcR0RNmmW2tmxUXAlQ4d3HT+XcbiLdtmaUgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJKwsoZLg1nbYhPCAZOmQKrt9EMNMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEva3JDeWhrdURXZHRpRThJQms2WkFxdTMwUXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZWkAwQB
wvYkMA0GCSqGSIb3DQEBCwUAA4IBAQCNKZJo0p3N/tczUeCdMWHSRWp8CJgktfPv
oOUW/o/hCxoQLmQwSIKjwrxATYJHMYWKfQBnGIClTns1WlnEraleef0YdWJbzBjm
+3b0hz9Q0OIn9jF/IRQaQmCFJ5y7v6k8Cw4LGgEn+X9MXTigzD1nwhCx+yUnD/nK
/xcm+XN6E/GdKfNjQsTpkLA3FplKdEYxmfL8P0/FI/ZabMcEidfyht2fKGWEK2yA
WicA2/9wCVOwpU5f+Uwb1pf77nhQpT5kNZZEXvX+3TOx7m0vEYUctppQewrVAoXv
SUAIKJlVB/VC6n4Cu3xNlizkzysBe8r/C5rc5/5nDqTQw+ASLBA6
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:42:19 2025 by rpki-client