Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/v9lximelHElEjtd-KqBSBTl7pRw.roa
File: v9lximelHElEjtd-KqBSBTl7pRw.roa (raw, json)
Hash identifier: aKxhA0/SG8VOWD0TLKfwwXv83yrbTqqOc/Oh3L0Y+XM=
Subject key identifier: BF:D9:71:8A:67:A5:1C:49:44:8E:D7:7E:2A:A0:52:05:39:7B:A5:1C
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019874926A261B874C9085FF00090D62BE44
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/v9lximelHElEjtd-KqBSBTl7pRw.roa
Signing time: Mon 04 Aug 2025 10:13:29 +0000
ROA not before: Mon 04 Aug 2025 10:13:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205132
IP address blocks: 46.10.156.0/24 maxlen: 24
46.10.179.0/24 maxlen: 24
77.85.170.0/24 maxlen: 24
77.85.198.0/24 maxlen: 24
82.137.69.0/24 maxlen: 24
83.228.61.0/24 maxlen: 24
83.228.86.0/24 maxlen: 24
83.228.87.0/24 maxlen: 24
83.228.89.0/24 maxlen: 24
84.238.167.0/24 maxlen: 24
84.238.192.0/24 maxlen: 24
84.238.193.0/24 maxlen: 24
84.238.194.0/24 maxlen: 24
87.126.134.0/24 maxlen: 24
94.236.169.0/24 maxlen: 24
212.72.199.0/24 maxlen: 24
212.72.221.0/24 maxlen: 24
213.91.157.0/24 maxlen: 24
213.91.173.0/24 maxlen: 24
213.91.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 22:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:92:6a:26:1b:87:4c:90:85:ff:00:09:0d:62:be:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Aug 4 10:13:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfd9718a67a51c49448ed77e2aa05205397ba51c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cb:f0:27:c1:ed:14:48:b7:81:fd:20:90:98:
19:e5:54:56:9c:33:3f:9e:fe:bb:ad:dc:0f:b0:c3:
7f:28:e8:b0:db:c5:c3:ce:02:d6:6a:56:aa:c5:58:
2f:b4:ab:97:e4:dc:3d:a6:8d:c5:58:b3:0c:f5:ed:
0e:c8:48:95:2c:19:84:0c:2c:d7:fb:96:5c:34:62:
2b:48:d5:62:9a:d8:48:6b:24:61:fb:b2:0d:d2:06:
e6:c5:72:09:50:22:1e:58:e7:30:fd:c3:3d:c3:48:
66:e4:6a:3d:37:26:0f:dd:04:2b:13:93:ae:f3:01:
9d:66:86:cf:88:6e:8b:ce:63:a6:1f:8b:44:85:07:
18:37:b4:85:19:0c:a7:49:80:c5:ca:87:25:84:3d:
7e:a2:b6:79:3c:16:d5:ab:19:a0:a5:e3:b7:b1:b0:
b1:7d:51:cf:35:b6:0a:65:d7:4d:7f:bd:6d:7b:25:
35:19:6e:b2:0b:ad:c8:64:b7:92:57:71:78:a2:79:
56:d5:c4:27:6c:a0:cc:7a:e8:0b:6f:cf:e1:b1:56:
85:86:f5:ef:d5:aa:b5:c8:57:c5:e7:fa:1f:45:d0:
88:33:9a:32:b4:fe:25:8f:da:06:8f:8b:f5:d6:52:
f2:ad:8d:89:09:51:da:d1:18:6d:5c:3e:61:d6:28:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D9:71:8A:67:A5:1C:49:44:8E:D7:7E:2A:A0:52:05:39:7B:A5:1C
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/v9lximelHElEjtd-KqBSBTl7pRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.156.0/24
46.10.179.0/24
77.85.170.0/24
77.85.198.0/24
82.137.69.0/24
83.228.61.0/24
83.228.86.0/23
83.228.89.0/24
84.238.167.0/24
84.238.192.0-84.238.194.255
87.126.134.0/24
94.236.169.0/24
212.72.199.0/24
212.72.221.0/24
213.91.157.0/24
213.91.173.0/24
213.91.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c1:83:12:29:67:cd:d6:fe:b2:68:42:2a:3d:e2:a7:d9:f2:
68:2a:4a:66:bf:84:1a:1b:68:16:50:5f:8f:93:8f:82:4b:d1:
87:7c:01:ec:58:b0:7b:16:89:8b:c7:73:9b:09:0c:15:00:54:
71:f0:2a:93:23:9d:37:84:a9:fc:53:c3:d4:4c:74:c0:c1:5a:
6e:73:f6:44:b1:03:b3:6c:3f:0b:32:d4:0e:a4:56:f7:2e:17:
9c:f8:2f:77:b9:f6:35:34:ba:2a:94:bb:81:b1:07:58:ad:97:
89:1e:03:1a:b1:5a:b5:e6:f6:22:12:a9:60:10:32:91:60:34:
44:be:b6:73:dc:2d:90:62:12:0f:01:2a:7c:ce:e6:55:6a:2d:
dd:d6:3b:2b:8f:0f:a8:1d:a8:4c:9f:f5:06:85:4c:fa:06:aa:
50:11:29:6d:5f:53:4e:b4:34:77:fd:09:93:c8:23:38:d2:9d:
bf:ed:01:1d:8a:90:8c:9f:76:46:5b:6e:dd:80:55:44:c7:11:
78:49:c3:02:43:1c:d1:ec:b5:32:c4:7c:d3:fe:9b:2c:b4:89:
32:59:73:de:66:07:a2:5f:f2:85:82:4c:f0:51:31:8d:73:6b:
6a:89:80:db:b4:d0:83:b4:b1:c6:df:01:94:aa:a2:df:4a:37:
b6:fd:90:5f
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZh0kmomG4dMkIX/AAkNYr5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwODA0MTAxMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ5NzE4YTY3YTUxYzQ5NDQ4ZWQ3N2UyYWEwNTIwNTM5N2JhNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6svwJ8HtFEi3gf0gkJgZ5VRWnDM/
nv67rdwPsMN/KOiw28XDzgLWalaqxVgvtKuX5Nw9po3FWLMM9e0OyEiVLBmEDCzX
+5ZcNGIrSNVimthIayRh+7IN0gbmxXIJUCIeWOcw/cM9w0hm5Go9NyYP3QQrE5Ou
8wGdZobPiG6LzmOmH4tEhQcYN7SFGQynSYDFyoclhD1+orZ5PBbVqxmgpeO3sbCx
fVHPNbYKZddNf71teyU1GW6yC63IZLeSV3F4onlW1cQnbKDMeugLb8/hsVaFhvXv
1aq1yFfF5/ofRdCIM5oytP4lj9oGj4v11lLyrY2JCVHa0RhtXD5h1ihzAwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFL/ZcYpnpRxJRI7XfiqgUgU5e6UcMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdjlseGltZWxIRWxFanRkLUtxQlNCVGw3cFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAC4KnAME
AC4KswMEAE1VqgMEAE1VxgMEAFKJRQMEAFPkPQMEAVPkVgMEAFPkWQMEAFTupzAM
AwQGVO7AAwQAVO7CAwQAV36GAwQAXuypAwQA1EjHAwQA1EjdAwQA1VudAwQA1Vut
AwQA1Vu/MA0GCSqGSIb3DQEBCwUAA4IBAQAtwYMSKWfN1v6yaEIqPeKn2fJoKkpm
v4QaG2gWUF+Pk4+CS9GHfAHsWLB7FomLx3ObCQwVAFRx8CqTI503hKn8U8PUTHTA
wVpuc/ZEsQOzbD8LMtQOpFb3Lhec+C93ufY1NLoqlLuBsQdYrZeJHgMasVq15vYi
EqlgEDKRYDREvrZz3C2QYhIPASp8zuZVai3d1jsrjw+oHahMn/UGhUz6BqpQESlt
X1NOtDR3/QmTyCM40p2/7QEdipCMn3ZGW27dgFVExxF4ScMCQxzR7LUyxHzT/pss
tIkyWXPeZgeiX/KFgkzwUTGNc2tqiYDbtNCDtLHG3wGUqqLfSje2/ZBf
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:46:09 2025 by rpki-client