Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/wSUCaZlDq8tA-HMBau3EJ93tyfU.roa
File: wSUCaZlDq8tA-HMBau3EJ93tyfU.roa (raw, json)
Hash identifier: yMgrf3IwtSaiP9aq+f/a8xegEvYBFlBB7iCkJrEJ6kA=
Subject key identifier: C1:25:02:69:99:43:AB:CB:40:F8:73:01:6A:ED:C4:27:DD:ED:C9:F5
Certificate issuer: /CN=facd901aba0d36b656cf98e0c02917e3aaa289b4
Certificate serial: 019855FBE7A8B588687116916F7935DD718E
Authority key identifier: FA:CD:90:1A:BA:0D:36:B6:56:CF:98:E0:C0:29:17:E3:AA:A2:89:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/wSUCaZlDq8tA-HMBau3EJ93tyfU.roa
Signing time: Tue 29 Jul 2025 11:40:28 +0000
ROA not before: Tue 29 Jul 2025 11:40:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51975
IP address blocks: 46.151.208.0/22 maxlen: 22
46.151.212.0/22 maxlen: 22
185.79.248.0/23 maxlen: 23
185.79.250.0/23 maxlen: 23
185.79.251.0/24 maxlen: 24
2a05:78c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 23:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:fb:e7:a8:b5:88:68:71:16:91:6f:79:35:dd:71:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=facd901aba0d36b656cf98e0c02917e3aaa289b4
Validity
Not Before: Jul 29 11:40:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c12502699943abcb40f873016aedc427ddedc9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8e:06:61:c7:5b:10:9d:f7:35:d0:e1:6a:bb:
c7:42:57:db:22:08:d5:24:bb:87:46:da:4f:7d:4b:
f1:e7:c8:ad:a5:18:4d:72:cc:0e:5d:29:31:55:0b:
12:45:cc:21:f8:11:74:a4:be:03:28:82:0f:04:d9:
72:a7:c6:c1:1f:8b:54:8e:2a:65:d1:79:66:b3:1a:
ae:e1:61:e6:e8:f2:60:c1:78:f8:be:c4:67:68:90:
45:fc:eb:e8:98:90:cf:e3:1b:0b:fe:dc:ef:ed:7a:
1a:dd:bb:1c:52:56:c3:31:7e:5b:02:21:ad:61:77:
52:37:2d:df:be:12:66:e8:dc:21:bc:98:77:69:9f:
3d:fe:85:13:d6:74:e4:e7:73:ff:75:2e:c9:26:31:
ae:93:d1:aa:65:85:3f:60:6f:15:6a:08:dd:54:87:
ef:a3:1f:ad:18:73:72:e1:96:95:d9:70:4a:d9:e8:
a5:f8:67:bb:18:c6:8c:1c:b7:98:76:45:e8:79:aa:
ae:8b:21:7d:0c:0f:8b:f9:7e:68:43:f9:e3:3a:8b:
f9:ef:25:1c:a0:ae:97:58:75:5e:f8:54:bb:87:66:
99:b7:19:a7:01:ce:89:08:f9:54:19:6a:63:59:98:
7f:b5:6f:dd:8a:75:26:7d:47:ef:9d:44:81:66:ef:
99:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:25:02:69:99:43:AB:CB:40:F8:73:01:6A:ED:C4:27:DD:ED:C9:F5
X509v3 Authority Key Identifier:
keyid:FA:CD:90:1A:BA:0D:36:B6:56:CF:98:E0:C0:29:17:E3:AA:A2:89:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/wSUCaZlDq8tA-HMBau3EJ93tyfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.208.0/21
185.79.248.0/22
IPv6:
2a05:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:a6:52:1e:b2:13:1e:f5:eb:83:a8:36:19:21:5c:47:79:d3:
7d:63:6c:14:53:45:ef:f7:e5:b8:42:f7:6f:a9:b6:18:6a:6a:
4a:81:90:98:70:bf:6c:02:c5:0b:11:7c:da:b9:e5:6d:d7:5c:
65:d5:f9:b0:87:fa:79:3b:b7:66:9e:82:71:54:c6:f2:9d:69:
56:6d:3b:94:0b:db:ac:8a:08:41:85:61:e3:31:06:a0:fc:a8:
7e:a4:2d:76:3f:21:60:d7:b2:0c:e2:9a:5a:bd:dd:bc:02:0c:
4d:6b:45:80:a6:ca:92:ae:36:70:d8:eb:e7:87:63:99:b6:7c:
ce:5f:33:7c:af:dc:c4:78:b3:14:90:1b:1c:b6:87:ce:65:0c:
5d:2d:85:5b:52:ee:e7:d0:81:e8:4b:c9:fd:97:10:f4:1b:51:
30:9f:9d:f8:85:35:80:e2:4c:11:3d:83:e8:7c:51:47:ef:7b:
85:e3:50:f6:85:79:57:f2:89:be:7b:ca:6e:e5:d4:49:2f:41:
63:22:df:2b:af:c6:1c:d0:95:cc:ff:a0:09:80:84:b7:6c:bd:
b3:ce:82:98:9a:bc:5f:c9:da:ba:5b:47:ca:f7:a1:d3:26:cd:
6d:e3:43:0f:7b:4a:79:5b:2d:6a:30:1d:60:79:c6:29:69:20:
13:7f:f3:5f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZhV++eotYhocRaRb3k13XGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2Q5MDFhYmEwZDM2YjY1NmNmOThlMGMwMjkxN2UzYWFh
Mjg5YjQwHhcNMjUwNzI5MTE0MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTI1MDI2OTk5NDNhYmNiNDBmODczMDE2YWVkYzQyN2RkZWRjOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI4GYcdbEJ33NdDharvHQlfbIgjV
JLuHRtpPfUvx58itpRhNcswOXSkxVQsSRcwh+BF0pL4DKIIPBNlyp8bBH4tUjipl
0Xlmsxqu4WHm6PJgwXj4vsRnaJBF/OvomJDP4xsL/tzv7Xoa3bscUlbDMX5bAiGt
YXdSNy3fvhJm6NwhvJh3aZ89/oUT1nTk53P/dS7JJjGuk9GqZYU/YG8VagjdVIfv
ox+tGHNy4ZaV2XBK2eil+Ge7GMaMHLeYdkXoeaquiyF9DA+L+X5oQ/njOov57yUc
oK6XWHVe+FS7h2aZtxmnAc6JCPlUGWpjWZh/tW/dinUmfUfvnUSBZu+ZmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMElAmmZQ6vLQPhzAWrtxCfd7cn1MB8GA1UdIwQY
MBaAFPrNkBq6DTa2Vs+Y4MApF+Oqoom0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zMlFHcm9OTnJaV3o1amd3Q2tYNDZxaWliUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvYTUyNmNhLTM3OWUtNDk1ZC04ZjE1
LTAwZmUwNWMyYmZjNi8xL3dTVUNhWmxEcTh0QS1ITUJhdTNFSjkzdHlmVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjEvYTUyNmNhLTM3OWUtNDk1ZC04ZjE1LTAwZmUwNWMyYmZj
Ni8xLzEtczJRR3JvTk5yWld6NWpnd0NrWDQ2cWlpYlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAMul9AD
BAK5T/gwDQQCAAIwBwMFACoFeMAwDQYJKoZIhvcNAQELBQADggEBAHSmUh6yEx71
64OoNhkhXEd5031jbBRTRe/35bhC92+pthhqakqBkJhwv2wCxQsRfNq55W3XXGXV
+bCH+nk7t2aegnFUxvKdaVZtO5QL26yKCEGFYeMxBqD8qH6kLXY/IWDXsgzimlq9
3bwCDE1rRYCmypKuNnDY6+eHY5m2fM5fM3yv3MR4sxSQGxy2h85lDF0thVtS7ufQ
gehLyf2XEPQbUTCfnfiFNYDiTBE9g+h8UUfve4XjUPaFeVfyib57ym7l1EkvQWMi
3yuvxhzQlcz/oAmAhLdsvbPOgpiavF/J2rpbR8r3odMmzW3jQw97SnlbLWowHWB5
xilpIBN/818=
-----END CERTIFICATE-----
Generated at Wed Aug 13 08:50:25 2025 by rpki-client