Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/j7YI-J0X44AIcGGjM3OjAhRSkQQ.roa
File: j7YI-J0X44AIcGGjM3OjAhRSkQQ.roa (raw, json)
Hash identifier: xDsq4uI95OYOOu+dzOOxnWVECC94izAnKHOzUfE2IBU=
Subject key identifier: 8F:B6:08:F8:9D:17:E3:80:08:70:61:A3:33:73:A3:02:14:52:91:04
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 01980F5AD8EF309386B30E32D8E2B6F692E7
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/j7YI-J0X44AIcGGjM3OjAhRSkQQ.roa
Signing time: Tue 15 Jul 2025 18:31:08 +0000
ROA not before: Tue 15 Jul 2025 18:31:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
109.105.208.0/24 maxlen: 24
109.105.209.0/24 maxlen: 24
109.105.210.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
185.226.198.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
2a10:3c0:2::/48 maxlen: 48
2a10:3c0:3::/48 maxlen: 48
2a10:3c0:4::/48 maxlen: 48
2a10:3c0:5::/48 maxlen: 48
2a10:3c0:100::/44 maxlen: 44
2a10:3c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0f:5a:d8:ef:30:93:86:b3:0e:32:d8:e2:b6:f6:92:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jul 15 18:31:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fb608f89d17e380087061a33373a30214529104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a7:63:1a:8c:96:e2:0a:d8:09:f1:0e:96:ae:
91:6d:13:27:22:c3:2d:f3:23:5a:b7:aa:a8:00:7d:
f2:58:d2:77:9b:70:e8:99:67:59:b5:58:4e:7e:b6:
ce:57:86:1a:34:05:2d:02:c8:39:87:e5:9d:42:e1:
fe:0c:76:97:80:cf:f1:14:51:ea:9f:71:b5:ff:62:
04:22:a5:7d:70:aa:2b:be:73:77:6c:18:29:a1:13:
3b:c9:db:e0:d7:c5:1e:8b:4c:d5:51:07:76:a9:91:
55:b0:ff:e3:7a:b8:e3:2d:90:70:c6:d1:d7:80:2e:
45:63:fe:c1:cd:46:a9:54:85:0b:c3:c6:e7:b0:c9:
d3:b7:ca:b0:07:47:ce:7d:0c:49:eb:4e:cf:8f:3d:
6d:4d:2c:a9:66:7b:4e:a9:60:d4:1c:e4:57:b1:bd:
40:f7:8f:84:25:90:b4:9f:ec:91:01:11:51:14:49:
11:d9:df:ea:33:4f:03:13:b4:bb:1b:4d:e2:78:e9:
56:0a:25:20:34:f1:c0:03:28:7e:c1:b2:b2:f5:18:
c2:99:d9:e0:b7:2f:5b:22:11:24:84:21:0f:82:97:
b7:0f:99:57:a1:59:2b:3f:6e:28:6c:1a:af:db:8d:
f5:3a:36:39:0f:44:4f:b0:34:cd:4b:dd:98:70:b0:
99:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B6:08:F8:9D:17:E3:80:08:70:61:A3:33:73:A3:02:14:52:91:04
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/j7YI-J0X44AIcGGjM3OjAhRSkQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
109.105.208.0-109.105.210.255
185.180.140.0/24
185.180.143.0/24
185.226.198.0/24
IPv6:
2a10:3c0:1::-2a10:3c0:5:ffff:ffff:ffff:ffff:ffff
2a10:3c0:100::/44
Signature Algorithm: sha256WithRSAEncryption
98:12:e7:ba:d4:92:55:4e:be:7e:fe:d7:38:21:89:8f:cc:89:
2b:83:bb:9c:f3:7a:78:ef:62:92:14:d7:b5:04:52:14:c1:4d:
53:60:9b:20:8a:29:5c:bd:e5:93:be:8f:c4:61:e6:4f:bc:5e:
54:87:7a:4c:77:6c:d7:65:3f:50:e7:74:e7:8e:e3:4c:a8:be:
a2:2e:24:b4:0d:e0:65:4a:83:34:cf:2c:7d:66:76:74:07:9c:
a2:4a:12:3d:d5:29:d7:b4:70:cb:f2:0f:47:08:d5:01:59:c9:
6d:1a:03:fd:6a:3d:8e:0a:53:da:5d:cc:3d:58:4a:c5:8d:09:
e7:06:52:2e:ed:b0:f0:a4:fe:5b:45:21:f0:e9:ad:b8:8e:a2:
8f:f2:3b:37:44:bb:0f:fc:d1:f7:7b:c4:6f:81:a2:59:46:40:
58:6a:28:7d:19:ba:6b:9b:01:22:b3:52:d2:8a:74:68:0b:76:
f4:36:5d:1a:43:ad:1e:71:e6:81:e7:3a:59:06:97:cf:28:20:
00:75:13:bf:12:47:e7:87:eb:fd:d0:d7:0c:92:df:05:6d:83:
b7:78:2a:47:41:02:a2:23:32:1b:7c:3e:99:c3:aa:87:5e:d5:
45:b5:1b:d3:32:e8:26:b9:64:ad:08:4c:f5:49:52:e2:e3:1c:
cf:37:23:9c
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZgPWtjvMJOGsw4y2OK29pLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwNzE1MTgzMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI2MDhmODlkMTdlMzgwMDg3MDYxYTMzMzczYTMwMjE0NTI5MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qdjGoyW4grYCfEOlq6RbRMnIsMt
8yNat6qoAH3yWNJ3m3DomWdZtVhOfrbOV4YaNAUtAsg5h+WdQuH+DHaXgM/xFFHq
n3G1/2IEIqV9cKorvnN3bBgpoRM7ydvg18Uei0zVUQd2qZFVsP/jerjjLZBwxtHX
gC5FY/7BzUapVIULw8bnsMnTt8qwB0fOfQxJ607Pjz1tTSypZntOqWDUHORXsb1A
94+EJZC0n+yRARFRFEkR2d/qM08DE7S7G03ieOlWCiUgNPHAAyh+wbKy9RjCmdng
ty9bIhEkhCEPgpe3D5lXoVkrP24obBqv2431OjY5D0RPsDTNS92YcLCZNwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFI+2CPidF+OACHBhozNzowIUUpEEMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvajdZSS1KMFg0NEFJY0dHak0zT2pBaFJTa1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA0BAIAATAuMAwDBActnIAD
BAAtnIIwDAMEBG1p0AMEAG1p0gMEALm0jAMEALm0jwMEALnixjAjBAIAAjAdMBID
BwAqEAPAAAEDBwEqEAPAAAQDBwQqEAPAAQAwDQYJKoZIhvcNAQELBQADggEBAJgS
57rUklVOvn7+1zghiY/MiSuDu5zzenjvYpIU17UEUhTBTVNgmyCKKVy95ZO+j8Rh
5k+8XlSHekx3bNdlP1DndOeO40yovqIuJLQN4GVKgzTPLH1mdnQHnKJKEj3VKde0
cMvyD0cI1QFZyW0aA/1qPY4KU9pdzD1YSsWNCecGUi7tsPCk/ltFIfDprbiOoo/y
OzdEuw/80fd7xG+BollGQFhqKH0ZumubASKzUtKKdGgLdvQ2XRpDrR5x5oHnOlkG
l88oIAB1E78SR+eH6/3Q1wyS3wVtg7d4KkdBAqIjMht8PpnDqode1UW1G9My6Ca5
ZK0ITPVJUuLjHM83I5w=
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:35:36 2025 by rpki-client