Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/aLKZdbyHdUQAxsRZ3ruuENc53TE.roa
File: aLKZdbyHdUQAxsRZ3ruuENc53TE.roa (raw, json)
Hash identifier: yhXtjt95UoYbZR58FaQJ/OrRbsl6cTOpt3SfPdy5STs=
Subject key identifier: 68:B2:99:75:BC:87:75:44:00:C6:C4:59:DE:BB:AE:10:D7:39:DD:31
Certificate issuer: /CN=f57a4812a159ef6a9e92972e7572ad662d72215a
Certificate serial: 019846F913AD68204C949FB0750BC7C23E76
Authority key identifier: F5:7A:48:12:A1:59:EF:6A:9E:92:97:2E:75:72:AD:66:2D:72:21:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/aLKZdbyHdUQAxsRZ3ruuENc53TE.roa
Signing time: Sat 26 Jul 2025 13:43:05 +0000
ROA not before: Sat 26 Jul 2025 13:43:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49029
IP address blocks: 185.154.128.0/24 maxlen: 24
185.154.129.0/24 maxlen: 24
185.154.130.0/24 maxlen: 24
185.154.131.0/24 maxlen: 24
212.23.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 13:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:46:f9:13:ad:68:20:4c:94:9f:b0:75:0b:c7:c2:3e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57a4812a159ef6a9e92972e7572ad662d72215a
Validity
Not Before: Jul 26 13:43:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68b29975bc87754400c6c459debbae10d739dd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:26:28:91:ff:84:55:7d:76:f4:db:ae:61:65:
35:3e:7f:03:4b:76:95:80:33:54:6a:ac:f9:5e:13:
4f:7c:4e:a2:10:dc:d4:07:f4:a3:5a:9c:d5:5b:74:
26:3e:a3:b7:e0:e0:b2:0e:f8:ec:1f:53:7c:56:dd:
4c:97:f2:2b:dd:80:f0:90:41:c7:60:85:67:04:a5:
22:27:8b:c2:bb:15:c9:ba:1f:69:b4:34:82:dc:12:
44:20:f0:9c:94:46:2a:75:07:93:74:3e:04:4e:96:
63:df:39:d5:22:d7:5f:db:c5:19:ae:8b:6e:32:c9:
9a:42:b8:d8:bd:99:de:91:76:60:42:5b:d7:5e:34:
19:09:95:6d:dc:3d:b4:5c:d9:21:a4:87:b6:26:40:
ef:5c:eb:9a:3d:4d:eb:63:ef:7d:89:45:6e:94:ee:
00:ad:19:c3:27:13:6d:f5:9c:22:e2:f2:33:44:e2:
57:48:1d:c3:a5:2d:95:e1:3d:34:a7:77:72:fb:e1:
64:cb:82:5b:50:05:66:fa:d2:1e:87:cb:7d:dd:9c:
d4:15:d6:a5:b8:a6:25:12:d2:fd:91:76:f8:6f:6a:
4c:f9:bd:a7:fb:12:ec:c7:bb:0d:14:f3:c3:67:a1:
a6:f5:59:73:f3:b7:d9:42:82:cf:c3:7b:2f:9e:63:
c1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B2:99:75:BC:87:75:44:00:C6:C4:59:DE:BB:AE:10:D7:39:DD:31
X509v3 Authority Key Identifier:
keyid:F5:7A:48:12:A1:59:EF:6A:9E:92:97:2E:75:72:AD:66:2D:72:21:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/aLKZdbyHdUQAxsRZ3ruuENc53TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.128.0/22
212.23.209.0/24
Signature Algorithm: sha256WithRSAEncryption
09:36:72:89:c0:1d:d0:49:54:e4:cd:ca:8b:2d:29:92:11:5d:
51:fd:72:5f:6c:69:17:cd:80:ea:56:2d:0b:bf:dd:0c:08:8e:
82:22:8b:fa:3e:a9:4c:22:59:5c:80:25:37:b0:39:4e:25:1d:
cd:1e:ed:25:4d:36:e2:10:eb:bf:55:00:7c:91:9f:bf:5e:dd:
b9:40:7e:b1:88:ed:62:8c:e4:02:41:f1:60:fc:6d:f7:e6:dd:
e4:68:96:9c:43:cf:d5:4b:d7:2a:d6:fa:3c:26:bf:23:9c:21:
a8:f5:84:4e:88:4f:9c:26:74:c0:9f:9a:4b:2f:75:30:06:da:
bb:0f:a4:9e:58:f2:fe:3d:bb:ea:98:78:fb:3f:56:dc:b2:f7:
21:3a:1f:d9:25:30:2f:98:72:bb:23:dc:7a:30:4f:e8:22:23:
b6:fc:b5:3d:92:92:91:a7:d8:da:90:50:f1:ef:d2:bc:7e:1b:
27:87:69:16:ba:fa:ec:d0:40:23:71:fc:8d:e7:aa:46:d5:c6:
98:ad:b7:94:05:7e:80:b3:e5:f8:77:8a:08:da:f0:31:58:56:
07:22:52:06:08:66:1d:9d:11:5a:d1:4f:ab:07:fd:ae:eb:66:
e8:72:71:96:64:62:d3:4e:97:2e:2e:cb:11:cd:8d:84:75:21:
f0:1f:f6:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhG+ROtaCBMlJ+wdQvHwj52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2E0ODEyYTE1OWVmNmE5ZTkyOTcyZTc1NzJhZDY2MmQ3
MjIxNWEwHhcNMjUwNzI2MTM0MzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGIyOTk3NWJjODc3NTQ0MDBjNmM0NTlkZWJiYWUxMGQ3MzlkZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CYokf+EVX129NuuYWU1Pn8DS3aV
gDNUaqz5XhNPfE6iENzUB/SjWpzVW3QmPqO34OCyDvjsH1N8Vt1Ml/Ir3YDwkEHH
YIVnBKUiJ4vCuxXJuh9ptDSC3BJEIPCclEYqdQeTdD4ETpZj3znVItdf28UZrotu
MsmaQrjYvZnekXZgQlvXXjQZCZVt3D20XNkhpIe2JkDvXOuaPU3rY+99iUVulO4A
rRnDJxNt9Zwi4vIzROJXSB3DpS2V4T00p3dy++Fky4JbUAVm+tIeh8t93ZzUFdal
uKYlEtL9kXb4b2pM+b2n+xLsx7sNFPPDZ6Gm9Vlz87fZQoLPw3svnmPBoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGiymXW8h3VEAMbEWd67rhDXOd0xMB8GA1UdIwQY
MBaAFPV6SBKhWe9qnpKXLnVyrWYtciFaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhwSUVxRlo3MnFla3BjdWRYS3RaaTF5SVZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80ZmJlMTAtOTQ4Ny00MTE1LTk4NTYt
YmViNzBmZDQxNWNhLzEvYUxLWmRieUhkVVFBeHNSWjNydXVFTmM1M1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80ZmJlMTAtOTQ4Ny00MTE1LTk4NTYtYmViNzBmZDQxNWNh
LzEvOVhwSUVxRlo3MnFla3BjdWRYS3RaaTF5SVZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZqAAwQA
1BfRMA0GCSqGSIb3DQEBCwUAA4IBAQAJNnKJwB3QSVTkzcqLLSmSEV1R/XJfbGkX
zYDqVi0Lv90MCI6CIov6PqlMIllcgCU3sDlOJR3NHu0lTTbiEOu/VQB8kZ+/Xt25
QH6xiO1ijOQCQfFg/G335t3kaJacQ8/VS9cq1vo8Jr8jnCGo9YROiE+cJnTAn5pL
L3UwBtq7D6SeWPL+PbvqmHj7P1bcsvchOh/ZJTAvmHK7I9x6ME/oIiO2/LU9kpKR
p9jakFDx79K8fhsnh2kWuvrs0EAjcfyN56pG1caYrbeUBX6As+X4d4oI2vAxWFYH
IlIGCGYdnRFa0U+rB/2u62bocnGWZGLTTpcuLssRzY2EdSHwH/YK
-----END CERTIFICATE-----
Generated at Wed Aug 13 21:21:09 2025 by rpki-client