Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/4xwaWRub9ONEDx1qZtSfGSWgm_U.roa
File: 4xwaWRub9ONEDx1qZtSfGSWgm_U.roa (raw, json)
Hash identifier: DQtqDfCJ+g5/1BpTJ+JbAARxia0+c3cSAM/MeNxPjZQ=
Subject key identifier: E3:1C:1A:59:1B:9B:F4:E3:44:0F:1D:6A:66:D4:9F:19:25:A0:9B:F5
Certificate issuer: /CN=b754652a9e989145a059f78883d536e92c43b53f
Certificate serial: 019A1150DBFE8B2E9EF141533FA1E86CEEEF
Authority key identifier: B7:54:65:2A:9E:98:91:45:A0:59:F7:88:83:D5:36:E9:2C:43:B5:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1RlKp6YkUWgWfeIg9U26SxDtT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/4xwaWRub9ONEDx1qZtSfGSWgm_U.roa
Signing time: Thu 23 Oct 2025 13:45:03 +0000
ROA not before: Thu 23 Oct 2025 13:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199878
IP address blocks: 82.118.146.0/23 maxlen: 23
82.118.146.0/24 maxlen: 24
82.118.147.0/24 maxlen: 24
95.171.236.0/23 maxlen: 23
95.171.236.0/24 maxlen: 24
95.171.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/t1RlKp6YkUWgWfeIg9U26SxDtT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/t1RlKp6YkUWgWfeIg9U26SxDtT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1RlKp6YkUWgWfeIg9U26SxDtT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:11:50:db:fe:8b:2e:9e:f1:41:53:3f:a1:e8:6c:ee:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b754652a9e989145a059f78883d536e92c43b53f
Validity
Not Before: Oct 23 13:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e31c1a591b9bf4e3440f1d6a66d49f1925a09bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:92:1e:6a:7f:cc:56:fd:04:35:8c:00:d4:65:
f0:dd:dc:65:81:ac:2c:30:64:e3:00:15:19:47:01:
d6:de:8b:7e:5b:40:a3:3b:6b:a1:d2:1c:bd:29:5f:
ed:8c:c3:5c:48:5f:ab:e9:42:08:18:83:c2:73:de:
72:73:31:5a:1f:bf:25:53:e4:f4:45:be:0e:fb:fb:
78:48:15:92:a4:82:e2:69:41:c9:52:8b:e7:e2:ac:
39:d3:af:f4:fa:f1:bf:b7:37:4d:9e:d3:8c:40:19:
66:3e:97:83:49:b8:fa:3d:28:b5:f8:7b:03:94:a4:
16:86:60:ac:8c:e4:01:ba:ec:43:b3:8b:b5:5d:a9:
ff:91:03:4b:d6:7b:0c:cb:bd:f3:75:5b:b6:6a:48:
e6:4e:21:2f:d0:2e:26:c2:c3:91:7b:0e:0b:fa:d2:
d3:4b:89:39:ff:3e:c0:6d:d0:fd:54:4c:f4:e0:d6:
8b:83:93:33:df:96:fe:17:8e:8c:fa:3a:56:f2:0b:
56:71:6e:d2:4c:ea:a9:f3:80:3b:3a:b4:2e:96:7b:
85:29:bf:28:2c:7a:9a:84:a9:04:9d:73:d8:17:31:
0c:47:b9:d0:e7:64:8a:52:ba:f3:0d:a9:b6:5e:7a:
c2:91:18:92:65:c6:63:4c:6a:38:f1:3d:24:51:f6:
cc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1C:1A:59:1B:9B:F4:E3:44:0F:1D:6A:66:D4:9F:19:25:A0:9B:F5
X509v3 Authority Key Identifier:
keyid:B7:54:65:2A:9E:98:91:45:A0:59:F7:88:83:D5:36:E9:2C:43:B5:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1RlKp6YkUWgWfeIg9U26SxDtT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/4xwaWRub9ONEDx1qZtSfGSWgm_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/t1RlKp6YkUWgWfeIg9U26SxDtT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.146.0/23
95.171.236.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:21:2c:d1:a9:70:e2:fa:c4:ca:bf:93:54:4a:6e:cf:22:07:
fe:0d:4e:40:20:cb:c7:9d:d3:66:e8:5f:66:2b:3c:c3:e6:6a:
e8:3f:73:b1:7e:d8:72:1e:70:25:05:7f:16:80:30:d1:07:d7:
45:94:73:c2:26:d9:77:3c:b3:b2:45:d4:0a:07:16:9b:c8:73:
a9:7a:25:15:e3:bc:5f:9d:a3:5e:48:9a:a6:47:b8:05:1f:ae:
3a:1c:c0:c2:d9:ee:30:12:ed:74:27:cc:2a:4b:b1:33:bf:89:
8d:36:ce:5b:e0:b2:00:2d:f9:c8:58:b0:95:69:de:38:d6:93:
45:89:51:28:d2:07:16:3d:61:7f:b1:90:5e:8f:8d:6d:34:3f:
77:68:c6:7b:87:1a:77:3f:43:ba:99:f7:43:55:fb:22:75:66:
f8:17:8e:9d:c8:da:af:44:4e:a2:71:f5:d6:18:da:9d:d7:45:
0b:a6:c4:a6:32:08:76:01:66:a3:aa:2e:1d:47:16:69:b7:bc:
6f:9b:c8:ac:69:52:bc:a9:ac:a8:1a:8b:38:eb:88:2e:04:25:
81:5c:8c:a6:01:9f:db:92:80:ce:66:22:19:31:f4:d4:02:67:
9c:06:66:8c:56:b8:62:ba:4c:a3:43:a4:7d:25:11:63:a7:8d:
64:43:b1:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoRUNv+iy6e8UFTP6HobO7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTQ2NTJhOWU5ODkxNDVhMDU5Zjc4ODgzZDUzNmU5MmM0
M2I1M2YwHhcNMjUxMDIzMTM0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFjMWE1OTFiOWJmNGUzNDQwZjFkNmE2NmQ0OWYxOTI1YTA5YmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pIean/MVv0ENYwA1GXw3dxlgaws
MGTjABUZRwHW3ot+W0CjO2uh0hy9KV/tjMNcSF+r6UIIGIPCc95yczFaH78lU+T0
Rb4O+/t4SBWSpILiaUHJUovn4qw506/0+vG/tzdNntOMQBlmPpeDSbj6PSi1+HsD
lKQWhmCsjOQBuuxDs4u1Xan/kQNL1nsMy73zdVu2akjmTiEv0C4mwsORew4L+tLT
S4k5/z7AbdD9VEz04NaLg5Mz35b+F46M+jpW8gtWcW7STOqp84A7OrQulnuFKb8o
LHqahKkEnXPYFzEMR7nQ52SKUrrzDam2XnrCkRiSZcZjTGo48T0kUfbM8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOMcGlkbm/TjRA8dambUnxkloJv1MB8GA1UdIwQY
MBaAFLdUZSqemJFFoFn3iIPVNuksQ7U/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFSbEtwNllrVVdnV2ZlSWc5VTI2U3hEdFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hZmQ2YjktNmM0ZS00MGUwLWFlOTYt
YjRkYTIwYTc1N2NmLzEvNHh3YVdSdWI5T05FRHgxcVp0U2ZHU1dnbV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hZmQ2YjktNmM0ZS00MGUwLWFlOTYtYjRkYTIwYTc1N2Nm
LzEvdDFSbEtwNllrVVdnV2ZlSWc5VTI2U3hEdFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUnaSAwQB
X6vsMA0GCSqGSIb3DQEBCwUAA4IBAQB9ISzRqXDi+sTKv5NUSm7PIgf+DU5AIMvH
ndNm6F9mKzzD5mroP3OxfthyHnAlBX8WgDDRB9dFlHPCJtl3PLOyRdQKBxabyHOp
eiUV47xfnaNeSJqmR7gFH646HMDC2e4wEu10J8wqS7Ezv4mNNs5b4LIALfnIWLCV
ad441pNFiVEo0gcWPWF/sZBej41tND93aMZ7hxp3P0O6mfdDVfsidWb4F46dyNqv
RE6icfXWGNqd10ULpsSmMgh2AWajqi4dRxZpt7xvm8isaVK8qayoGos464guBCWB
XIymAZ/bkoDOZiIZMfTUAmecBmaMVrhiukyjQ6R9JRFjp41kQ7Ej
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:12:06 2025 by rpki-client