Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/IMteYrUcQwC4fikiMPLPlQJ2AU4.roa
File: IMteYrUcQwC4fikiMPLPlQJ2AU4.roa (raw, json)
Hash identifier: bauml31a2/VODfRGvD1moLeSONLOTRLu5AwxRUjBimk=
Subject key identifier: 20:CB:5E:62:B5:1C:43:00:B8:7E:29:22:30:F2:CF:95:02:76:01:4E
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01977D1B6993F9C010918AD44904F2EBA545
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/IMteYrUcQwC4fikiMPLPlQJ2AU4.roa
Signing time: Tue 17 Jun 2025 08:57:17 +0000
ROA not before: Tue 17 Jun 2025 08:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 46.243.7.0/24 maxlen: 24
91.200.12.0/24 maxlen: 24
92.62.119.0/24 maxlen: 24
94.232.248.0/24 maxlen: 24
95.81.114.0/24 maxlen: 24
109.69.60.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 10:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:1b:69:93:f9:c0:10:91:8a:d4:49:04:f2:eb:a5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jun 17 08:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20cb5e62b51c4300b87e292230f2cf950276014e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5f:9d:85:09:b2:38:20:ee:ef:1f:54:de:8d:
90:1d:90:49:cc:d3:53:32:07:5a:d0:2e:39:21:b6:
ef:73:77:29:f0:bd:8a:68:0a:d3:57:7e:e9:ed:ef:
70:ab:be:f6:25:fe:30:96:ce:fe:4c:ad:60:18:0b:
04:b3:87:bc:50:e1:82:d3:16:01:5d:c3:ad:df:ad:
50:84:ee:15:af:e4:55:d2:70:87:e0:8f:12:52:b0:
d8:49:3a:7f:b7:f7:81:c0:e9:a1:71:23:37:15:52:
9c:71:99:8d:c3:b3:75:06:a0:d5:4a:b4:98:92:3d:
e6:03:3a:80:ee:2c:40:42:5c:f7:2d:85:f1:37:cb:
a9:9d:af:50:1f:03:ae:6a:1b:63:09:0d:7e:8c:ac:
7b:02:41:8d:4e:bc:3c:34:26:96:95:36:21:6e:02:
fe:59:cc:58:a9:46:45:0a:ca:e6:0f:9e:80:d7:e1:
e9:e7:40:7c:0e:21:ba:ab:a3:a8:3a:43:25:66:e4:
81:2d:0c:99:5c:48:22:e5:41:ac:1b:62:57:f0:8c:
9d:0a:78:a6:f2:41:f0:4a:30:4d:96:21:db:c4:00:
58:af:2c:17:0a:d8:43:81:95:d7:e8:a7:fb:29:3a:
4c:ce:09:45:c9:17:57:fd:05:74:69:89:c4:fc:11:
e9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CB:5E:62:B5:1C:43:00:B8:7E:29:22:30:F2:CF:95:02:76:01:4E
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/IMteYrUcQwC4fikiMPLPlQJ2AU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.7.0/24
91.200.12.0/24
92.62.119.0/24
94.232.248.0/24
95.81.114.0/24
109.69.60.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
24:52:6b:c7:c3:5c:42:0a:56:5e:33:9d:b1:d6:3f:b3:ab:03:
35:b9:f8:7d:f9:d6:22:84:ca:d2:1a:76:fc:03:99:24:b7:9f:
57:4a:53:96:c4:32:29:8d:f8:e1:d2:05:56:a4:76:49:df:b4:
14:68:3c:36:cb:35:64:41:5f:c7:d5:c3:54:a6:3a:8b:9e:0e:
4a:a4:88:dd:41:41:1c:c2:34:3d:42:29:b5:8f:17:05:96:dc:
39:4b:e4:b3:a2:0f:85:47:8c:c5:10:07:df:73:35:ee:49:6a:
9c:1d:33:09:d3:3b:85:de:c6:d5:0d:1b:45:2d:47:30:aa:94:
f6:f4:a2:3e:3f:c4:8c:19:96:a0:0c:d1:58:84:cf:dd:47:97:
0d:9c:db:43:35:4f:ef:66:00:87:c6:d5:12:86:05:d9:16:aa:
05:33:34:70:56:d9:93:92:d2:ef:d3:3f:68:7a:a3:d0:8c:5d:
2b:07:ec:ae:4a:f4:be:fd:58:8a:1c:9b:81:de:f5:aa:88:95:
16:2f:59:67:12:e2:95:0b:fb:67:d0:55:ae:cc:f7:30:98:eb:
da:3f:be:64:9f:ff:a2:03:eb:2a:a3:08:4d:2d:73:de:e6:01:
72:82:29:be:70:98:08:e8:3e:c6:8b:a7:a9:68:fa:bc:42:d9:
35:84:0c:da
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZd9G2mT+cAQkYrUSQTy66VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNjE3MDg1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGNiNWU2MmI1MWM0MzAwYjg3ZTI5MjIzMGYyY2Y5NTAyNzYwMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV+dhQmyOCDu7x9U3o2QHZBJzNNT
Mgda0C45Ibbvc3cp8L2KaArTV37p7e9wq772Jf4wls7+TK1gGAsEs4e8UOGC0xYB
XcOt361QhO4Vr+RV0nCH4I8SUrDYSTp/t/eBwOmhcSM3FVKccZmNw7N1BqDVSrSY
kj3mAzqA7ixAQlz3LYXxN8upna9QHwOuahtjCQ1+jKx7AkGNTrw8NCaWlTYhbgL+
WcxYqUZFCsrmD56A1+Hp50B8DiG6q6OoOkMlZuSBLQyZXEgi5UGsG2JX8IydCnim
8kHwSjBNliHbxABYrywXCthDgZXX6Kf7KTpMzglFyRdX/QV0aYnE/BHpXwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFCDLXmK1HEMAuH4pIjDyz5UCdgFOMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvSU10ZVlyVWNRd0M0ZmlraU1QTFBsUUoyQVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQALvMHAwQA
W8gMAwQAXD53AwQAXuj4AwQAX1FyAwQAbUU8MBsEAgACMBUDBQMqBt3AAwUDKguA
QAMFACoM9kIwDQYJKoZIhvcNAQELBQADggEBACRSa8fDXEIKVl4znbHWP7OrAzW5
+H351iKEytIadvwDmSS3n1dKU5bEMimN+OHSBVakdknftBRoPDbLNWRBX8fVw1Sm
OoueDkqkiN1BQRzCND1CKbWPFwWW3DlL5LOiD4VHjMUQB99zNe5JapwdMwnTO4Xe
xtUNG0UtRzCqlPb0oj4/xIwZlqAM0ViEz91Hlw2c20M1T+9mAIfG1RKGBdkWqgUz
NHBW2ZOS0u/TP2h6o9CMXSsH7K5K9L79WIocm4He9aqIlRYvWWcS4pUL+2fQVa7M
9zCY69o/vmSf/6ID6yqjCE0tc97mAXKCKb5wmAjoPsaLp6lo+rxC2TWEDNo=
-----END CERTIFICATE-----
Generated at Thu Jun 19 16:20:29 2025 by rpki-client