Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dkVcG2-jp8BysMdaRUvEWmIPeEA.roa
File: dkVcG2-jp8BysMdaRUvEWmIPeEA.roa (raw, json)
Hash identifier: +6RgtJ3N/McbBhYuKwwkX4b+tw1QG5EpwOkw/6VxCp4=
Subject key identifier: 76:45:5C:1B:6F:A3:A7:C0:72:B0:C7:5A:45:4B:C4:5A:62:0F:78:40
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01987A22FAEB7E9C6E6258C75FB8198A5081
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dkVcG2-jp8BysMdaRUvEWmIPeEA.roa
Signing time: Tue 05 Aug 2025 12:09:29 +0000
ROA not before: Tue 05 Aug 2025 12:09:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 46.243.1.0/24 maxlen: 24
46.243.4.0/24 maxlen: 24
46.243.6.0/24 maxlen: 24
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:22:fa:eb:7e:9c:6e:62:58:c7:5f:b8:19:8a:50:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 5 12:09:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76455c1b6fa3a7c072b0c75a454bc45a620f7840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:c2:7a:16:2e:70:46:6d:44:6e:49:6f:dd:
7f:1e:7d:7b:e4:ed:6d:42:ca:db:dd:5e:29:7d:91:
e0:7a:f3:5b:63:07:8c:12:96:69:48:ab:2f:aa:42:
ff:af:af:ab:b9:57:3a:e4:ae:8e:02:fa:46:05:3f:
05:ee:4d:e2:79:c7:5d:4f:7e:d8:f5:ed:c8:32:7c:
7f:c9:b8:dc:c2:d2:cf:94:aa:78:f6:39:bd:78:b6:
64:35:8e:4d:b3:15:ab:8d:b3:fc:4e:44:56:33:c8:
cb:f7:37:73:fe:53:c0:e8:23:f8:cb:2e:60:12:48:
94:56:03:fc:d1:4c:10:92:e3:79:ca:df:ad:3e:79:
01:d4:0b:5a:6b:c5:35:db:b2:d3:22:53:53:6d:6a:
40:4a:f6:ad:f5:fd:40:ab:bf:bf:0d:81:be:72:3d:
ee:1b:0e:c1:56:e9:3e:ec:27:f6:e9:9e:2f:25:04:
c7:a5:ee:dd:e4:41:9e:c1:2c:24:90:66:2c:cb:c3:
78:4c:e0:d2:07:77:b6:31:0d:15:ec:72:64:63:0b:
2f:a5:72:58:80:83:26:fa:5c:ca:24:a0:d6:e2:d2:
28:81:66:16:21:6e:15:64:d4:bc:5f:3b:f3:9d:7e:
f2:e7:dd:36:c4:8b:4a:41:0a:99:de:5a:52:47:00:
b0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:45:5C:1B:6F:A3:A7:C0:72:B0:C7:5A:45:4B:C4:5A:62:0F:78:40
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dkVcG2-jp8BysMdaRUvEWmIPeEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.1.0/24
46.243.4.0/24
46.243.6.0/24
95.81.112.0/23
Signature Algorithm: sha256WithRSAEncryption
58:ae:e8:29:bf:6b:ad:df:17:77:76:4b:d2:02:47:9a:cf:c2:
56:dd:c2:0c:16:40:5a:8d:0a:2c:ca:10:cc:f6:b3:e4:78:dd:
34:5f:45:e9:bf:d2:3e:63:a3:b5:a5:99:c0:ed:ea:31:2e:36:
07:27:da:4c:1a:24:4c:10:c2:ce:d5:f4:40:8f:84:34:2f:8a:
f7:c3:2f:d3:fd:d6:ab:8c:a7:7f:0d:06:5e:d3:c5:71:7b:3f:
04:df:aa:a4:e3:e1:73:32:80:38:66:86:07:19:06:fb:dd:09:
4b:39:74:e1:5b:44:7b:6c:af:e5:a8:ec:03:c0:7f:01:f1:f2:
9e:69:34:3d:3f:d1:71:22:f0:42:2f:d9:1a:1f:16:85:e6:d8:
3b:7a:bc:63:58:46:5e:4a:26:3b:d6:ce:0c:69:ce:20:21:9c:
d7:58:0f:5d:a9:88:9a:21:9b:11:16:e1:19:aa:6d:da:fd:9c:
41:5d:35:1e:15:a2:c7:4f:f9:ce:68:7d:12:ef:2f:21:0d:a4:
2a:e1:a7:0f:53:d2:62:5d:1d:c5:e6:d8:48:8d:a7:7d:0f:92:
23:4d:ab:c1:79:c9:4f:bf:3d:ef:d3:83:68:21:74:e1:b5:b0:
3a:a4:80:d5:7f:81:fa:c0:b6:14:98:70:05:33:e1:22:75:30:
b1:08:13:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZh6IvrrfpxuYljHX7gZilCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODA1MTIwOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ1NWMxYjZmYTNhN2MwNzJiMGM3NWE0NTRiYzQ1YTYyMGY3ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+/CehYucEZtRG5Jb91/Hn175O1t
Qsrb3V4pfZHgevNbYweMEpZpSKsvqkL/r6+ruVc65K6OAvpGBT8F7k3iecddT37Y
9e3IMnx/ybjcwtLPlKp49jm9eLZkNY5NsxWrjbP8TkRWM8jL9zdz/lPA6CP4yy5g
EkiUVgP80UwQkuN5yt+tPnkB1Ataa8U127LTIlNTbWpASvat9f1Aq7+/DYG+cj3u
Gw7BVuk+7Cf26Z4vJQTHpe7d5EGewSwkkGYsy8N4TODSB3e2MQ0V7HJkYwsvpXJY
gIMm+lzKJKDW4tIogWYWIW4VZNS8XzvznX7y5902xItKQQqZ3lpSRwCwBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHZFXBtvo6fAcrDHWkVLxFpiD3hAMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvZGtWY0cyLWpwOEJ5c01kYVJVdkVXbUlQZUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALvMBAwQA
LvMEAwQALvMGAwQBX1FwMA0GCSqGSIb3DQEBCwUAA4IBAQBYrugpv2ut3xd3dkvS
Akeaz8JW3cIMFkBajQosyhDM9rPkeN00X0Xpv9I+Y6O1pZnA7eoxLjYHJ9pMGiRM
EMLO1fRAj4Q0L4r3wy/T/darjKd/DQZe08Vxez8E36qk4+FzMoA4ZoYHGQb73QlL
OXThW0R7bK/lqOwDwH8B8fKeaTQ9P9FxIvBCL9kaHxaF5tg7erxjWEZeSiY71s4M
ac4gIZzXWA9dqYiaIZsRFuEZqm3a/ZxBXTUeFaLHT/nOaH0S7y8hDaQq4acPU9Ji
XR3F5thIjad9D5IjTavBeclPvz3v04NoIXThtbA6pIDVf4H6wLYUmHAFM+EidTCx
CBPY
-----END CERTIFICATE-----
Generated at Sat Aug 9 03:01:36 2025 by rpki-client