Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/arsdSZehHZwvUMigbHIaVFgyHgA.roa
File: arsdSZehHZwvUMigbHIaVFgyHgA.roa (raw, json)
Hash identifier: 7qczaryyO66sn+GPYqtiQ8omr2efkloDFIlKSsh006Q=
Subject key identifier: 6A:BB:1D:49:97:A1:1D:9C:2F:50:C8:A0:6C:72:1A:54:58:32:1E:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197F8911E26A6B7E83EF15D9496C2CF3CCF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/arsdSZehHZwvUMigbHIaVFgyHgA.roa
Signing time: Fri 11 Jul 2025 08:19:09 +0000
ROA not before: Fri 11 Jul 2025 08:19:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202737
IP address blocks: 45.12.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f8:91:1e:26:a6:b7:e8:3e:f1:5d:94:96:c2:cf:3c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 11 08:19:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6abb1d4997a11d9c2f50c8a06c721a5458321e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:df:e7:54:71:55:9d:97:60:c7:98:55:9e:88:
de:41:41:5e:a2:ff:12:01:9c:18:30:5f:fa:6e:eb:
9c:fd:87:0f:f9:b8:d3:cc:de:fc:58:62:19:45:fd:
c3:80:7e:e2:b3:4c:ed:bf:47:1e:f1:19:6f:0a:cd:
de:08:e2:20:f1:72:98:89:99:f2:37:d2:01:f6:35:
99:75:fd:6d:40:db:bf:9a:fe:ad:b5:0e:92:9c:db:
04:15:15:a8:18:5d:b2:4a:2a:f2:8e:8a:58:5f:55:
81:74:f5:2f:0f:f6:bc:a6:b2:4e:c8:fc:a9:74:8b:
1d:28:62:52:ce:84:76:a9:3c:fd:29:5a:c9:f6:f4:
eb:b5:e9:8b:d6:3b:1b:0c:82:25:7c:18:59:5f:99:
a8:69:af:fd:2b:14:3e:f1:7f:b8:96:91:c6:26:53:
bd:49:3a:63:fe:34:0c:0c:c4:09:a0:0c:a5:10:65:
ad:6c:e7:03:37:c5:5a:ea:97:c9:b8:e9:a7:5a:a8:
d3:ff:1a:14:da:3d:a0:b2:0d:cf:71:ef:40:0c:4a:
7b:ef:cb:9a:28:df:9a:e3:3b:55:18:09:30:94:7e:
16:74:2f:01:ca:c5:b1:f8:9b:0e:da:22:43:54:42:
14:99:2b:d4:c3:7c:b9:49:58:e1:f5:69:6b:49:8c:
28:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BB:1D:49:97:A1:1D:9C:2F:50:C8:A0:6C:72:1A:54:58:32:1E:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/arsdSZehHZwvUMigbHIaVFgyHgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.253.0/24
Signature Algorithm: sha256WithRSAEncryption
91:f9:9a:8c:57:7c:6b:69:6e:6d:de:24:0c:22:e3:37:d8:b2:
1e:f9:8a:24:28:3f:da:3d:53:94:10:ff:e4:41:7b:fa:53:b3:
e9:2b:ee:04:27:51:bc:0b:0e:df:84:d8:39:1f:cc:5f:87:90:
8c:71:a3:0d:eb:7f:d4:46:4c:c2:d5:87:bc:32:65:b5:36:27:
d3:5a:46:32:6b:41:a5:ea:19:03:09:33:1f:db:f7:fd:97:a4:
e6:71:e2:39:a1:06:94:a4:21:b3:41:5d:f2:37:10:2f:81:6c:
47:af:d0:1c:c7:dd:1c:97:ba:13:5f:28:a7:59:83:d3:d8:3a:
ef:19:b8:3a:71:ec:c1:0a:26:ad:60:57:70:21:21:81:24:e2:
b9:e6:8f:f5:0f:55:de:a6:ea:1e:39:4c:be:29:6e:b7:63:24:
1c:1d:32:8c:9b:03:3a:d2:95:02:68:16:82:4b:97:2e:2a:a1:
e7:2f:e0:c5:69:7a:10:ba:20:5a:ee:e6:0d:08:ac:72:f0:b7:
ae:5b:b5:96:22:6d:6a:ee:48:e1:24:98:b4:7b:1b:c2:b5:64:
78:27:23:59:ec:0a:28:d2:41:8d:e4:b9:5c:ed:53:a7:6d:31:
7e:79:bb:c6:f5:99:18:e3:23:69:fa:11:70:3f:e5:74:54:ec:
3f:ff:64:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZf4kR4mprfoPvFdlJbCzzzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzExMDgxOTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJiMWQ0OTk3YTExZDljMmY1MGM4YTA2YzcyMWE1NDU4MzIxZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN/nVHFVnZdgx5hVnojeQUFeov8S
AZwYMF/6buuc/YcP+bjTzN78WGIZRf3DgH7is0ztv0ce8RlvCs3eCOIg8XKYiZny
N9IB9jWZdf1tQNu/mv6ttQ6SnNsEFRWoGF2ySiryjopYX1WBdPUvD/a8prJOyPyp
dIsdKGJSzoR2qTz9KVrJ9vTrtemL1jsbDIIlfBhZX5moaa/9KxQ+8X+4lpHGJlO9
STpj/jQMDMQJoAylEGWtbOcDN8Va6pfJuOmnWqjT/xoU2j2gsg3Pce9ADEp778ua
KN+a4ztVGAkwlH4WdC8BysWx+JsO2iJDVEIUmSvUw3y5SVjh9WlrSYwoYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGq7HUmXoR2cL1DIoGxyGlRYMh4AMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYXJzZFNaZWhIWnd2VU1pZ2JISWFWRmd5SGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQz9MA0G
CSqGSIb3DQEBCwUAA4IBAQCR+ZqMV3xraW5t3iQMIuM32LIe+YokKD/aPVOUEP/k
QXv6U7PpK+4EJ1G8Cw7fhNg5H8xfh5CMcaMN63/URkzC1Ye8MmW1NifTWkYya0Gl
6hkDCTMf2/f9l6TmceI5oQaUpCGzQV3yNxAvgWxHr9Acx90cl7oTXyinWYPT2Drv
Gbg6cezBCiatYFdwISGBJOK55o/1D1XepuoeOUy+KW63YyQcHTKMmwM60pUCaBaC
S5cuKqHnL+DFaXoQuiBa7uYNCKxy8LeuW7WWIm1q7kjhJJi0exvCtWR4JyNZ7Aoo
0kGN5Llc7VOnbTF+ebvG9ZkY4yNp+hFwP+V0VOw//2Rk
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:07:50 2025 by rpki-client