Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/UnvnWibayArM0rP_4GK2HPqji88.roa
File: UnvnWibayArM0rP_4GK2HPqji88.roa (raw, json)
Hash identifier: iHEj+BKItdDDWf+r36lrBqtGBGTAVvOycWO2mc2eMRo=
Subject key identifier: 52:7B:E7:5A:26:DA:C8:0A:CC:D2:B3:FF:E0:62:B6:1C:FA:A3:8B:CF
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 019817B6B1D10AB64A192D7651FB3D26EA5D
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/UnvnWibayArM0rP_4GK2HPqji88.roa
Signing time: Thu 17 Jul 2025 09:28:25 +0000
ROA not before: Thu 17 Jul 2025 09:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395092
IP address blocks: 45.95.16.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
94.124.160.0/24 maxlen: 24
185.93.220.0/22 maxlen: 24
193.17.56.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
213.139.204.0/22 maxlen: 22
217.195.152.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:9ec1::/48 maxlen: 48
2a0d:9ec2::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
2a0d:d8c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:b6:b1:d1:0a:b6:4a:19:2d:76:51:fb:3d:26:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jul 17 09:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=527be75a26dac80accd2b3ffe062b61cfaa38bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:18:f4:9d:82:9d:e4:80:ba:b3:b0:6d:4a:54:
3b:15:f6:34:7f:6f:55:a4:d8:43:13:04:e2:e1:6c:
dd:71:7e:03:a5:33:d6:77:4e:42:53:6f:d5:dc:a9:
ab:75:8f:3d:96:8d:89:55:74:6e:c4:56:e2:2b:6b:
7f:44:2f:04:b0:5b:ea:7d:c8:e9:e8:74:23:e4:3c:
94:c7:b2:8a:61:10:7b:bb:d3:c6:9a:50:3e:91:ec:
b7:2f:ed:da:24:2f:0c:ef:7e:d6:c4:a5:75:29:08:
92:e1:f7:b3:18:99:52:12:df:c6:d1:28:7a:ea:f3:
e5:24:94:75:d2:b2:3e:2a:8c:17:80:15:5c:83:b9:
a2:45:ac:d6:67:1a:fd:e5:7f:b5:fa:e9:a0:fe:4a:
cf:04:d7:b9:75:90:e4:48:da:d5:94:d2:c6:4d:e0:
f9:00:9a:17:47:93:35:5a:34:e3:d9:ed:15:58:ac:
b3:6e:4e:24:73:db:a9:44:19:39:53:90:68:ef:da:
82:b7:a3:42:ad:5a:be:33:04:fc:0f:32:4f:3e:c9:
0e:59:71:92:5c:3c:45:96:7f:ae:21:73:93:cb:cb:
4b:c2:64:1c:36:1a:fd:a8:2c:c4:da:5d:8a:26:17:
af:8f:12:da:05:59:5f:3e:52:8a:34:44:fb:7f:28:
60:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7B:E7:5A:26:DA:C8:0A:CC:D2:B3:FF:E0:62:B6:1C:FA:A3:8B:CF
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/UnvnWibayArM0rP_4GK2HPqji88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/22
45.155.36.0/22
94.124.160.0/24
185.93.220.0/22
193.17.56.0/22
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:9ec1::/48
2a0d:9ec2::/48
2a0d:d8c0::/47
Signature Algorithm: sha256WithRSAEncryption
49:27:af:88:19:72:57:3c:fa:de:d9:60:53:46:79:21:f4:d1:
8b:88:4b:5c:09:a0:5d:65:2a:b1:f2:61:b9:d2:11:34:46:59:
66:34:f5:a7:68:0a:54:3c:1e:ed:f4:c2:53:d4:62:2d:7c:96:
d8:c5:bc:c2:8e:27:0d:d3:45:82:76:12:f6:a7:06:cc:fb:97:
63:69:ca:b8:f9:f3:11:6d:18:95:f8:fd:2e:4a:7c:e3:68:67:
49:24:8e:71:d5:13:91:e6:9e:53:32:dd:43:f5:ca:b6:6c:a2:
b3:0c:f3:13:bc:a7:51:37:46:be:e9:6f:57:59:49:45:bb:b1:
93:7c:f2:4a:ec:3c:d6:20:0c:3a:68:ad:d4:89:c6:77:8b:ba:
97:96:0a:d8:6f:7b:36:4a:5b:51:ec:a4:e5:1c:92:5a:94:1b:
08:d0:f3:44:6b:8e:87:64:14:e8:ce:1b:c9:08:38:56:42:6a:
27:7b:39:be:1a:5d:b7:e2:0f:2d:22:39:c4:3c:97:30:2f:81:
ce:18:59:6d:c5:cd:e5:3b:dd:0b:68:18:97:7e:c3:c2:3c:20:
41:07:40:d2:35:ed:da:80:72:90:14:da:83:be:18:a1:b6:1f:
12:e2:a9:ad:cb:22:54:a6:5f:e3:2d:24:fe:74:02:96:30:b7:
59:6c:dd:53
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZgXtrHRCrZKGS12Ufs9JupdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjUwNzE3MDkyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjdiZTc1YTI2ZGFjODBhY2NkMmIzZmZlMDYyYjYxY2ZhYTM4YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhj0nYKd5IC6s7BtSlQ7FfY0f29V
pNhDEwTi4WzdcX4DpTPWd05CU2/V3KmrdY89lo2JVXRuxFbiK2t/RC8EsFvqfcjp
6HQj5DyUx7KKYRB7u9PGmlA+key3L+3aJC8M737WxKV1KQiS4fezGJlSEt/G0Sh6
6vPlJJR10rI+KowXgBVcg7miRazWZxr95X+1+umg/krPBNe5dZDkSNrVlNLGTeD5
AJoXR5M1WjTj2e0VWKyzbk4kc9upRBk5U5Bo79qCt6NCrVq+MwT8DzJPPskOWXGS
XDxFln+uIXOTy8tLwmQcNhr9qCzE2l2KJhevjxLaBVlfPlKKNET7fyhgRQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFFJ751om2sgKzNKz/+Bithz6o4vPMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvVW52bldpYmF5QXJNMHJQXzRHSzJIUHFqaTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDA2BAIAATAwAwQCLV8QAwQC
LZskAwQAXnygAwQCuV3cAwQCwRE4AwQB1Wz2AwQC1YvMAwQC2cOYMCoEAgACMCQD
BwAqDZ7AAAADBwAqDZ7BAAADBwAqDZ7CAAADBwEqDdjAAAAwDQYJKoZIhvcNAQEL
BQADggEBAEknr4gZclc8+t7ZYFNGeSH00YuIS1wJoF1lKrHyYbnSETRGWWY09ado
ClQ8Hu30wlPUYi18ltjFvMKOJw3TRYJ2EvanBsz7l2Npyrj58xFtGJX4/S5KfONo
Z0kkjnHVE5HmnlMy3UP1yrZsorMM8xO8p1E3Rr7pb1dZSUW7sZN88krsPNYgDDpo
rdSJxneLupeWCthvezZKW1HspOUcklqUGwjQ80RrjodkFOjOG8kIOFZCaid7Ob4a
XbfiDy0iOcQ8lzAvgc4YWW3FzeU73QtoGJd+w8I8IEEHQNI17dqAcpAU2oO+GKG2
HxLiqa3LIlSmX+MtJP50ApYwt1ls3VM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:13:28 2025 by rpki-client