Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SVyulFujUMiB7rw9e3A13iMx8Ps.roa
File: SVyulFujUMiB7rw9e3A13iMx8Ps.roa (raw, json)
Hash identifier: CDxH+tHDVGJsGpNxeJmzKJsbFn/aGhdtiCEkQOYnlMg=
Subject key identifier: 49:5C:AE:94:5B:A3:50:C8:81:EE:BC:3D:7B:70:35:DE:23:31:F0:FB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01981835A67C76375EED76F42669E3314ECC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SVyulFujUMiB7rw9e3A13iMx8Ps.roa
Signing time: Thu 17 Jul 2025 11:47:05 +0000
ROA not before: Thu 17 Jul 2025 11:47:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206654
IP address blocks: 45.88.124.0/22 maxlen: 22
185.212.11.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
2a0f:fa00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:35:a6:7c:76:37:5e:ed:76:f4:26:69:e3:31:4e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 17 11:47:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=495cae945ba350c881eebc3d7b7035de2331f0fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5e:b1:5b:8d:76:ba:54:31:85:e5:69:3f:14:
85:05:ca:c5:97:90:00:f0:06:74:5d:c8:a8:35:0a:
5e:20:75:95:99:57:ed:1e:47:3e:74:04:92:af:0b:
ed:b5:84:ef:fe:74:52:69:b4:39:45:8e:c5:31:aa:
2f:ad:f7:fb:7c:be:67:c9:22:f4:2a:f1:6e:92:f3:
df:dd:00:6f:6f:0a:3e:e6:dc:ad:78:a5:0d:1f:b5:
9c:00:9f:f8:01:d2:09:e9:c3:08:dd:7e:4b:08:7e:
b9:d9:96:f4:a9:ab:ba:71:42:7b:52:a3:fe:f1:a2:
47:40:7b:4f:74:13:db:83:4c:49:b6:de:45:bf:a1:
ab:2d:94:83:1b:b5:04:41:1f:f7:34:07:9c:e3:e3:
9a:14:a7:59:f8:c4:70:d0:5f:c8:69:b9:1d:2b:2c:
18:16:f8:39:be:7c:62:e6:2c:a1:cd:e0:53:e5:b1:
87:03:69:5e:be:bd:ab:01:a8:27:0b:1d:d2:3e:ed:
b6:ec:0c:6a:ed:46:a3:11:4d:0a:2b:3f:75:cd:81:
5d:b0:f9:b7:69:e2:61:00:6d:4f:83:51:b7:30:9b:
83:f6:03:87:ab:f1:3d:7d:18:15:b5:62:2a:dc:3f:
68:70:9d:aa:6e:aa:95:c4:c5:9b:37:1c:b5:83:fc:
e8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5C:AE:94:5B:A3:50:C8:81:EE:BC:3D:7B:70:35:DE:23:31:F0:FB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SVyulFujUMiB7rw9e3A13iMx8Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.124.0/22
185.212.11.0/24
195.211.48.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
55:2a:ca:69:2e:15:b6:b1:a9:92:2c:1b:da:1b:5f:a0:8d:24:
d3:12:df:53:1b:3a:19:6d:6f:6f:b7:39:19:f4:76:2f:74:99:
a3:6b:e9:5d:dc:81:86:b9:ec:93:e7:6c:b0:30:f1:bd:91:37:
a9:ce:9a:36:01:7d:ff:32:5c:d2:47:78:64:53:42:5e:e6:7e:
ba:10:1e:26:52:75:4c:82:e7:ba:43:94:b6:4c:0a:78:36:95:
c3:3b:7b:42:ae:da:4b:33:d5:6a:ef:a5:7a:8e:eb:82:65:98:
19:6e:9b:aa:ca:b6:60:5b:f5:9d:72:ee:f3:aa:f7:7d:13:28:
bd:fb:f6:3c:e4:a8:fd:a1:72:ce:ac:ec:92:dd:a5:1b:be:8d:
03:cf:f4:0c:d8:c2:51:52:de:fd:1d:cd:49:af:b0:44:dc:67:
73:6a:75:ea:71:73:67:0a:55:05:5d:f4:87:35:f8:bb:23:bc:
b0:ed:28:e7:89:4f:d0:1a:4a:c8:1f:e1:55:92:61:95:ec:d8:
fe:a4:fb:2c:d7:8a:22:61:c7:98:8f:66:a6:93:d6:20:5f:21:
f1:5d:a2:8f:0e:61:06:2d:41:af:50:dd:65:9f:90:9c:ef:2e:
0a:a0:93:86:7e:37:72:bf:f3:82:e4:0e:08:35:0a:a8:1f:2e:
83:f9:e0:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZgYNaZ8djde7Xb0JmnjMU7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNzE3MTE0NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVjYWU5NDViYTM1MGM4ODFlZWJjM2Q3YjcwMzVkZTIzMzFmMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA216xW412ulQxheVpPxSFBcrFl5AA
8AZ0XcioNQpeIHWVmVftHkc+dASSrwvttYTv/nRSabQ5RY7FMaovrff7fL5nySL0
KvFukvPf3QBvbwo+5tyteKUNH7WcAJ/4AdIJ6cMI3X5LCH652Zb0qau6cUJ7UqP+
8aJHQHtPdBPbg0xJtt5Fv6GrLZSDG7UEQR/3NAec4+OaFKdZ+MRw0F/IabkdKywY
Fvg5vnxi5iyhzeBT5bGHA2levr2rAagnCx3SPu227Axq7UajEU0KKz91zYFdsPm3
aeJhAG1Pg1G3MJuD9gOHq/E9fRgVtWIq3D9ocJ2qbqqVxMWbNxy1g/zo2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFElcrpRbo1DIge68PXtwNd4jMfD7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvU1Z5dWxGdWpVTWlCN3J3OWUzQTEzaU14OFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVh8AwQA
udQLAwQAw9MwMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEBCwUAA4IBAQBVKspp
LhW2samSLBvaG1+gjSTTEt9TGzoZbW9vtzkZ9HYvdJmja+ld3IGGueyT52ywMPG9
kTepzpo2AX3/MlzSR3hkU0Je5n66EB4mUnVMgue6Q5S2TAp4NpXDO3tCrtpLM9Vq
76V6juuCZZgZbpuqyrZgW/Wdcu7zqvd9Eyi9+/Y85Kj9oXLOrOyS3aUbvo0Dz/QM
2MJRUt79Hc1Jr7BE3GdzanXqcXNnClUFXfSHNfi7I7yw7SjniU/QGkrIH+FVkmGV
7Nj+pPss14oiYceYj2amk9YgXyHxXaKPDmEGLUGvUN1ln5Cc7y4KoJOGfjdyv/OC
5A4INQqoHy6D+eBS
-----END CERTIFICATE-----
Generated at Mon Jul 21 22:39:41 2025 by rpki-client