Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/1BsLjyLGR7fVTKId14K_LDmFaOE.roa
File: 1BsLjyLGR7fVTKId14K_LDmFaOE.roa (raw, json)
Hash identifier: psSOJBHeT4i88iWFESSWMgqzZaf6jPzMO0pv5q33yJ4=
Subject key identifier: D4:1B:0B:8F:22:C6:47:B7:D5:4C:A2:1D:D7:82:BF:2C:39:85:68:E1
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 01980E25250CD320710541B623B67E841CF0
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/1BsLjyLGR7fVTKId14K_LDmFaOE.roa
Signing time: Tue 15 Jul 2025 12:52:51 +0000
ROA not before: Tue 15 Jul 2025 12:52:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31246
IP address blocks: 46.39.160.0/19 maxlen: 19
83.240.0.0/17 maxlen: 17
95.82.128.0/18 maxlen: 18
185.51.240.0/22 maxlen: 22
213.155.224.0/19 maxlen: 19
2001:4cc8::/31 maxlen: 31
2a0a:cac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 03:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:25:25:0c:d3:20:71:05:41:b6:23:b6:7e:84:1c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jul 15 12:52:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d41b0b8f22c647b7d54ca21dd782bf2c398568e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9a:03:a5:ba:f3:de:1b:91:8b:20:9f:f8:91:
fa:24:9c:9b:98:7c:9f:e5:34:e1:05:e8:63:85:69:
ff:de:1d:a8:77:ca:67:ee:9b:3e:a6:2e:ed:3a:74:
f0:dc:81:55:74:42:45:9c:79:d4:a5:3f:3f:c4:b4:
b0:55:14:75:6d:c0:63:2b:80:e2:78:a9:bf:0d:2c:
af:cf:46:58:a4:b8:b8:ee:52:a4:8e:ad:a5:c2:28:
e6:7d:47:9b:63:e4:0f:f4:a4:d7:5f:23:e9:04:11:
d0:85:48:de:d8:95:b9:9a:ce:1a:0f:a1:1e:06:0a:
99:fd:f8:8b:89:5c:60:d2:e6:e0:48:0e:04:6a:4f:
38:15:0a:1d:97:dd:59:fd:8b:b8:a2:a6:2d:70:57:
1b:59:71:ff:68:59:a0:8e:bb:13:c6:40:4e:85:03:
62:07:f1:5d:f8:35:dc:1e:05:8f:79:14:35:e2:dd:
3a:d8:3f:48:4b:d8:72:e8:6b:d1:01:6a:8c:45:45:
4d:08:a7:f1:fd:e0:27:7b:6c:40:34:49:b5:a5:71:
03:eb:29:ba:e1:5a:6b:9f:b9:13:06:f4:64:e0:cf:
3a:24:ad:06:d1:5b:de:d0:70:52:fa:d4:2e:34:af:
ee:a0:43:d0:82:90:52:03:28:f5:ce:3c:2f:06:04:
72:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1B:0B:8F:22:C6:47:B7:D5:4C:A2:1D:D7:82:BF:2C:39:85:68:E1
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/1BsLjyLGR7fVTKId14K_LDmFaOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.39.160.0/19
83.240.0.0/17
95.82.128.0/18
185.51.240.0/22
213.155.224.0/19
IPv6:
2001:4cc8::/31
2a0a:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
52:b1:7b:bd:90:93:67:69:f0:b7:d0:c6:33:90:ad:10:ec:a9:
0c:5a:f6:62:ee:e0:eb:f2:42:cc:21:b3:a4:d8:f4:e5:0e:b7:
81:8f:e3:09:26:14:9f:dc:37:9a:df:d7:7f:a0:00:c8:77:2f:
c5:1b:7b:0a:07:bf:8b:16:02:80:83:db:57:52:3d:2d:c4:fe:
c1:08:47:4b:a6:26:09:30:86:c9:b6:b0:79:56:98:f2:8c:92:
d8:e4:fb:98:bb:d5:19:e6:ba:3f:10:66:8c:66:b8:b3:da:c5:
f4:77:f8:ae:37:00:3c:65:db:37:79:f6:9a:7b:5d:67:4e:ca:
53:1f:a9:82:ba:57:eb:bb:44:22:cb:bd:4a:41:1d:00:9a:ab:
99:d9:d3:2b:a9:62:3e:67:af:79:02:48:a5:47:d2:9a:e9:fe:
6c:ae:cb:3d:28:af:14:ca:c1:2d:fb:0e:aa:28:bc:61:14:bb:
35:d0:88:66:ba:26:59:64:ca:e5:f7:df:dd:0d:46:97:f8:da:
76:72:7e:09:aa:60:3c:18:04:79:7d:ce:07:fc:4d:79:79:eb:
1a:ee:72:9c:8a:1b:93:97:64:3a:75:1d:13:c7:e2:49:08:46:
d4:79:03:5b:94:7c:ff:98:eb:52:26:95:f3:f8:6b:da:80:13:
61:3e:95:e6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZgOJSUM0yBxBUG2I7Z+hBzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwNzE1MTI1MjUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFiMGI4ZjIyYzY0N2I3ZDU0Y2EyMWRkNzgyYmYyYzM5ODU2OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5oDpbrz3huRiyCf+JH6JJybmHyf
5TThBehjhWn/3h2od8pn7ps+pi7tOnTw3IFVdEJFnHnUpT8/xLSwVRR1bcBjK4Di
eKm/DSyvz0ZYpLi47lKkjq2lwijmfUebY+QP9KTXXyPpBBHQhUje2JW5ms4aD6Ee
BgqZ/fiLiVxg0ubgSA4Eak84FQodl91Z/Yu4oqYtcFcbWXH/aFmgjrsTxkBOhQNi
B/Fd+DXcHgWPeRQ14t062D9IS9hy6GvRAWqMRUVNCKfx/eAne2xANEm1pXED6ym6
4Vprn7kTBvRk4M86JK0G0Vve0HBS+tQuNK/uoEPQgpBSAyj1zjwvBgRy/wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNQbC48ixke31UyiHdeCvyw5hWjhMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvMUJzTGp5TEdSN2ZWVEtJZDE0S19MRG1GYU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQFLiegAwQH
U/AAAwQGX1KAAwQCuTPwAwQF1ZvgMBQEAgACMA4DBQEgAUzIAwUDKgrKwDANBgkq
hkiG9w0BAQsFAAOCAQEAUrF7vZCTZ2nwt9DGM5CtEOypDFr2Yu7g6/JCzCGzpNj0
5Q63gY/jCSYUn9w3mt/Xf6AAyHcvxRt7Cge/ixYCgIPbV1I9LcT+wQhHS6YmCTCG
ybaweVaY8oyS2OT7mLvVGea6PxBmjGa4s9rF9Hf4rjcAPGXbN3n2mntdZ07KUx+p
grpX67tEIsu9SkEdAJqrmdnTK6liPmeveQJIpUfSmun+bK7LPSivFMrBLfsOqii8
YRS7NdCIZromWWTK5fff3Q1Gl/jadnJ+CapgPBgEeX3OB/xNeXnrGu5ynIobk5dk
OnUdE8fiSQhG1HkDW5R8/5jrUiaV8/hr2oATYT6V5g==
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:34:15 2025 by rpki-client