Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/RHJWopcQu5ssK_WKnq78i7Y6aoA.roa
File: RHJWopcQu5ssK_WKnq78i7Y6aoA.roa (raw, json)
Hash identifier: XalpfjpKgsGmuxfWKehr67Y+J1d1J1JviYYfDK3x/RY=
Subject key identifier: 44:72:56:A2:97:10:BB:9B:2C:2B:F5:8A:9E:AE:FC:8B:B6:3A:6A:80
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B540953031F2EA150E72275B4AA7B7
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/RHJWopcQu5ssK_WKnq78i7Y6aoA.roa
Signing time: Mon 14 Jul 2025 16:12:10 +0000
ROA not before: Mon 14 Jul 2025 16:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 45.8.211.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
185.174.138.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b5:40:95:30:31:f2:ea:15:0e:72:27:5b:4a:a7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=447256a29710bb9b2c2bf58a9eaefc8bb63a6a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:bd:0a:e2:01:dd:99:a8:f7:ab:4a:65:12:
37:b8:9e:05:ce:9e:8f:81:1e:bd:b4:20:a5:e9:14:
91:06:a2:65:af:07:f7:8d:5d:94:bb:72:2a:ea:95:
19:6b:1f:64:75:14:46:65:b7:5c:c3:a7:ac:42:27:
c5:72:c3:0a:bc:d1:cf:2b:be:84:2c:24:99:2e:ea:
f7:80:7e:7f:6d:3a:7e:4c:6b:b1:d1:b9:17:c5:10:
f7:b8:3f:10:a0:c4:4f:7a:d3:d8:20:30:14:02:26:
09:08:bb:c2:76:27:56:1b:95:11:53:78:38:1a:56:
60:d1:db:bc:df:69:eb:cc:d1:d0:b8:20:9b:29:ce:
3f:ec:9d:01:95:e3:ee:a8:fd:6f:ab:f1:e7:22:06:
06:f5:ee:41:86:55:f1:78:4a:22:0c:2e:d0:0f:f2:
92:98:d3:4e:ab:bb:1e:ed:26:c6:35:e2:55:b2:0f:
cf:8f:5c:84:fb:1e:a4:3f:e1:0c:91:67:f6:a4:20:
ed:0b:45:6a:1c:0a:38:dc:b7:4f:c7:fb:41:20:17:
a7:2b:17:14:4a:2e:12:58:ef:b7:d1:8a:56:5d:f9:
87:b9:ff:bd:92:3a:e9:f7:24:f9:8a:de:53:1a:59:
e6:61:5e:9c:0e:3c:ca:9a:6b:b1:fd:5f:73:9b:2a:
e1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:72:56:A2:97:10:BB:9B:2C:2B:F5:8A:9E:AE:FC:8B:B6:3A:6A:80
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/RHJWopcQu5ssK_WKnq78i7Y6aoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.142.120.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
Signature Algorithm: sha256WithRSAEncryption
92:50:da:0c:6e:0b:6a:15:c7:4f:7a:d4:83:4e:7c:52:a3:22:
4d:df:da:cb:be:57:8d:fb:54:55:20:b4:c0:d4:5e:bd:44:67:
18:23:0a:d0:5d:3b:13:52:0f:c8:dc:fd:9a:de:a8:75:be:24:
56:16:03:21:69:5b:95:ca:5d:aa:30:b1:66:d4:a3:cc:8c:da:
14:09:25:16:b4:c9:7a:3e:f6:94:de:40:66:ad:e1:3d:eb:20:
c8:83:a9:7d:6e:7f:5f:e0:ac:a9:9a:57:94:aa:f6:fd:5b:af:
b4:15:77:49:bc:8e:de:2c:4c:63:e0:4f:3f:1d:c0:88:c1:b2:
c1:1b:ec:d2:89:cf:79:c6:c1:4a:d5:7c:1d:9d:32:71:e9:74:
cb:e7:63:65:b0:02:62:36:fa:04:64:2f:61:26:4b:3b:00:a1:
c4:cf:d8:e5:49:63:33:16:07:3a:76:e5:53:f3:bf:36:9b:ad:
05:a3:78:17:c8:83:cd:ba:37:2c:21:b4:4f:b8:7a:7e:f5:f3:
0c:ed:54:b1:7d:0b:28:74:f4:4f:7c:84:0b:c7:bf:0e:07:41:
e1:ca:b9:f4:89:81:22:37:4a:ce:c9:c8:75:62:b9:8d:68:6f:
57:3c:69:6a:14:9e:38:1b:db:48:d1:69:9b:e0:ce:47:0c:14:
94:14:5f:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgJtUCVMDHy6hUOcidbSqe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcyNTZhMjk3MTBiYjliMmMyYmY1OGE5ZWFlZmM4YmI2M2E2YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNi9CuIB3Zmo96tKZRI3uJ4Fzp6P
gR69tCCl6RSRBqJlrwf3jV2Uu3Iq6pUZax9kdRRGZbdcw6esQifFcsMKvNHPK76E
LCSZLur3gH5/bTp+TGux0bkXxRD3uD8QoMRPetPYIDAUAiYJCLvCdidWG5URU3g4
GlZg0du832nrzNHQuCCbKc4/7J0BlePuqP1vq/HnIgYG9e5BhlXxeEoiDC7QD/KS
mNNOq7se7SbGNeJVsg/Pj1yE+x6kP+EMkWf2pCDtC0VqHAo43LdPx/tBIBenKxcU
Si4SWO+30YpWXfmHuf+9kjrp9yT5it5TGlnmYV6cDjzKmmux/V9zmyrh2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFERyVqKXELubLCv1ip6u/Iu2OmqAMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvUkhKV29wY1F1NXNzS19XS25xNzhpN1k2YW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQjTAwQA
LY54AwQAua6KAwQAud2gAwQAwjU1MA0GCSqGSIb3DQEBCwUAA4IBAQCSUNoMbgtq
FcdPetSDTnxSoyJN39rLvleN+1RVILTA1F69RGcYIwrQXTsTUg/I3P2a3qh1viRW
FgMhaVuVyl2qMLFm1KPMjNoUCSUWtMl6PvaU3kBmreE96yDIg6l9bn9f4KypmleU
qvb9W6+0FXdJvI7eLExj4E8/HcCIwbLBG+zSic95xsFK1XwdnTJx6XTL52NlsAJi
NvoEZC9hJks7AKHEz9jlSWMzFgc6duVT8782m60Fo3gXyIPNujcsIbRPuHp+9fMM
7VSxfQsodPRPfIQLx78OB0Hhyrn0iYEiN0rOych1YrmNaG9XPGlqFJ44G9tI0Wmb
4M5HDBSUFF8L
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:09:43 2025 by rpki-client