Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/5Fdl-r1UYISwU-G4_2MqecNlP8w.roa
File: 5Fdl-r1UYISwU-G4_2MqecNlP8w.roa (raw, json)
Hash identifier: TAJZY43vWFWcoOa+D6CqSMPTmCKVwuNadSb4SpvtlPE=
Subject key identifier: E4:57:65:FA:BD:54:60:84:B0:53:E1:B8:FF:63:2A:79:C3:65:3F:CC
Certificate issuer: /CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
Certificate serial: 0198570AE744523701BAC56EA158BD36F746
Authority key identifier: 44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/5Fdl-r1UYISwU-G4_2MqecNlP8w.roa
Signing time: Tue 29 Jul 2025 16:36:28 +0000
ROA not before: Tue 29 Jul 2025 16:36:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206022
IP address blocks: 185.198.156.0/24 maxlen: 24
185.198.157.0/24 maxlen: 24
185.198.158.0/24 maxlen: 24
185.198.159.0/24 maxlen: 24
2a0a:8b40::/29 maxlen: 29
2a0a:8b40:fede::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 Aug 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:0a:e7:44:52:37:01:ba:c5:6e:a1:58:bd:36:f7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
Validity
Not Before: Jul 29 16:36:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e45765fabd546084b053e1b8ff632a79c3653fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:76:64:d9:20:82:77:06:a5:18:2c:ad:48:7e:
c8:2a:82:27:61:48:6d:9e:7d:20:20:62:29:06:41:
e8:e1:9c:ee:53:14:d3:1c:f5:58:48:a7:c0:52:71:
5e:e5:f4:75:c0:b6:5d:32:74:0f:db:c2:2f:e1:53:
0d:72:fb:4f:c3:fa:de:6e:6d:da:ce:93:d3:f3:22:
2c:eb:54:0f:98:7d:52:e6:04:71:bf:07:23:35:db:
c8:0e:8d:c1:9f:b6:0e:8f:4a:a7:9e:34:7b:ca:e3:
38:25:ef:ad:13:48:25:ff:7e:19:11:1d:bc:24:77:
60:b3:47:3a:60:e6:48:ca:23:d2:0d:61:86:3b:22:
de:09:67:e2:89:95:72:4d:d3:05:2d:e3:e8:ca:56:
0b:8b:97:23:30:7c:c6:f5:27:b3:ae:84:d3:ff:86:
27:b4:40:74:94:ea:04:81:55:79:b6:d8:69:05:bf:
26:51:96:92:98:70:00:4b:78:04:54:18:c1:39:b8:
f4:57:4c:a1:3e:7d:c0:dd:74:4d:01:8c:fb:4c:89:
5f:d3:f6:6c:81:b7:35:5f:81:3b:61:b5:2f:23:1c:
40:52:49:1d:c4:1d:e5:41:77:65:44:f6:8f:b6:7c:
4e:7c:10:61:b1:42:e9:b0:3b:8c:7e:f4:a7:e3:5d:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:57:65:FA:BD:54:60:84:B0:53:E1:B8:FF:63:2A:79:C3:65:3F:CC
X509v3 Authority Key Identifier:
keyid:44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/5Fdl-r1UYISwU-G4_2MqecNlP8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.156.0/22
IPv6:
2a0a:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
4e:89:84:e5:57:ae:99:67:bf:ba:6a:b2:56:f5:48:2f:8b:5f:
94:c5:ce:00:43:6a:0c:bb:c1:81:83:c5:d3:e1:1b:98:f9:dd:
ec:32:67:d1:18:08:bf:e3:04:eb:f7:d1:62:73:cb:98:c5:53:
52:ab:4c:e8:12:27:52:c5:2b:69:f1:f1:b9:4d:da:e1:4d:42:
59:3b:53:78:5c:84:17:a7:d8:00:e7:9b:9b:68:a4:10:4d:4c:
fd:b8:ff:80:35:65:aa:e3:d2:23:3b:ec:19:95:4b:c1:a0:2d:
b6:e8:11:f2:0d:83:3d:ca:d9:be:d3:71:8b:96:0b:62:63:db:
ca:ad:86:f6:b9:63:aa:55:d9:57:58:37:32:1e:41:8d:24:85:
64:06:90:f0:73:12:4f:ca:93:63:d6:d5:f6:f7:6a:aa:4a:27:
3a:6c:5d:13:40:cf:8c:f9:29:15:93:2e:5d:da:c2:a2:d0:37:
17:d3:4c:07:45:05:84:d0:77:b6:59:2e:4e:f0:27:03:74:28:
61:43:19:39:34:e6:96:5d:23:d5:71:09:02:da:ea:2b:e5:c5:
3d:5e:8f:77:34:ad:29:8e:f1:c4:e9:3b:11:b6:e3:7d:74:0c:
64:78:2e:e1:2f:d0:d5:1b:3c:d3:68:5c:a6:00:c1:1d:cb:a7:
89:15:80:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZhXCudEUjcBusVuoVi9NvdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTFlODNkYWUxMmEzNzFjMWRkNDlkYjM0ZDliZDUyYTk2
ODhiNGEwHhcNMjUwNzI5MTYzNjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU3NjVmYWJkNTQ2MDg0YjA1M2UxYjhmZjYzMmE3OWMzNjUzZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HZk2SCCdwalGCytSH7IKoInYUht
nn0gIGIpBkHo4ZzuUxTTHPVYSKfAUnFe5fR1wLZdMnQP28Iv4VMNcvtPw/rebm3a
zpPT8yIs61QPmH1S5gRxvwcjNdvIDo3Bn7YOj0qnnjR7yuM4Je+tE0gl/34ZER28
JHdgs0c6YOZIyiPSDWGGOyLeCWfiiZVyTdMFLePoylYLi5cjMHzG9SezroTT/4Yn
tEB0lOoEgVV5tthpBb8mUZaSmHAAS3gEVBjBObj0V0yhPn3A3XRNAYz7TIlf0/Zs
gbc1X4E7YbUvIxxAUkkdxB3lQXdlRPaPtnxOfBBhsULpsDuMfvSn412xrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFORXZfq9VGCEsFPhuP9jKnnDZT/MMB8GA1UdIwQY
MBaAFERR6D2uEqNxwd1J2zTZvVKpaItKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUt
Zjk5N2RiZGMzZTU3LzEvNUZkbC1yMVVZSVN3VS1HNF8yTXFlY05sUDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUtZjk5N2RiZGMzZTU3
LzEvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucacMA0E
AgACMAcDBQMqCotAMA0GCSqGSIb3DQEBCwUAA4IBAQBOiYTlV66ZZ7+6arJW9Ugv
i1+Uxc4AQ2oMu8GBg8XT4RuY+d3sMmfRGAi/4wTr99Fic8uYxVNSq0zoEidSxStp
8fG5TdrhTUJZO1N4XIQXp9gA55ubaKQQTUz9uP+ANWWq49IjO+wZlUvBoC226BHy
DYM9ytm+03GLlgtiY9vKrYb2uWOqVdlXWDcyHkGNJIVkBpDwcxJPypNj1tX292qq
Sic6bF0TQM+M+SkVky5d2sKi0DcX00wHRQWE0He2WS5O8CcDdChhQxk5NOaWXSPV
cQkC2uor5cU9Xo93NK0pjvHE6TsRtuN9dAxkeC7hL9DVGzzTaFymAMEdy6eJFYAD
-----END CERTIFICATE-----
Generated at Fri Aug 1 18:11:48 2025 by rpki-client