Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/4QzNEDyRlis-_JGlrISCfbsPszU.roa
File: 4QzNEDyRlis-_JGlrISCfbsPszU.roa (raw, json)
Hash identifier: Y9K09YKp80O/JCR9exHbB8w/On++FMzgdee4rnQPOdU=
Subject key identifier: E1:0C:CD:10:3C:91:96:2B:3E:FC:91:A5:AC:84:82:7D:BB:0F:B3:35
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 0197E8F967D8662FD315A6FD86150E171058
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/4QzNEDyRlis-_JGlrISCfbsPszU.roa
Signing time: Tue 08 Jul 2025 07:39:08 +0000
ROA not before: Tue 08 Jul 2025 07:39:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51505
IP address blocks: 193.28.156.0/24 maxlen: 24
194.46.62.0/23 maxlen: 24
194.154.32.0/19 maxlen: 24
2a14:6700::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:f9:67:d8:66:2f:d3:15:a6:fd:86:15:0e:17:10:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Jul 8 07:39:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e10ccd103c91962b3efc91a5ac84827dbb0fb335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e1:68:5e:81:d9:eb:94:d2:df:45:63:98:a6:
24:33:b9:e6:33:7d:4e:64:11:e2:12:1b:99:8d:0a:
e6:23:a5:01:ff:2e:4f:16:af:ea:97:d7:d6:58:42:
3f:74:9c:24:e2:27:07:ad:60:8a:2d:1c:8f:b3:b9:
fd:9d:04:d0:5e:7c:49:cf:98:8a:ba:f2:62:69:8c:
e2:95:a2:b9:8c:d3:0d:dc:d0:fd:c1:13:09:c9:52:
fe:61:5e:e3:40:0c:88:77:ed:89:62:fd:a6:ab:ca:
c5:15:4e:a6:b3:c3:77:63:c4:ae:f9:d2:14:e5:c8:
b9:74:b7:3d:93:77:15:a0:9c:ad:d0:16:c5:b7:1a:
51:b1:51:f8:2e:c5:c7:ef:36:33:55:a3:c8:93:3c:
14:b2:51:a3:ff:0e:c5:01:2c:68:b4:4d:3e:dd:98:
52:ef:12:de:85:f0:34:ba:26:35:57:50:79:a5:92:
24:37:69:60:c1:4e:73:41:fb:51:66:93:fd:1c:55:
95:67:85:25:16:48:c6:89:57:56:a1:45:95:fb:70:
06:ad:77:83:3b:bf:78:ef:e2:bd:9c:1a:68:ff:33:
d7:fd:6d:17:a0:71:1d:fe:78:2b:91:7f:12:87:81:
d4:fd:da:c0:62:45:67:36:98:86:00:29:39:03:ca:
2a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0C:CD:10:3C:91:96:2B:3E:FC:91:A5:AC:84:82:7D:BB:0F:B3:35
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/4QzNEDyRlis-_JGlrISCfbsPszU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.156.0/24
194.46.62.0/23
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
0e:c3:8c:df:be:f3:fd:8a:b3:24:4e:e4:bb:21:52:9e:4d:e0:
c7:00:8d:32:10:f9:29:67:f2:d1:f4:45:72:ac:fd:f8:eb:6a:
4d:55:a3:70:7b:1f:fd:55:ed:38:ed:3e:06:53:37:e3:06:f5:
65:f2:21:85:87:7e:97:c2:b3:12:35:c9:ce:19:df:82:78:c9:
52:b3:e1:43:d0:92:7d:7b:b1:7b:5f:7e:54:03:f7:b9:bd:4c:
13:c5:66:93:ef:10:cd:18:0d:c3:e6:e4:56:aa:78:af:06:37:
6f:72:ab:b8:31:15:9d:db:0f:f5:8b:02:65:b5:e9:55:3e:50:
9b:4e:8d:af:71:89:d8:7b:b4:9b:b5:3d:0c:9d:e1:ec:2f:65:
e9:f7:02:71:7f:bc:07:b8:a2:67:30:9b:f5:2b:51:10:ea:ef:
ab:d9:ea:25:fd:1a:08:c7:be:e5:6d:93:3a:b6:0a:2a:d3:0d:
1a:48:8f:b5:e8:10:72:38:ae:78:a8:53:27:f5:22:41:8e:68:
a8:9e:07:b7:c3:75:71:f7:3f:e0:a3:c5:b0:32:c9:fc:11:b9:
8e:f6:cd:c7:dc:70:3f:39:60:36:6d:89:eb:39:e3:2d:28:73:
d3:c3:5c:72:da:df:c3:b1:37:fe:23:fb:d1:c3:70:7f:c8:b8:
81:fc:42:17
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZfo+WfYZi/TFab9hhUOFxBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjUwNzA4MDczOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTBjY2QxMDNjOTE5NjJiM2VmYzkxYTVhYzg0ODI3ZGJiMGZiMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+FoXoHZ65TS30VjmKYkM7nmM31O
ZBHiEhuZjQrmI6UB/y5PFq/ql9fWWEI/dJwk4icHrWCKLRyPs7n9nQTQXnxJz5iK
uvJiaYzilaK5jNMN3ND9wRMJyVL+YV7jQAyId+2JYv2mq8rFFU6ms8N3Y8Su+dIU
5ci5dLc9k3cVoJyt0BbFtxpRsVH4LsXH7zYzVaPIkzwUslGj/w7FASxotE0+3ZhS
7xLehfA0uiY1V1B5pZIkN2lgwU5zQftRZpP9HFWVZ4UlFkjGiVdWoUWV+3AGrXeD
O7947+K9nBpo/zPX/W0XoHEd/ngrkX8Sh4HU/drAYkVnNpiGACk5A8oqRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOEMzRA8kZYrPvyRpayEgn27D7M1MB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvNFF6TkVEeVJsaXMtX0pHbHJJU0NmYnNQc3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwRycAwQB
wi4+AwQFwpogMA0EAgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IBAQAOw4zf
vvP9irMkTuS7IVKeTeDHAI0yEPkpZ/LR9EVyrP3462pNVaNwex/9Ve047T4GUzfj
BvVl8iGFh36XwrMSNcnOGd+CeMlSs+FD0JJ9e7F7X35UA/e5vUwTxWaT7xDNGA3D
5uRWqnivBjdvcqu4MRWd2w/1iwJltelVPlCbTo2vcYnYe7SbtT0MneHsL2Xp9wJx
f7wHuKJnMJv1K1EQ6u+r2eol/RoIx77lbZM6tgoq0w0aSI+16BByOK54qFMn9SJB
jmionge3w3Vx9z/go8WwMsn8EbmO9s3H3HA/OWA2bYnrOeMtKHPTw1xy2t/DsTf+
I/vRw3B/yLiB/EIX
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:05:55 2025 by rpki-client