Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/j4i_lEr0ea0rf8oMcqwCbevGHbI.roa
File: j4i_lEr0ea0rf8oMcqwCbevGHbI.roa (raw, json)
Hash identifier: m0Ro3O0JJKs4a9J3JyICkVruy1q5dBuVu7UD/uXkWv8=
Subject key identifier: 8F:88:BF:94:4A:F4:79:AD:2B:7F:CA:0C:72:AC:02:6D:EB:C6:1D:B2
Certificate issuer: /CN=b45addcd579648fc3f6124e558479ef0b07f018c
Certificate serial: 01980942C9F42C9CF6CC0904842E1AFAF09B
Authority key identifier: B4:5A:DD:CD:57:96:48:FC:3F:61:24:E5:58:47:9E:F0:B0:7F:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/j4i_lEr0ea0rf8oMcqwCbevGHbI.roa
Signing time: Mon 14 Jul 2025 14:07:08 +0000
ROA not before: Mon 14 Jul 2025 14:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215024
IP address blocks: 45.148.64.0/24 maxlen: 24
45.148.67.0/24 maxlen: 24
2a14:48c7::/48 maxlen: 48
2a14:48c7:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:42:c9:f4:2c:9c:f6:cc:09:04:84:2e:1a:fa:f0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45addcd579648fc3f6124e558479ef0b07f018c
Validity
Not Before: Jul 14 14:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f88bf944af479ad2b7fca0c72ac026debc61db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:18:ea:bd:ba:0e:23:68:70:31:23:fd:12:
40:a3:68:15:03:94:4e:64:d7:a0:61:1f:38:85:8f:
e9:b2:ee:ac:38:b1:70:43:3e:bf:cb:ba:d9:b3:5f:
38:ce:ae:fd:dc:84:b6:f3:25:5b:8a:62:48:a3:9f:
ed:93:4e:83:7f:8d:fb:6d:bc:5b:7c:59:cc:e7:3f:
4d:35:ec:a3:2c:16:e3:45:71:3d:55:f1:5c:03:c2:
e3:c6:e2:fa:ec:3c:9c:6a:5c:43:6d:f7:ba:06:9d:
dd:b3:dd:05:2d:19:91:69:22:fe:4f:f9:3c:8b:c7:
6a:5c:04:f5:14:b7:89:b2:14:fc:fc:a5:d9:87:0a:
af:eb:00:75:84:75:03:9a:b3:06:25:19:75:d9:50:
03:93:b4:b7:5d:00:3d:65:db:fd:41:bb:66:3a:4a:
30:32:b4:a8:db:4e:9e:d9:5e:d3:09:40:81:e1:36:
ff:80:2e:29:40:61:c2:56:fc:ee:31:6b:9b:f1:41:
90:27:ab:14:85:07:f4:ad:e9:21:62:69:87:f8:a6:
41:e2:a5:69:7f:77:7a:c8:8c:d9:1e:b1:ad:24:d6:
d2:40:03:ee:a2:5a:a1:59:fe:8e:21:30:a4:01:fa:
0d:4e:9e:75:53:26:0c:3f:5c:b9:17:8c:b6:3d:97:
70:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:88:BF:94:4A:F4:79:AD:2B:7F:CA:0C:72:AC:02:6D:EB:C6:1D:B2
X509v3 Authority Key Identifier:
keyid:B4:5A:DD:CD:57:96:48:FC:3F:61:24:E5:58:47:9E:F0:B0:7F:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFrdzVeWSPw_YSTlWEee8LB_AYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/j4i_lEr0ea0rf8oMcqwCbevGHbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f4f244-8c0c-4564-9c42-af60fd5f06b1/1/tFrdzVeWSPw_YSTlWEee8LB_AYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.64.0/24
45.148.67.0/24
IPv6:
2a14:48c7::/48
2a14:48c7:2::/48
Signature Algorithm: sha256WithRSAEncryption
22:12:c6:b6:c0:6d:66:56:7c:8a:c2:f8:5d:5d:50:d5:2b:4f:
5c:c5:a0:d7:ca:a9:a3:cd:f5:b5:d8:21:89:ec:79:df:a6:1d:
cf:c7:24:15:45:fb:da:79:be:d0:7d:ca:e3:7c:2c:44:ab:5c:
61:51:36:12:b7:7e:f9:25:04:51:0f:7a:53:dc:09:bd:31:90:
5b:15:f7:b0:c4:5c:80:b1:88:14:fc:b2:95:58:bb:e2:d8:a3:
83:e9:e8:ad:66:6d:ad:ec:62:2e:33:6e:dc:bc:b7:16:44:1a:
97:2c:87:33:13:1a:c8:2c:d3:56:38:ab:35:70:11:a8:bb:bb:
4b:1e:71:56:38:9d:85:1b:38:67:cd:31:a4:62:a6:a3:8f:ab:
ca:51:d1:64:35:39:7c:82:86:15:5d:4b:0b:22:52:eb:45:4c:
15:8f:b7:06:b3:58:0d:ef:4f:fc:5a:2e:85:6c:66:02:dd:da:
d5:0d:ad:d5:04:0e:5d:61:85:b8:05:ef:a2:1f:38:7b:06:3a:
14:25:8c:19:41:c4:85:a2:bd:e3:b3:f1:87:82:03:cd:0b:2f:
71:49:7d:5d:b7:22:be:02:31:3f:38:89:1c:de:e3:fb:f7:94:
43:74:17:1f:35:0d:f2:19:68:9e:c7:cf:ec:ec:ce:5e:41:2f:
f8:73:82:a8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZgJQsn0LJz2zAkEhC4a+vCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWFkZGNkNTc5NjQ4ZmMzZjYxMjRlNTU4NDc5ZWYwYjA3
ZjAxOGMwHhcNMjUwNzE0MTQwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjg4YmY5NDRhZjQ3OWFkMmI3ZmNhMGM3MmFjMDI2ZGViYzYxZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3AY6r26DiNocDEj/RJAo2gVA5RO
ZNegYR84hY/psu6sOLFwQz6/y7rZs184zq793IS28yVbimJIo5/tk06Df437bbxb
fFnM5z9NNeyjLBbjRXE9VfFcA8LjxuL67DycalxDbfe6Bp3ds90FLRmRaSL+T/k8
i8dqXAT1FLeJshT8/KXZhwqv6wB1hHUDmrMGJRl12VADk7S3XQA9Zdv9QbtmOkow
MrSo206e2V7TCUCB4Tb/gC4pQGHCVvzuMWub8UGQJ6sUhQf0rekhYmmH+KZB4qVp
f3d6yIzZHrGtJNbSQAPuolqhWf6OITCkAfoNTp51UyYMP1y5F4y2PZdwsQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI+Iv5RK9HmtK3/KDHKsAm3rxh2yMB8GA1UdIwQY
MBaAFLRa3c1Xlkj8P2Ek5VhHnvCwfwGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZyZHpWZVdTUHdfWVNUbFdFZWU4TEJfQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mNGYyNDQtOGMwYy00NTY0LTljNDIt
YWY2MGZkNWYwNmIxLzEvajRpX2xFcjBlYTByZjhvTWNxd0NiZXZHSGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mNGYyNDQtOGMwYy00NTY0LTljNDItYWY2MGZkNWYwNmIx
LzEvdEZyZHpWZVdTUHdfWVNUbFdFZWU4TEJfQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALZRAAwQA
LZRDMBgEAgACMBIDBwAqFEjHAAADBwAqFEjHAAIwDQYJKoZIhvcNAQELBQADggEB
ACISxrbAbWZWfIrC+F1dUNUrT1zFoNfKqaPN9bXYIYnsed+mHc/HJBVF+9p5vtB9
yuN8LESrXGFRNhK3fvklBFEPelPcCb0xkFsV97DEXICxiBT8spVYu+LYo4Pp6K1m
ba3sYi4zbty8txZEGpcshzMTGsgs01Y4qzVwEai7u0secVY4nYUbOGfNMaRipqOP
q8pR0WQ1OXyChhVdSwsiUutFTBWPtwazWA3vT/xaLoVsZgLd2tUNrdUEDl1hhbgF
76IfOHsGOhQljBlBxIWiveOz8YeCA80LL3FJfV23Ir4CMT84iRze4/v3lEN0Fx81
DfIZaJ7Hz+zszl5BL/hzgqg=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:33:09 2025 by rpki-client