Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/0UXplScy_6bUua8Xwkci_CpGwkM.roa
File: 0UXplScy_6bUua8Xwkci_CpGwkM.roa (raw, json)
Hash identifier: GRvkp2Rt8JLqAH5NPvZRPj7s1HlR19kYp/7XCNsxyNE=
Subject key identifier: D1:45:E9:95:27:32:FF:A6:D4:B9:AF:17:C2:47:22:FC:2A:46:C2:43
Certificate issuer: /CN=a2900e4655ab349a4632b140719dc97230431725
Certificate serial: 0197EE838F5E3CDFBF8B0F0A13CE6DEBB64C
Authority key identifier: A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/0UXplScy_6bUua8Xwkci_CpGwkM.roa
Signing time: Wed 09 Jul 2025 09:28:08 +0000
ROA not before: Wed 09 Jul 2025 09:28:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51369
IP address blocks: 46.44.0.0/18 maxlen: 20
62.140.224.0/19 maxlen: 24
80.77.161.0/24 maxlen: 24
80.77.162.0/23 maxlen: 23
80.77.170.0/23 maxlen: 23
93.191.8.0/21 maxlen: 24
2a02:2518:3::/48 maxlen: 48
2a02:251b::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:83:8f:5e:3c:df:bf:8b:0f:0a:13:ce:6d:eb:b6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2900e4655ab349a4632b140719dc97230431725
Validity
Not Before: Jul 9 09:28:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d145e9952732ffa6d4b9af17c24722fc2a46c243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ef:3c:1c:b4:61:14:93:8c:be:c2:7d:62:6e:
51:2a:cd:80:94:87:7b:77:19:29:bc:88:6e:6b:1d:
d4:4c:ce:24:41:cc:24:fa:7a:dc:f2:82:1d:3a:52:
88:29:16:99:0e:45:06:31:50:28:25:6e:bf:dd:da:
00:16:4f:1c:e5:0b:e9:c6:20:aa:ac:37:f2:77:ee:
c1:87:49:df:6d:5d:47:61:e9:a9:6c:37:46:f8:da:
66:cb:48:89:30:e1:0f:0e:c9:94:3f:7a:14:70:64:
f1:50:bf:0d:c4:bc:12:5f:24:ff:19:ce:73:5b:40:
e7:45:e0:bd:2a:92:25:5e:1d:84:24:09:a9:bf:da:
68:02:fc:eb:2d:9c:6f:24:3d:dd:72:21:7f:1a:8e:
b8:7d:29:2e:c3:3f:05:09:0f:bf:47:aa:04:29:f2:
6e:e5:be:e1:70:ae:3e:80:cc:6d:b6:77:38:7a:71:
de:0b:46:e8:85:5a:20:1f:ce:c7:1a:73:0a:c1:d0:
4a:ba:d1:70:53:0f:15:b9:4a:c3:d4:77:81:10:f3:
b6:4d:e4:d6:d0:5a:39:43:c0:c2:cf:36:35:a8:6c:
a4:38:ff:16:93:25:ff:07:65:62:55:13:ec:3e:36:
35:5b:7c:66:13:43:ad:22:3e:d9:f0:94:29:f8:ee:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:45:E9:95:27:32:FF:A6:D4:B9:AF:17:C2:47:22:FC:2A:46:C2:43
X509v3 Authority Key Identifier:
keyid:A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/0UXplScy_6bUua8Xwkci_CpGwkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.44.0.0/18
62.140.224.0/19
80.77.161.0-80.77.163.255
80.77.170.0/23
93.191.8.0/21
IPv6:
2a02:2518:3::/48
2a02:251b::/32
Signature Algorithm: sha256WithRSAEncryption
20:76:5e:87:2a:16:89:53:06:bc:d7:ce:93:3e:da:f8:0a:ce:
3e:a6:ba:0d:0c:6f:83:af:2f:79:1a:c3:a4:07:0f:bc:09:db:
d5:d1:77:10:95:a1:37:82:cd:00:7d:b5:ba:94:7d:4d:90:11:
83:03:27:85:f2:0e:a6:7c:06:11:e9:03:ce:bd:76:e7:9d:b2:
cb:b1:4f:7c:65:86:ae:d0:f4:4c:86:fc:70:00:21:79:4e:f9:
1b:04:44:eb:c2:75:1d:cd:b8:eb:e5:9d:dc:84:c6:43:87:6a:
f8:0a:49:70:9d:2c:c3:dc:d4:82:d4:b5:87:e9:22:00:4d:09:
80:a6:cc:c7:5d:ec:41:2d:05:21:72:9c:51:b0:b4:a8:e0:ef:
18:2a:26:ac:77:80:e8:89:a5:3b:67:52:c7:81:35:25:16:ae:
45:56:d2:84:20:18:02:2a:c0:15:99:16:46:60:1c:1d:34:98:
93:b2:7d:0e:03:27:16:1f:91:bc:53:33:93:23:68:b8:ca:30:
d4:8b:00:fd:3c:ab:5d:a6:4d:42:f2:28:a1:2e:dd:00:42:dd:
4c:00:5f:cd:14:b7:b2:db:d4:39:75:43:ee:e5:8a:91:c1:f6:
1f:7b:0b:dc:18:f0:7d:0b:bb:53:90:b5:b9:0c:16:6f:36:b8:
48:1f:c5:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZfug49ePN+/iw8KE85t67ZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTAwZTQ2NTVhYjM0OWE0NjMyYjE0MDcxOWRjOTcyMzA0
MzE3MjUwHhcNMjUwNzA5MDkyODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ1ZTk5NTI3MzJmZmE2ZDRiOWFmMTdjMjQ3MjJmYzJhNDZjMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8O88HLRhFJOMvsJ9Ym5RKs2AlId7
dxkpvIhuax3UTM4kQcwk+nrc8oIdOlKIKRaZDkUGMVAoJW6/3doAFk8c5QvpxiCq
rDfyd+7Bh0nfbV1HYempbDdG+Npmy0iJMOEPDsmUP3oUcGTxUL8NxLwSXyT/Gc5z
W0DnReC9KpIlXh2EJAmpv9poAvzrLZxvJD3dciF/Go64fSkuwz8FCQ+/R6oEKfJu
5b7hcK4+gMxttnc4enHeC0bohVogH87HGnMKwdBKutFwUw8VuUrD1HeBEPO2TeTW
0Fo5Q8DCzzY1qGykOP8WkyX/B2ViVRPsPjY1W3xmE0OtIj7Z8JQp+O7lsQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNFF6ZUnMv+m1LmvF8JHIvwqRsJDMB8GA1UdIwQY
MBaAFKKQDkZVqzSaRjKxQHGdyXIwQxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMt
ZjRjNWZjM2NhMmM0LzEvMFVYcGxTY3lfNmJVdWE4WHdrY2lfQ3BHd2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMtZjRjNWZjM2NhMmM0
LzEvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAsBAIAATAmAwQGLiwAAwQF
PozgMAwDBABQTaEDBAJQTaADBAFQTaoDBANdvwgwFgQCAAIwEAMHACoCJRgAAwMF
ACoCJRswDQYJKoZIhvcNAQELBQADggEBACB2XocqFolTBrzXzpM+2vgKzj6mug0M
b4OvL3kaw6QHD7wJ29XRdxCVoTeCzQB9tbqUfU2QEYMDJ4XyDqZ8BhHpA869dued
ssuxT3xlhq7Q9EyG/HAAIXlO+RsEROvCdR3NuOvlndyExkOHavgKSXCdLMPc1ILU
tYfpIgBNCYCmzMdd7EEtBSFynFGwtKjg7xgqJqx3gOiJpTtnUseBNSUWrkVW0oQg
GAIqwBWZFkZgHB00mJOyfQ4DJxYfkbxTM5MjaLjKMNSLAP08q12mTULyKKEu3QBC
3UwAX80Ut7Lb1Dl1Q+7lipHB9h97C9wY8H0Lu1OQtbkMFm82uEgfxbM=
-----END CERTIFICATE-----
Generated at Wed Jul 23 18:11:32 2025 by rpki-client