Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/14gXO5PLi0LoZ0DYGh9KK795laQ.roa
File: 14gXO5PLi0LoZ0DYGh9KK795laQ.roa (raw, json)
Hash identifier: EARGMMjNyaWuZ1stJfG6h12JcDBEupf11Ssao/d8baM=
Subject key identifier: D7:88:17:3B:93:CB:8B:42:E8:67:40:D8:1A:1F:4A:2B:BF:79:95:A4
Certificate issuer: /CN=a2900e4655ab349a4632b140719dc97230431725
Certificate serial: 0197EE838EF7CBEC66620020C86524E7FB1D
Authority key identifier: A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/14gXO5PLi0LoZ0DYGh9KK795laQ.roa
Signing time: Wed 09 Jul 2025 09:28:08 +0000
ROA not before: Wed 09 Jul 2025 09:28:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28917
IP address blocks: 46.44.0.0/18 maxlen: 18
62.140.224.0/19 maxlen: 19
62.140.250.0/24 maxlen: 24
62.140.255.0/24 maxlen: 24
80.77.160.0/20 maxlen: 24
80.77.162.0/23 maxlen: 23
80.77.164.0/22 maxlen: 24
80.77.169.0/24 maxlen: 24
80.77.172.0/22 maxlen: 22
93.191.8.0/21 maxlen: 21
93.191.11.0/24 maxlen: 24
93.191.12.0/23 maxlen: 23
185.221.44.0/22 maxlen: 22
2a02:2518::/29 maxlen: 29
2a02:2518::/32 maxlen: 32
2a02:2518:3::/48 maxlen: 48
2a02:2518:11::/48 maxlen: 48
2a02:251b::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:83:8e:f7:cb:ec:66:62:00:20:c8:65:24:e7:fb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2900e4655ab349a4632b140719dc97230431725
Validity
Not Before: Jul 9 09:28:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d788173b93cb8b42e86740d81a1f4a2bbf7995a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:29:f5:17:3c:2d:a4:e3:84:15:66:73:da:87:
02:3b:65:7b:e6:6a:75:49:6e:36:0d:11:ba:3c:d8:
31:bd:f3:37:d7:4f:1e:11:0c:07:29:00:0a:23:a3:
f5:49:21:1a:96:47:ea:e7:7d:7a:2b:cf:ed:c5:b6:
e7:a9:62:99:0b:65:de:a2:f1:02:d1:c1:0e:bb:c4:
ca:dd:bf:2c:8a:75:52:65:06:d0:fc:c0:8a:f1:bc:
92:31:15:18:2d:6f:0c:1a:65:b3:4f:e7:a7:79:0a:
0e:bb:fc:e2:48:95:89:07:ee:96:ee:85:34:5d:37:
7f:27:37:ea:91:2c:e5:a4:ae:8b:df:a8:5c:45:ef:
86:86:f9:80:35:a4:8e:a4:9f:ce:54:70:d3:c1:bf:
00:cd:e4:f2:79:d9:49:ca:0e:e2:09:e0:9f:a9:55:
8d:9c:9c:85:0b:64:8f:17:5e:d5:7e:96:a1:49:a0:
96:25:93:2e:61:c6:eb:bd:05:2e:fc:27:ea:48:10:
84:d7:e4:48:8b:96:ab:f7:71:0f:20:f4:b4:85:d4:
bc:3c:53:9b:08:35:d6:8a:f6:5d:aa:67:6e:88:58:
bf:87:ea:f4:74:44:a3:bb:e4:1d:e0:6c:86:20:39:
d6:78:27:5d:96:78:44:e0:34:5c:11:3a:fa:3f:cc:
a0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:88:17:3B:93:CB:8B:42:E8:67:40:D8:1A:1F:4A:2B:BF:79:95:A4
X509v3 Authority Key Identifier:
keyid:A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/14gXO5PLi0LoZ0DYGh9KK795laQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.44.0.0/18
62.140.224.0/19
80.77.160.0/20
93.191.8.0/21
185.221.44.0/22
IPv6:
2a02:2518::/29
Signature Algorithm: sha256WithRSAEncryption
b7:f0:cc:a5:78:93:c0:52:93:11:dd:cc:df:1f:2e:6c:3d:07:
9e:37:ec:d0:33:8f:24:40:ed:10:24:a3:14:d3:5a:8e:1d:2b:
2b:02:2b:52:03:ab:80:e9:f5:cd:04:72:44:6f:36:1e:e4:70:
ca:23:e4:3b:3c:88:07:db:83:14:13:d9:20:d7:0c:27:4d:9c:
f3:78:9e:3d:4d:b5:4c:b2:ff:1c:8b:26:8c:dd:48:bc:29:1c:
e2:9e:28:2a:b3:92:31:e7:57:6d:57:f9:f7:ad:28:60:c9:b3:
5b:6d:98:27:54:82:1d:13:f1:e5:22:56:f2:41:ae:9d:24:2e:
70:86:42:d3:dc:14:c2:13:b2:66:c5:d5:b7:6e:55:f3:a4:9f:
87:39:7c:ba:2c:f9:5e:79:2e:34:6f:78:55:14:7b:5e:11:20:
17:4d:3d:b0:6a:0b:39:a7:f9:5d:d6:b9:eb:b4:ab:6c:86:1f:
d9:27:69:c4:07:2f:ba:19:c0:4d:c5:c0:92:bf:35:0a:bf:36:
4f:23:3e:bc:90:11:06:35:4c:0b:7c:0a:63:73:40:dc:24:99:
e2:d1:1e:d7:54:99:03:3b:b7:13:49:4f:24:09:75:c7:d3:37:
ad:15:e5:c1:a7:0d:e7:9f:52:88:17:95:2f:24:59:83:e0:e7:
51:ca:c9:55
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZfug473y+xmYgAgyGUk5/sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTAwZTQ2NTVhYjM0OWE0NjMyYjE0MDcxOWRjOTcyMzA0
MzE3MjUwHhcNMjUwNzA5MDkyODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzg4MTczYjkzY2I4YjQyZTg2NzQwZDgxYTFmNGEyYmJmNzk5NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSn1FzwtpOOEFWZz2ocCO2V75mp1
SW42DRG6PNgxvfM3108eEQwHKQAKI6P1SSEalkfq5316K8/txbbnqWKZC2XeovEC
0cEOu8TK3b8sinVSZQbQ/MCK8bySMRUYLW8MGmWzT+eneQoOu/ziSJWJB+6W7oU0
XTd/JzfqkSzlpK6L36hcRe+GhvmANaSOpJ/OVHDTwb8AzeTyedlJyg7iCeCfqVWN
nJyFC2SPF17VfpahSaCWJZMuYcbrvQUu/CfqSBCE1+RIi5ar93EPIPS0hdS8PFOb
CDXWivZdqmduiFi/h+r0dESju+Qd4GyGIDnWeCddlnhE4DRcETr6P8ygnQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNeIFzuTy4tC6GdA2BofSiu/eZWkMB8GA1UdIwQY
MBaAFKKQDkZVqzSaRjKxQHGdyXIwQxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMt
ZjRjNWZjM2NhMmM0LzEvMTRnWE81UExpMExvWjBEWUdoOUtLNzk1bGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMtZjRjNWZjM2NhMmM0
LzEvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGLiwAAwQF
PozgAwQEUE2gAwQDXb8IAwQCud0sMA0EAgACMAcDBQMqAiUYMA0GCSqGSIb3DQEB
CwUAA4IBAQC38MyleJPAUpMR3czfHy5sPQeeN+zQM48kQO0QJKMU01qOHSsrAitS
A6uA6fXNBHJEbzYe5HDKI+Q7PIgH24MUE9kg1wwnTZzzeJ49TbVMsv8ciyaM3Ui8
KRzinigqs5Ix51dtV/n3rShgybNbbZgnVIIdE/HlIlbyQa6dJC5whkLT3BTCE7Jm
xdW3blXzpJ+HOXy6LPleeS40b3hVFHteESAXTT2wags5p/ld1rnrtKtshh/ZJ2nE
By+6GcBNxcCSvzUKvzZPIz68kBEGNUwLfApjc0DcJJni0R7XVJkDO7cTSU8kCXXH
0zetFeXBpw3nn1KIF5UvJFmD4OdRyslV
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:00:37 2025 by rpki-client