Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa
File: TODaCUho62Gehv-2PizceaR7ohg.roa (raw, json)
Hash identifier: EEJ5eEmNl9HYrtpyde+m1i67aXqJjeNEtfrXMxwcvR8=
Subject key identifier: 4C:E0:DA:09:48:68:EB:61:9E:86:FF:B6:3E:2C:DC:79:A4:7B:A2:18
Certificate issuer: /CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
Certificate serial: 01981D22A1B41DBF4FA6FDE4B64AD596A332
Authority key identifier: 15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa
Signing time: Fri 18 Jul 2025 10:44:25 +0000
ROA not before: Fri 18 Jul 2025 10:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 145.36.0.0/19 maxlen: 19
145.36.32.0/19 maxlen: 19
145.36.64.0/19 maxlen: 19
145.36.96.0/19 maxlen: 19
145.36.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:22:a1:b4:1d:bf:4f:a6:fd:e4:b6:4a:d5:96:a3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
Validity
Not Before: Jul 18 10:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ce0da094868eb619e86ffb63e2cdc79a47ba218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:28:ef:9f:97:eb:3b:4a:c1:b1:67:b6:f6:
93:8f:f7:a9:a8:f3:18:b3:77:d4:4c:d7:0d:7a:b1:
8b:79:76:ce:50:95:c8:34:18:7f:7c:63:d8:47:0b:
5e:a4:0a:a9:2d:69:33:4d:35:c7:c1:88:ce:f8:1d:
99:00:e9:af:00:dc:5c:0c:c0:1a:63:b2:7d:d4:0c:
e2:0a:e3:6e:a7:a6:17:8d:e4:45:67:99:b0:e6:53:
6d:e5:fa:07:43:35:be:2d:ba:af:fd:a7:13:3d:5a:
5b:ac:26:fa:31:23:40:12:21:12:4d:d5:23:32:55:
81:35:ff:d2:61:fe:55:5d:2d:12:89:7d:54:8b:9a:
e8:c0:04:55:28:19:e9:1b:99:12:61:e6:6e:5b:26:
fc:60:41:a3:d6:06:bc:c5:be:dd:a3:60:2a:f0:79:
e5:3e:ab:4a:af:d4:57:cb:13:a4:40:16:8a:e6:ed:
e8:d7:ec:32:ea:e7:b5:c0:79:08:16:de:2e:be:51:
c7:6a:b1:b8:85:c1:b2:22:71:63:47:c8:6b:69:70:
d8:23:33:bf:3a:ff:9e:02:cb:6f:22:af:1f:a0:9b:
fe:99:1d:24:27:ce:06:80:f6:9a:91:e4:1c:51:ad:
94:dd:c4:0e:01:84:b4:ff:c5:77:63:e0:aa:82:ac:
81:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E0:DA:09:48:68:EB:61:9E:86:FF:B6:3E:2C:DC:79:A4:7B:A2:18
X509v3 Authority Key Identifier:
keyid:15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.36.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:56:08:e9:41:e1:86:5c:39:2f:bc:83:b0:d6:e6:7d:be:79:
da:76:ee:be:7f:cc:0b:98:da:9e:b2:ed:c5:e9:3a:b3:f9:d2:
07:63:60:8f:c9:ce:a8:7a:ca:3a:96:ea:8e:32:80:86:ba:f8:
ac:6a:44:3c:ed:08:6e:c1:97:63:f4:b0:06:dd:58:e4:5c:bd:
ef:b7:2a:32:44:ec:f8:2a:47:cf:49:92:f5:d7:a7:61:2c:12:
1c:19:3f:63:49:cf:3e:28:e6:59:1a:c1:d9:b5:13:1a:05:3a:
ed:c9:55:f0:3f:54:e5:a5:93:ad:a6:aa:7f:3d:f9:d6:33:50:
bc:fb:3d:3c:46:4e:3f:6f:52:2a:1f:ab:bd:34:cb:73:9d:ed:
63:b6:13:62:94:8f:2b:6b:f8:a5:32:46:e6:b5:98:60:aa:59:
88:4f:a3:0b:c9:b2:51:7e:00:44:9f:71:36:02:fc:8a:bf:dc:
18:d5:ec:56:90:25:85:f0:9e:2c:cd:be:41:6d:f2:7b:8e:cb:
5b:1a:ea:1d:81:b4:3c:3c:0a:0d:a3:f9:d9:a5:a6:0c:48:e6:
78:51:83:dd:7c:f3:a0:06:62:51:44:4e:c8:ad:31:1c:f2:e8:
df:25:e6:00:b7:7a:48:21:dd:1a:8e:49:27:85:ae:8f:93:59:
40:89:0b:fb
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZgdIqG0Hb9Ppv3ktkrVlqMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YzE4MTcwNmY2MWM0YjczN2NkN2ViNzhmNzIzMGUzNGNk
ZmMxNGMwHhcNMjUwNzE4MTA0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2UwZGEwOTQ4NjhlYjYxOWU4NmZmYjYzZTJjZGM3OWE0N2JhMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjco75+X6ztKwbFntvaTj/epqPMY
s3fUTNcNerGLeXbOUJXINBh/fGPYRwtepAqpLWkzTTXHwYjO+B2ZAOmvANxcDMAa
Y7J91AziCuNup6YXjeRFZ5mw5lNt5foHQzW+Lbqv/acTPVpbrCb6MSNAEiESTdUj
MlWBNf/SYf5VXS0SiX1Ui5rowARVKBnpG5kSYeZuWyb8YEGj1ga8xb7do2Aq8Hnl
PqtKr9RXyxOkQBaK5u3o1+wy6ue1wHkIFt4uvlHHarG4hcGyInFjR8hraXDYIzO/
Ov+eAstvIq8foJv+mR0kJ84GgPaakeQcUa2U3cQOAYS0/8V3Y+CqgqyB3QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEzg2glIaOthnob/tj4s3Hmke6IYMB8GA1UdIwQY
MBaAFBXBgXBvYcS3N81+t49yMONM38FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUt
OGZmNmNkNzc0N2M0LzEvVE9EYUNVaG82MkdlaHYtMlBpemNlYVI3b2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUtOGZmNmNkNzc0N2M0
LzEvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkSQwDQYJ
KoZIhvcNAQELBQADggEBAFhWCOlB4YZcOS+8g7DW5n2+edp27r5/zAuY2p6y7cXp
OrP50gdjYI/Jzqh6yjqW6o4ygIa6+KxqRDztCG7Bl2P0sAbdWORcve+3KjJE7Pgq
R89JkvXXp2EsEhwZP2NJzz4o5lkawdm1ExoFOu3JVfA/VOWlk62mqn89+dYzULz7
PTxGTj9vUiofq700y3Od7WO2E2KUjytr+KUyRua1mGCqWYhPowvJslF+AESfcTYC
/Iq/3BjV7FaQJYXwnizNvkFt8nuOy1sa6h2BtDw8Cg2j+dmlpgxI5nhRg91886AG
YlFETsitMRzy6N8l5gC3ekgh3RqOSSeFro+TWUCJC/s=
-----END CERTIFICATE-----
Generated at Fri Jul 25 04:00:35 2025 by rpki-client