Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/ol5y8u_4G20fft_xzP2ULA8gimg.roa
File: ol5y8u_4G20fft_xzP2ULA8gimg.roa (raw, json)
Hash identifier: RSgj/k0UnHxK8vwqn89GdKZy49c0En9JMURDQ/SJ3jQ=
Subject key identifier: A2:5E:72:F2:EF:F8:1B:6D:1F:7E:DF:F1:CC:FD:94:2C:0F:20:8A:68
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01982206287F65DB63B4F9707E8D49103D6F
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/ol5y8u_4G20fft_xzP2ULA8gimg.roa
Signing time: Sat 19 Jul 2025 09:31:25 +0000
ROA not before: Sat 19 Jul 2025 09:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.95.226.0/24 maxlen: 24
45.140.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:22:06:28:7f:65:db:63:b4:f9:70:7e:8d:49:10:3d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jul 19 09:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a25e72f2eff81b6d1f7edff1ccfd942c0f208a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:95:38:5f:d2:65:fd:3b:81:cd:99:5a:2c:
ea:f7:2f:46:ea:87:fe:93:ac:d6:80:c1:39:2c:e9:
28:b4:fd:e2:52:8f:e2:7a:b5:04:ec:a0:52:db:6f:
93:76:b3:4d:9d:18:e7:20:e2:79:ea:04:66:1c:81:
df:95:9f:80:cc:b9:c9:f2:72:d3:fc:9e:08:57:f4:
7b:2f:9f:b7:f7:6f:9f:bc:f6:a3:ce:73:0c:84:bf:
fd:78:86:fc:98:55:9e:6a:1f:71:fb:49:c5:f2:fb:
d2:22:3d:fa:2b:36:83:8b:e7:33:b8:bc:26:e1:a6:
d1:f5:7e:4e:54:95:9f:9f:4a:4c:dd:6d:f8:05:a2:
9b:e2:97:53:aa:40:ec:cd:11:d4:a7:e7:6a:b6:c1:
9d:33:bf:f1:a1:74:59:aa:db:db:29:2b:6f:1f:e9:
90:18:7d:76:74:47:e8:28:ad:85:20:42:0d:ab:d6:
5a:84:51:1c:e4:9d:c9:00:19:b3:48:ff:49:29:1e:
25:2b:e4:06:ce:a3:f8:a2:01:7e:22:22:4b:29:ed:
f2:22:72:91:8b:f8:1f:32:db:b2:0f:6a:88:9c:d2:
59:16:a1:0e:90:31:ba:c8:b8:d0:38:f0:ea:ab:b2:
9b:04:33:27:f8:41:f9:a5:d1:29:e8:ef:11:94:90:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5E:72:F2:EF:F8:1B:6D:1F:7E:DF:F1:CC:FD:94:2C:0F:20:8A:68
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/ol5y8u_4G20fft_xzP2ULA8gimg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.226.0/24
45.140.58.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e2:64:06:3d:b7:c1:6a:02:e5:46:93:95:13:e2:e1:97:85:
9b:48:d7:0e:59:59:70:f3:21:e4:18:be:27:59:07:86:5f:d1:
e3:8c:37:9d:92:d4:38:2e:94:47:38:34:28:33:56:c4:07:45:
3a:53:e0:b9:5f:e8:35:92:15:99:29:24:5d:27:25:a6:d3:c9:
2d:01:17:39:99:55:45:d7:ef:4c:89:19:e7:0f:ce:58:fe:f8:
49:d9:46:92:d2:1d:ce:f9:d5:c0:4a:00:ae:cc:ea:c1:ec:84:
1c:87:31:c6:ac:f1:a3:d5:99:54:db:f8:d4:53:5b:5c:ce:3f:
df:62:cb:31:24:4a:50:2a:38:36:fe:75:51:ac:33:12:16:a0:
2d:5f:d0:0a:45:22:47:40:d0:19:1d:03:12:18:35:3c:a1:b9:
1c:1a:be:bd:ed:60:58:2c:bd:c5:ab:27:e3:a7:22:2f:f0:a0:
41:85:f3:39:2d:5e:5c:ee:96:d7:cf:12:59:b5:09:f0:11:b3:
93:dd:6a:cc:76:9d:29:34:a5:66:88:a4:8b:d5:94:76:df:7e:
45:9c:36:00:8a:a2:e2:7f:0f:41:d8:22:c8:38:ff:79:8a:fb:
32:24:4c:aa:fa:68:8f:e0:5e:74:21:74:ab:a9:b9:bb:4b:df:
bf:03:19:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgiBih/ZdtjtPlwfo1JED1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwNzE5MDkzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjVlNzJmMmVmZjgxYjZkMWY3ZWRmZjFjY2ZkOTQyYzBmMjA4YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGOVOF/SZf07gc2ZWizq9y9G6of+
k6zWgME5LOkotP3iUo/ierUE7KBS22+TdrNNnRjnIOJ56gRmHIHflZ+AzLnJ8nLT
/J4IV/R7L5+392+fvPajznMMhL/9eIb8mFWeah9x+0nF8vvSIj36KzaDi+czuLwm
4abR9X5OVJWfn0pM3W34BaKb4pdTqkDszRHUp+dqtsGdM7/xoXRZqtvbKStvH+mQ
GH12dEfoKK2FIEINq9ZahFEc5J3JABmzSP9JKR4lK+QGzqP4ogF+IiJLKe3yInKR
i/gfMtuyD2qInNJZFqEOkDG6yLjQOPDqq7KbBDMn+EH5pdEp6O8RlJDkLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJecvLv+BttH37f8cz9lCwPIIpoMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvb2w1eTh1XzRHMjBmZnRfeHpQMlVMQThnaW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV/iAwQA
LYw6MA0GCSqGSIb3DQEBCwUAA4IBAQBf4mQGPbfBagLlRpOVE+Lhl4WbSNcOWVlw
8yHkGL4nWQeGX9HjjDedktQ4LpRHODQoM1bEB0U6U+C5X+g1khWZKSRdJyWm08kt
ARc5mVVF1+9MiRnnD85Y/vhJ2UaS0h3O+dXASgCuzOrB7IQchzHGrPGj1ZlU2/jU
U1tczj/fYssxJEpQKjg2/nVRrDMSFqAtX9AKRSJHQNAZHQMSGDU8obkcGr697WBY
LL3FqyfjpyIv8KBBhfM5LV5c7pbXzxJZtQnwEbOT3WrMdp0pNKVmiKSL1ZR2335F
nDYAiqLifw9B2CLIOP95ivsyJEyq+miP4F50IXSrqbm7S9+/AxkM
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:04:19 2025 by rpki-client