Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Z7OKghenD_XpAGXI_yx_ceOnm8.roa
File: 4Z7OKghenD_XpAGXI_yx_ceOnm8.roa (raw, json)
Hash identifier: U0Lb1m5unro/qqRyjZNFWczyWkli3JNeFhlgrrGED0g=
Subject key identifier: E1:9E:CE:2A:08:5E:9C:3F:D7:A4:01:97:23:FC:B1:FD:C7:8E:9E:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197A17F433708004339012A47A1B5C32C69
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Z7OKghenD_XpAGXI_yx_ceOnm8.roa
Signing time: Tue 24 Jun 2025 10:32:41 +0000
ROA not before: Tue 24 Jun 2025 10:32:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 91.92.67.0/24 maxlen: 24
93.123.76.0/22 maxlen: 24
193.47.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 18:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:7f:43:37:08:00:43:39:01:2a:47:a1:b5:c3:2c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 24 10:32:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e19ece2a085e9c3fd7a4019723fcb1fdc78e9e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c3:e1:46:b2:83:ed:1c:a5:a1:e1:db:32:89:
ef:30:95:1f:90:c3:01:4e:7b:13:64:e6:71:68:9d:
c5:0c:ae:2a:9c:9d:bc:3a:1d:90:7c:51:b6:46:7d:
a9:43:d9:9b:27:b1:a6:14:96:df:41:22:f2:ab:cf:
c9:50:4a:3f:8d:b5:88:ab:95:20:12:3d:0a:ae:59:
39:20:8a:01:3d:00:4b:7b:64:88:f6:73:5c:5a:f0:
88:25:b3:e7:e2:44:22:83:89:72:13:f6:fb:af:fa:
dc:29:a5:20:c2:4b:75:d3:c2:63:16:a0:ae:27:c2:
4a:b6:83:d7:3d:e9:b3:e2:1f:df:a7:18:d0:75:ff:
75:50:b3:74:f4:42:d7:1a:c5:f6:2b:bb:2d:0f:8e:
f4:5d:16:84:e2:12:28:f3:b3:18:d4:ef:07:e3:b0:
9b:9c:5e:ba:83:7f:19:85:32:21:9b:28:eb:3f:94:
6d:cb:aa:e1:23:89:9e:02:a8:3d:82:85:d1:20:5a:
2b:6e:dc:a7:75:fd:29:44:6f:bf:d8:aa:77:b3:0a:
63:e2:8b:e0:5d:80:57:ab:9e:36:80:ec:ff:88:1c:
0e:27:6e:95:75:e5:5b:97:c4:ef:36:37:c8:6c:d0:
63:17:3e:fb:48:c6:1d:e3:f4:3a:0c:08:bd:fc:9e:
26:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9E:CE:2A:08:5E:9C:3F:D7:A4:01:97:23:FC:B1:FD:C7:8E:9E:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4Z7OKghenD_XpAGXI_yx_ceOnm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.67.0/24
93.123.76.0/22
193.47.62.0/24
Signature Algorithm: sha256WithRSAEncryption
50:88:94:71:98:f5:49:c6:f4:d2:83:7a:9c:58:6b:ee:15:15:
75:5f:90:f7:d2:46:b3:4f:ce:bc:cf:09:38:57:5e:ac:e2:24:
af:ee:24:a7:ec:47:75:33:7e:52:9c:24:09:42:79:b7:dc:ac:
37:43:53:a5:67:b2:50:b2:0e:87:df:fb:55:8a:22:97:da:5e:
de:2a:c3:3e:ac:3c:86:42:20:b0:0e:a0:c6:cb:b3:a7:26:b2:
00:c7:81:59:ad:a2:da:7b:1d:70:3a:7d:48:76:d2:9c:ef:d4:
0c:43:2e:5f:a4:09:b3:7d:93:79:28:d0:11:6a:56:d7:b1:c6:
f8:fe:bf:46:fb:3e:16:ea:64:11:d4:54:79:50:81:52:eb:59:
b4:04:9d:b2:af:f8:20:49:1f:cb:ae:fd:b7:70:64:b5:95:8c:
56:5d:d8:2c:3d:fb:e5:28:81:db:9f:9d:ae:9c:79:7f:df:4a:
52:b8:d3:97:bf:41:60:7c:a4:ff:ba:34:46:c6:db:14:2f:03:
d0:1e:78:76:43:33:f6:fb:b7:5a:f3:60:a7:d6:3c:3e:76:4b:
fe:24:d4:87:43:a2:ff:79:43:53:62:c6:7c:4b:bc:f5:ec:67:
f1:6b:51:e6:f9:20:eb:ec:52:8a:e7:97:ff:b2:5c:2b:44:73:
ff:09:f7:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZehf0M3CABDOQEqR6G1wyxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjI0MTAzMjQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTllY2UyYTA4NWU5YzNmZDdhNDAxOTcyM2ZjYjFmZGM3OGU5ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMPhRrKD7RyloeHbMonvMJUfkMMB
TnsTZOZxaJ3FDK4qnJ28Oh2QfFG2Rn2pQ9mbJ7GmFJbfQSLyq8/JUEo/jbWIq5Ug
Ej0Krlk5IIoBPQBLe2SI9nNcWvCIJbPn4kQig4lyE/b7r/rcKaUgwkt108JjFqCu
J8JKtoPXPemz4h/fpxjQdf91ULN09ELXGsX2K7stD470XRaE4hIo87MY1O8H47Cb
nF66g38ZhTIhmyjrP5Rty6rhI4meAqg9goXRIForbtyndf0pRG+/2Kp3swpj4ovg
XYBXq542gOz/iBwOJ26VdeVbl8TvNjfIbNBjFz77SMYd4/Q6DAi9/J4miQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOGezioIXpw/16QBlyP8sf3Hjp5vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNFo3T0tnaGVuRF9YcEFHWElfeXhfY2VPbm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW1xDAwQC
XXtMAwQAwS8+MA0GCSqGSIb3DQEBCwUAA4IBAQBQiJRxmPVJxvTSg3qcWGvuFRV1
X5D30kazT868zwk4V16s4iSv7iSn7Ed1M35SnCQJQnm33Kw3Q1OlZ7JQsg6H3/tV
iiKX2l7eKsM+rDyGQiCwDqDGy7OnJrIAx4FZraLaex1wOn1IdtKc79QMQy5fpAmz
fZN5KNARalbXscb4/r9G+z4W6mQR1FR5UIFS61m0BJ2yr/ggSR/Lrv23cGS1lYxW
XdgsPfvlKIHbn52unHl/30pSuNOXv0FgfKT/ujRGxtsULwPQHnh2QzP2+7da82Cn
1jw+dkv+JNSHQ6L/eUNTYsZ8S7z17Gfxa1Hm+SDr7FKK55f/slwrRHP/Cffs
-----END CERTIFICATE-----
Generated at Sun Jul 6 04:25:18 2025 by rpki-client