Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4b-QnhZG2HZCZ361-cHusX-pjXk.roa
File: 4b-QnhZG2HZCZ361-cHusX-pjXk.roa (raw, json)
Hash identifier: j7SZly2Vh9/97I+L9CrIza0RGFP+q4iam4ta+RVbZYI=
Subject key identifier: E1:BF:90:9E:16:46:D8:76:42:67:7E:B5:F9:C1:EE:B1:7F:A9:8D:79
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 01971BA7DC4DF4FF17D64A6D644024DDB2A8
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4b-QnhZG2HZCZ361-cHusX-pjXk.roa
Signing time: Thu 29 May 2025 10:47:55 +0000
ROA not before: Thu 29 May 2025 10:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56595
IP address blocks: 46.226.0.0/21 maxlen: 21
89.32.88.0/21 maxlen: 21
91.239.46.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
185.7.230.0/23 maxlen: 23
185.8.93.0/24 maxlen: 24
185.34.8.0/22 maxlen: 22
185.73.152.0/22 maxlen: 22
185.100.68.0/22 maxlen: 22
185.122.64.0/22 maxlen: 22
185.240.200.0/22 maxlen: 22
188.241.20.0/22 maxlen: 24
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.196.0/24 maxlen: 24
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
192.124.200.0/24 maxlen: 24
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
193.33.125.0/24 maxlen: 24
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
2a00:a600:0:2e::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:a7:dc:4d:f4:ff:17:d6:4a:6d:64:40:24:dd:b2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: May 29 10:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1bf909e1646d87642677eb5f9c1eeb17fa98d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d5:86:78:b5:45:12:af:02:52:a6:3f:46:e8:
a7:d0:df:25:0b:b9:86:ba:f7:f1:ed:32:38:1a:68:
15:be:5f:61:e2:84:ac:ad:dc:9c:ab:84:fa:54:8c:
3d:ef:c7:18:d2:0e:24:0d:28:be:11:a2:11:7b:94:
d6:e8:a4:1e:43:40:24:b3:63:01:43:a1:64:f8:90:
3b:c6:30:ef:52:46:7b:52:1c:4c:80:8a:4e:0d:14:
43:ef:29:bb:ba:d1:1f:8d:da:35:a1:ab:56:78:88:
f2:6e:1b:db:f0:14:f5:42:71:35:53:88:dc:74:4e:
5e:e4:b4:a5:32:6d:e6:26:8e:32:41:81:0e:bf:5c:
27:fc:e8:9e:a4:98:72:51:0e:ec:7d:f2:80:47:9a:
34:ac:3a:8c:a4:cf:a1:4e:f7:dc:4c:7c:4b:43:2c:
1f:52:9d:b5:da:8c:f2:56:dc:e5:cb:03:b2:52:45:
ea:94:6d:3b:e2:ee:eb:5b:57:3a:22:2d:1d:1c:0f:
84:e6:7c:4e:1c:01:65:c9:37:59:07:55:de:2e:e1:
9e:f3:9d:49:9d:b5:71:be:9f:ac:84:21:3e:c9:fc:
89:0e:48:4b:03:d3:d1:b9:69:c0:9b:39:ba:6b:c9:
2a:68:0c:bf:90:a4:c7:8f:3e:cb:4e:8b:4a:1e:cb:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BF:90:9E:16:46:D8:76:42:67:7E:B5:F9:C1:EE:B1:7F:A9:8D:79
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/4b-QnhZG2HZCZ361-cHusX-pjXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.8.93.0/24
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
12:bc:7f:b7:fe:39:4a:90:05:17:26:28:a0:fb:12:02:4c:8d:
73:a2:50:32:3f:af:bd:b6:b8:43:a9:a5:83:29:58:5b:ad:bb:
4e:7d:49:42:c4:a8:db:2a:38:a7:80:86:8b:da:be:c2:88:4f:
f0:57:a0:4a:07:25:49:e3:18:2b:fd:23:48:e5:23:f7:36:5e:
55:0e:9b:3c:e9:a5:54:8f:a6:cd:61:12:d0:56:db:44:26:82:
67:77:60:e2:12:1c:02:d9:74:87:81:87:66:3a:75:31:6b:f3:
8b:bc:37:0d:89:e3:63:a1:a0:db:08:9d:ee:b4:53:55:49:14:
cb:76:c1:65:b7:7c:6f:89:79:59:41:73:d4:d9:45:83:e9:5c:
d2:8a:25:c6:7e:e5:64:98:2a:6f:94:d7:c5:84:21:54:3f:b8:
9a:1d:9a:23:c2:34:e0:ea:98:ff:0d:63:c7:a8:a5:7e:e7:57:
29:40:0d:a8:5d:58:00:86:cd:fe:57:a8:dc:59:5b:01:65:96:
f4:7c:62:17:d7:a7:5d:00:de:08:f4:34:de:cd:05:ac:5e:b0:
3d:a2:a8:81:68:6e:c6:dd:e0:89:3d:57:e9:de:7f:27:0c:02:
d5:65:36:b3:87:e5:29:80:1d:e4:51:64:48:0d:d8:2d:0a:47:
ac:33:8c:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZcbp9xN9P8X1kptZEAk3bKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjUwNTI5MTA0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJmOTA5ZTE2NDZkODc2NDI2NzdlYjVmOWMxZWViMTdmYTk4ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9WGeLVFEq8CUqY/Ruin0N8lC7mG
uvfx7TI4GmgVvl9h4oSsrdycq4T6VIw978cY0g4kDSi+EaIRe5TW6KQeQ0Aks2MB
Q6Fk+JA7xjDvUkZ7UhxMgIpODRRD7ym7utEfjdo1oatWeIjybhvb8BT1QnE1U4jc
dE5e5LSlMm3mJo4yQYEOv1wn/OiepJhyUQ7sffKAR5o0rDqMpM+hTvfcTHxLQywf
Up212ozyVtzlywOyUkXqlG074u7rW1c6Ii0dHA+E5nxOHAFlyTdZB1XeLuGe851J
nbVxvp+shCE+yfyJDkhLA9PRuWnAmzm6a8kqaAy/kKTHjz7LTotKHssEQwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFOG/kJ4WRth2Qmd+tfnB7rF/qY15MB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvNGItUW5oWkcySFpDWjM2MS1jSHVzWC1walhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAy7i
AAMEA1kgWAMEAFvvLgMEAFvwrgMEAF/XCQMEArkH5AMEALkIXQMEArkiCAMEArlJ
mAMEArlkRAMEArl6QAMEArnwyAMEArzxFDAMAwQAwHzBAwQAwHzGAwQAwHzIAwQA
wHzLAwQBwHzOAwQAwSF9AwQAw+Z7MA0EAgACMAcDBQAqAKYAMA0GCSqGSIb3DQEB
CwUAA4IBAQASvH+3/jlKkAUXJiig+xICTI1zolAyP6+9trhDqaWDKVhbrbtOfUlC
xKjbKjingIaL2r7CiE/wV6BKByVJ4xgr/SNI5SP3Nl5VDps86aVUj6bNYRLQVttE
JoJnd2DiEhwC2XSHgYdmOnUxa/OLvDcNieNjoaDbCJ3utFNVSRTLdsFlt3xviXlZ
QXPU2UWD6VzSiiXGfuVkmCpvlNfFhCFUP7iaHZojwjTg6pj/DWPHqKV+51cpQA2o
XVgAhs3+V6jcWVsBZZb0fGIX16ddAN4I9DTezQWsXrA9oqiBaG7G3eCJPVfp3n8n
DALVZTazh+UpgB3kUWRIDdgtCkesM4zs
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:49:38 2025 by rpki-client