Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/4Vk4JEUOO7Z8F7RLvQIBiIwUlEI.roa
File: 4Vk4JEUOO7Z8F7RLvQIBiIwUlEI.roa (raw, json)
Hash identifier: rcW0o0NPhb5z9zMvMiuZsijCh+e9Jb8o7gbV3WSd0Yo=
Subject key identifier: E1:59:38:24:45:0E:3B:B6:7C:17:B4:4B:BD:02:01:88:8C:14:94:42
Certificate issuer: /CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Certificate serial: 0198984C7C07D4FD26387F57A7512EE2D87E
Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/4Vk4JEUOO7Z8F7RLvQIBiIwUlEI.roa
Signing time: Mon 11 Aug 2025 08:43:25 +0000
ROA not before: Mon 11 Aug 2025 08:43:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57767
IP address blocks: 213.174.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 02:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:4c:7c:07:d4:fd:26:38:7f:57:a7:51:2e:e2:d8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Validity
Not Before: Aug 11 08:43:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1593824450e3bb67c17b44bbd0201888c149442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:42:51:0a:51:ad:1b:ce:49:4c:8c:4a:05:
71:4a:81:63:10:59:4f:6e:0a:ad:b1:aa:50:bf:66:
64:6e:48:84:c3:07:68:55:55:cc:0b:a7:f6:33:9a:
55:18:91:fa:af:f3:fc:42:ae:99:2f:4c:6f:51:cc:
99:74:2b:b3:a1:02:a1:03:f7:08:e2:23:16:d4:1d:
6a:49:e4:22:4c:03:08:f5:1c:17:7f:b4:7d:6f:d9:
47:77:60:46:e8:35:cf:39:70:1f:4a:d5:a8:84:04:
a0:37:4e:5f:61:d6:b9:29:0a:55:92:11:be:f1:0c:
00:8d:9f:fb:31:15:84:1b:97:8b:52:90:4c:7c:c3:
4b:42:fc:2d:33:e4:1b:90:fe:d6:f0:b5:19:81:18:
8c:3a:56:51:26:85:e5:32:31:a3:f1:58:e2:6c:02:
36:7b:83:1b:02:a7:5d:58:25:ae:05:16:73:c3:9f:
1d:49:ef:4e:eb:05:fd:87:b6:04:7d:9f:e4:05:64:
f2:46:b4:fc:92:48:35:a5:71:a5:be:05:67:fc:71:
e3:30:3a:47:6b:2c:8b:ce:f4:0a:29:2f:13:ba:b6:
95:fe:df:0a:95:2e:53:26:8a:34:e4:d6:4b:d7:c6:
94:66:7b:45:89:e3:d1:e1:22:51:90:3c:3e:d4:9d:
74:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:59:38:24:45:0E:3B:B6:7C:17:B4:4B:BD:02:01:88:8C:14:94:42
X509v3 Authority Key Identifier:
keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/4Vk4JEUOO7Z8F7RLvQIBiIwUlEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.174.6.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:de:ad:ed:1b:d0:a2:2d:4d:0d:55:1f:d8:7d:da:f8:e6:94:
39:f6:2a:69:96:32:1e:6c:59:d0:72:44:0c:e4:1e:bb:f2:b6:
01:39:d7:c2:55:22:4c:3b:8d:15:c6:b3:a2:5c:bf:c8:1e:48:
ea:50:0b:f4:54:fa:96:79:78:46:c6:21:1e:a0:3b:29:15:73:
86:e7:d2:01:d1:9e:af:14:c2:1b:f3:1d:38:95:59:c7:5b:77:
d7:78:1d:27:7f:94:ff:71:ee:73:69:87:72:6b:3b:02:43:f6:
fd:ea:a0:59:3d:c0:8d:84:4b:68:93:e5:b4:d5:c6:b6:9c:9d:
20:3c:f5:3c:a7:7f:32:de:c3:97:2d:0c:3f:4b:bf:99:e6:36:
72:90:01:1e:a5:cb:75:7d:e5:a5:18:22:d0:fa:18:e2:77:40:
76:1a:aa:56:4e:64:9a:70:b6:0f:a9:37:59:2b:bd:d2:23:65:
4e:9d:f3:d7:cb:fa:db:c4:a6:7b:ce:fe:d3:e6:72:90:a8:2f:
ea:40:86:86:4b:aa:4e:49:7e:fa:c0:10:ce:8e:53:a4:86:b3:
eb:59:42:a2:9d:22:2e:c9:13:5c:14:9c:ae:d9:69:7c:a4:57:
50:27:ad:6b:b3:70:eb:53:91:cb:8b:12:f3:8a:15:4a:b8:6b:
cc:7d:67:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiYTHwH1P0mOH9Xp1Eu4th+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0
Y2IxN2EwHhcNMjUwODExMDg0MzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU5MzgyNDQ1MGUzYmI2N2MxN2I0NGJiZDAyMDE4ODhjMTQ5NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofZCUQpRrRvOSUyMSgVxSoFjEFlP
bgqtsapQv2ZkbkiEwwdoVVXMC6f2M5pVGJH6r/P8Qq6ZL0xvUcyZdCuzoQKhA/cI
4iMW1B1qSeQiTAMI9RwXf7R9b9lHd2BG6DXPOXAfStWohASgN05fYda5KQpVkhG+
8QwAjZ/7MRWEG5eLUpBMfMNLQvwtM+QbkP7W8LUZgRiMOlZRJoXlMjGj8VjibAI2
e4MbAqddWCWuBRZzw58dSe9O6wX9h7YEfZ/kBWTyRrT8kkg1pXGlvgVn/HHjMDpH
ayyLzvQKKS8TuraV/t8KlS5TJoo05NZL18aUZntFiePR4SJRkDw+1J10VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFZOCRFDju2fBe0S70CAYiMFJRCMB8GA1UdIwQY
MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt
NTQ5ZWU2ZDMwZmI2LzEvNFZrNEpFVU9PN1o4RjdSTHZRSUJpSXdVbEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQtNTQ5ZWU2ZDMwZmI2
LzEvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a4GMA0G
CSqGSIb3DQEBCwUAA4IBAQCh3q3tG9CiLU0NVR/Yfdr45pQ59ippljIebFnQckQM
5B678rYBOdfCVSJMO40VxrOiXL/IHkjqUAv0VPqWeXhGxiEeoDspFXOG59IB0Z6v
FMIb8x04lVnHW3fXeB0nf5T/ce5zaYdyazsCQ/b96qBZPcCNhEtok+W01ca2nJ0g
PPU8p38y3sOXLQw/S7+Z5jZykAEepct1feWlGCLQ+hjid0B2GqpWTmSacLYPqTdZ
K73SI2VOnfPXy/rbxKZ7zv7T5nKQqC/qQIaGS6pOSX76wBDOjlOkhrPrWUKinSIu
yRNcFJyu2Wl8pFdQJ61rs3DrU5HLixLzihVKuGvMfWei
-----END CERTIFICATE-----
Generated at Thu Aug 21 10:25:52 2025 by rpki-client