Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IHVfS7lgRLIy4SgpWhtseN26-48.roa
File: IHVfS7lgRLIy4SgpWhtseN26-48.roa (raw, json)
Hash identifier: D0r8cLH2JLwb9P+7kO9RsfJwonU/rezLBW31moy8Y64=
Subject key identifier: 20:75:5F:4B:B9:60:44:B2:32:E1:28:29:5A:1B:6C:78:DD:BA:FB:8F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019953967F748904D41E1335E65EA3D03831
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IHVfS7lgRLIy4SgpWhtseN26-48.roa
Signing time: Tue 16 Sep 2025 17:33:15 +0000
ROA not before: Tue 16 Sep 2025 17:33:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 185.254.18.0/24 maxlen: 24
212.46.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:53:96:7f:74:89:04:d4:1e:13:35:e6:5e:a3:d0:38:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Sep 16 17:33:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20755f4bb96044b232e128295a1b6c78ddbafb8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d4:be:1f:b7:62:1c:3f:23:99:08:2e:52:aa:
e9:01:31:59:ac:fc:32:e4:ef:8a:7e:d1:b4:a6:f4:
5e:e6:b5:07:95:6d:0f:5c:76:b9:68:7a:15:54:f7:
7a:ec:a7:2e:83:56:87:0e:9e:b5:de:47:9a:7c:06:
70:88:c2:4f:2d:3b:37:1e:80:10:8e:8b:27:01:b6:
83:a1:51:bb:f1:c7:e2:b8:7e:f5:c0:d5:0c:db:9b:
35:f3:1d:de:c4:a9:09:ec:d9:93:48:49:7b:05:8f:
4f:5c:35:36:36:76:2b:56:62:55:d3:45:63:7f:be:
97:0b:59:a5:42:19:5f:78:08:98:fa:9c:47:ab:d0:
3e:7a:33:eb:ad:35:f8:6c:3e:3a:98:e1:c6:be:4a:
a8:08:74:c1:ef:9a:c8:db:30:5b:f1:10:5b:82:fc:
d8:bb:5a:1c:f7:55:22:7f:98:bd:67:20:55:f1:fb:
0f:4f:d3:16:d8:cc:d1:39:de:39:86:47:21:92:fc:
03:ae:c3:46:66:7a:12:9f:64:42:ec:18:7d:37:9d:
de:6f:f5:10:cc:19:f1:5b:fa:7f:83:8f:97:4e:e1:
54:36:2a:0b:75:12:7c:41:94:88:01:ee:7c:4d:64:
7d:e2:d4:ce:86:a0:df:0c:ff:1a:11:83:ff:60:71:
42:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:75:5F:4B:B9:60:44:B2:32:E1:28:29:5A:1B:6C:78:DD:BA:FB:8F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IHVfS7lgRLIy4SgpWhtseN26-48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.18.0/24
212.46.37.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:8f:b8:e0:e0:e2:97:4f:b5:df:0d:36:2b:a0:b2:d3:85:c4:
d8:c1:6b:7e:dd:0d:d2:e4:d6:af:58:52:e0:4c:ff:ae:71:35:
bd:62:d4:06:f2:28:2b:95:c3:be:c1:56:07:ef:31:67:72:c4:
3e:22:7d:57:aa:46:b7:7c:33:c9:85:4b:b4:91:8c:18:82:75:
28:ba:d8:ad:b1:9a:cf:43:cc:79:8f:47:58:33:24:1e:f5:44:
f4:30:a7:81:4f:17:85:df:91:a1:80:1b:76:50:eb:05:97:2e:
c1:1f:42:b9:eb:72:98:1f:a0:c2:15:01:5e:f2:5b:44:60:41:
cb:83:1b:48:7b:f5:70:33:f5:cd:f1:13:4f:bb:b5:9d:d7:72:
f9:ee:c6:65:8f:eb:0e:ab:00:e2:47:40:cd:31:ec:af:d0:e6:
37:15:13:da:5c:d5:53:18:54:c7:31:53:91:0a:c4:96:b3:13:
6b:80:37:d5:7b:4f:79:8f:85:69:88:79:0a:7a:c6:09:99:a6:
5f:98:25:a0:88:3c:66:fc:b4:86:0f:bd:bd:ca:f7:ed:52:5c:
18:ee:05:4c:77:36:ef:e1:40:0d:54:3c:0c:58:eb:b5:10:66:
d7:ef:e2:cf:05:5d:9e:38:74:33:31:44:23:0b:9d:45:45:70:
11:86:b1:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlTln90iQTUHhM15l6j0DgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwOTE2MTczMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDc1NWY0YmI5NjA0NGIyMzJlMTI4Mjk1YTFiNmM3OGRkYmFmYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNS+H7diHD8jmQguUqrpATFZrPwy
5O+KftG0pvRe5rUHlW0PXHa5aHoVVPd67Kcug1aHDp613keafAZwiMJPLTs3HoAQ
josnAbaDoVG78cfiuH71wNUM25s18x3exKkJ7NmTSEl7BY9PXDU2NnYrVmJV00Vj
f76XC1mlQhlfeAiY+pxHq9A+ejPrrTX4bD46mOHGvkqoCHTB75rI2zBb8RBbgvzY
u1oc91Uif5i9ZyBV8fsPT9MW2MzROd45hkchkvwDrsNGZnoSn2RC7Bh9N53eb/UQ
zBnxW/p/g4+XTuFUNioLdRJ8QZSIAe58TWR94tTOhqDfDP8aEYP/YHFCuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCB1X0u5YESyMuEoKVobbHjduvuPMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvSUhWZlM3bGdSTEl5NFNncFdodHNlTjI2LTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf4SAwQA
1C4lMA0GCSqGSIb3DQEBCwUAA4IBAQC/j7jg4OKXT7XfDTYroLLThcTYwWt+3Q3S
5NavWFLgTP+ucTW9YtQG8igrlcO+wVYH7zFncsQ+In1Xqka3fDPJhUu0kYwYgnUo
utitsZrPQ8x5j0dYMyQe9UT0MKeBTxeF35GhgBt2UOsFly7BH0K563KYH6DCFQFe
8ltEYEHLgxtIe/VwM/XN8RNPu7Wd13L57sZlj+sOqwDiR0DNMeyv0OY3FRPaXNVT
GFTHMVORCsSWsxNrgDfVe095j4VpiHkKesYJmaZfmCWgiDxm/LSGD729yvftUlwY
7gVMdzbv4UANVDwMWOu1EGbX7+LPBV2eOHQzMUQjC51FRXARhrG5
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:42:53 2025 by rpki-client