Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1x058ndDZHjc4S074b7C6G2o0KQ.roa
File: 1x058ndDZHjc4S074b7C6G2o0KQ.roa (raw, json)
Hash identifier: 6NqrEtmwZV1lsLbsJ/bQBPnqsNTZmovuYZMqK+3nGes=
Subject key identifier: D7:1D:39:F2:77:43:64:78:DC:E1:2D:3B:E1:BE:C2:E8:6D:A8:D0:A4
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01991414B126DC4CF0D6C70877FFDDF31EE4
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1x058ndDZHjc4S074b7C6G2o0KQ.roa
Signing time: Thu 04 Sep 2025 09:35:24 +0000
ROA not before: Thu 04 Sep 2025 09:35:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:14:b1:26:dc:4c:f0:d6:c7:08:77:ff:dd:f3:1e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 4 09:35:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d71d39f277436478dce12d3be1bec2e86da8d0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7a:dd:90:eb:84:0d:d0:18:f4:1f:10:26:7f:
0a:67:6a:cd:f9:8d:21:3d:aa:19:dd:b4:c4:d8:9a:
2f:ff:9e:11:cb:fe:3b:ec:c2:ac:ff:e2:43:66:13:
ef:25:55:74:8f:5e:56:f9:e4:a2:45:da:d0:2f:9d:
75:7b:e4:98:51:83:6f:42:ec:79:b9:9c:ca:c4:9b:
2d:f1:ef:1f:58:04:87:5b:9d:e2:12:8d:72:e4:9a:
8a:7f:e3:e6:63:a7:82:ab:f9:dd:cf:d2:45:90:94:
98:87:c1:17:cb:bd:fd:7e:62:87:5d:20:17:08:58:
57:f3:b3:8b:ab:08:a3:26:76:8c:6f:8d:30:a9:56:
7e:8b:fd:cc:0c:29:6e:62:54:95:f7:8a:73:54:3a:
e9:73:9c:f2:eb:cb:3d:c9:9c:0d:36:8f:ad:d9:09:
34:35:41:c9:5f:b0:11:4e:6f:71:c5:f4:c3:94:cc:
f1:10:4a:b5:2a:82:f8:4b:82:cb:b8:63:84:2b:28:
f7:03:fd:d1:fb:79:24:ba:a6:53:a6:9e:25:54:53:
e6:a0:66:2c:08:14:73:55:5e:d8:75:d7:89:a2:9e:
83:b4:50:c8:d1:c9:32:02:29:ae:3e:b8:93:6f:9a:
7d:b8:88:6d:f4:be:30:45:bf:36:55:c6:48:c2:d3:
4f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1D:39:F2:77:43:64:78:DC:E1:2D:3B:E1:BE:C2:E8:6D:A8:D0:A4
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1x058ndDZHjc4S074b7C6G2o0KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.140.0/24
176.46.145.0/24
176.46.151.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:bf:aa:1d:c3:32:17:32:83:08:df:08:cf:13:7c:2c:b9:56:
ac:99:56:e4:25:97:9a:93:5a:67:b4:26:c3:cc:b3:fb:c2:d9:
46:b6:6f:11:6d:1e:1a:dd:85:eb:11:30:e2:41:29:1b:b8:b8:
33:a2:f9:dc:e8:97:65:95:0e:f1:26:1f:ee:1d:4c:dd:21:84:
58:c8:d9:8d:7c:61:07:bd:c0:66:00:9a:84:fc:59:7e:aa:de:
61:9a:93:a2:20:fe:d4:4f:6d:47:09:5b:d5:76:a3:e1:40:86:
b8:9d:35:5c:3e:16:79:f9:64:7e:6f:d2:ec:1a:b5:c7:ca:eb:
6e:c9:dc:b3:e3:4c:01:95:3f:e2:67:81:30:57:47:37:aa:91:
f1:45:a4:9a:b8:33:e0:38:4d:2c:b8:8e:6e:fe:15:8a:ad:00:
a5:a6:4c:9d:c2:69:0c:c9:7b:97:8b:68:36:6c:16:62:0c:2b:
ef:ba:b2:81:70:0c:0d:c2:c2:36:18:f4:56:67:da:72:4b:e4:
69:d0:05:97:e1:62:a6:b0:cc:9b:5b:a4:de:46:39:06:08:a7:
fd:fd:c7:ce:fa:ea:0f:02:c4:e9:e6:4e:aa:d5:82:bc:d4:46:
2f:af:92:76:bf:1d:ce:0a:f4:f7:4f:53:06:8c:98:67:0d:a7:
70:17:26:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkUFLEm3Ezw1scId//d8x7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwOTA0MDkzNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFkMzlmMjc3NDM2NDc4ZGNlMTJkM2JlMWJlYzJlODZkYThkMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3rdkOuEDdAY9B8QJn8KZ2rN+Y0h
PaoZ3bTE2Jov/54Ry/477MKs/+JDZhPvJVV0j15W+eSiRdrQL511e+SYUYNvQux5
uZzKxJst8e8fWASHW53iEo1y5JqKf+PmY6eCq/ndz9JFkJSYh8EXy739fmKHXSAX
CFhX87OLqwijJnaMb40wqVZ+i/3MDCluYlSV94pzVDrpc5zy68s9yZwNNo+t2Qk0
NUHJX7ARTm9xxfTDlMzxEEq1KoL4S4LLuGOEKyj3A/3R+3kkuqZTpp4lVFPmoGYs
CBRzVV7YddeJop6DtFDI0ckyAimuPriTb5p9uIht9L4wRb82VcZIwtNPaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNcdOfJ3Q2R43OEtO+G+wuhtqNCkMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvMXgwNThuZERaSGpjNFMwNzRiN0M2RzJvMEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsC6MAwQA
sC6RAwQAsC6XMA0GCSqGSIb3DQEBCwUAA4IBAQChv6odwzIXMoMI3wjPE3wsuVas
mVbkJZeak1pntCbDzLP7wtlGtm8RbR4a3YXrETDiQSkbuLgzovnc6JdllQ7xJh/u
HUzdIYRYyNmNfGEHvcBmAJqE/Fl+qt5hmpOiIP7UT21HCVvVdqPhQIa4nTVcPhZ5
+WR+b9LsGrXHyutuydyz40wBlT/iZ4EwV0c3qpHxRaSauDPgOE0suI5u/hWKrQCl
pkydwmkMyXuXi2g2bBZiDCvvurKBcAwNwsI2GPRWZ9pyS+Rp0AWX4WKmsMybW6Te
RjkGCKf9/cfO+uoPAsTp5k6q1YK81EYvr5J2vx3OCvT3T1MGjJhnDadwFyZ1
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:49:59 2025 by rpki-client