Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/X4mIRbShCI_swD4AYibAfXumzPE.roa
File: X4mIRbShCI_swD4AYibAfXumzPE.roa (raw, json)
Hash identifier: ZCD8FV34ZVGGbkTB2fH3uXc5W92QDu1a+e1QI3r0+es=
Subject key identifier: 5F:89:88:45:B4:A1:08:8F:EC:C0:3E:00:62:26:C0:7D:7B:A6:CC:F1
Certificate issuer: /CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Certificate serial: 0196ECE1E90F69325AA554729856C6D478C8
Authority key identifier: 3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/X4mIRbShCI_swD4AYibAfXumzPE.roa
Signing time: Tue 20 May 2025 08:49:10 +0000
ROA not before: Tue 20 May 2025 08:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206276
IP address blocks: 45.8.12.0/22 maxlen: 22
45.141.240.0/22 maxlen: 22
78.142.212.0/22 maxlen: 22
178.251.16.0/22 maxlen: 22
185.179.184.0/22 maxlen: 22
185.190.100.0/22 maxlen: 22
193.38.224.0/22 maxlen: 22
194.49.56.0/22 maxlen: 22
212.63.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.mft
rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:e1:e9:0f:69:32:5a:a5:54:72:98:56:c6:d4:78:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Validity
Not Before: May 20 08:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f898845b4a1088fecc03e006226c07d7ba6ccf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:af:75:f6:f0:9d:1a:f3:3e:f2:42:3a:8c:3b:
0b:66:42:e5:19:32:87:6d:18:94:5f:d4:57:ba:ff:
c3:87:0f:65:87:9c:73:a2:2a:1e:71:7d:c2:42:73:
56:c1:25:81:bf:bd:00:ce:bb:8c:c0:c9:0b:88:3f:
97:2a:ac:75:02:f1:65:a6:68:7e:51:8e:73:99:aa:
2e:2e:92:51:76:cf:d1:15:05:b7:33:cd:ba:95:67:
32:1e:b8:7e:3d:b9:d7:f5:93:25:39:c1:e2:7d:e0:
e2:f4:9f:47:d3:89:eb:67:97:14:10:cf:62:ef:14:
4d:21:c3:60:e9:1f:54:38:93:91:48:c7:aa:f7:7f:
16:3a:20:ee:9a:0a:3f:bc:46:c2:28:87:2d:4b:99:
c3:ed:6d:15:cc:d8:84:7a:bc:a5:10:1c:ca:92:dc:
b0:5f:40:e8:03:3a:9f:25:ae:a8:d6:65:80:7e:3f:
81:ec:07:88:f9:f6:d7:fb:99:77:83:38:ee:03:c5:
b1:cf:da:c2:66:36:5f:53:c7:a6:a2:b5:9a:0e:d9:
d2:2b:f8:39:44:41:76:7c:c4:ac:01:7d:8f:3d:27:
c5:a3:66:ee:1f:c0:31:fc:ef:22:4b:05:93:73:9f:
2b:05:50:56:4d:87:7c:58:ea:a8:34:26:ae:08:0e:
e8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:89:88:45:B4:A1:08:8F:EC:C0:3E:00:62:26:C0:7D:7B:A6:CC:F1
X509v3 Authority Key Identifier:
keyid:3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/X4mIRbShCI_swD4AYibAfXumzPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.12.0/22
45.141.240.0/22
78.142.212.0/22
178.251.16.0/22
185.179.184.0/22
185.190.100.0/22
193.38.224.0/22
194.49.56.0/22
212.63.112.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:b7:a5:01:86:a1:ac:f7:13:6f:2a:82:ee:c6:0d:44:64:f0:
d5:dc:05:97:f1:bd:36:df:bf:71:b7:01:ea:ba:42:bb:d0:69:
e7:b2:24:03:18:49:98:4f:e4:33:70:63:e0:8d:a7:41:93:31:
83:7c:cf:df:6a:36:26:cf:00:a1:47:ba:f0:71:5f:8a:a2:d0:
2a:5f:aa:ea:cb:d3:5f:a6:23:60:da:6b:f3:2a:de:d6:3d:72:
ee:dc:42:f5:52:35:ec:8e:9a:54:c7:cd:1d:b5:62:c9:56:23:
35:fd:18:18:4b:59:53:53:4d:4d:2f:de:0f:68:2e:eb:2a:99:
c0:51:2e:24:16:3e:6d:10:05:fb:44:45:db:32:ed:59:36:c6:
b5:c5:4a:8d:79:88:17:85:33:c1:fd:b4:71:32:26:1e:46:75:
1b:e1:69:4d:25:c0:0a:9c:fb:24:17:3b:92:b4:cf:b4:b6:b7:
84:10:93:91:e6:ed:f8:e3:48:c4:e6:43:b5:03:9b:19:b9:99:
d2:74:83:df:87:76:6f:6e:dd:74:b7:27:5d:21:4a:e7:50:64:
c2:fa:a6:5e:ea:d9:6f:78:c8:67:e8:86:ba:29:49:6e:fe:b2:
7a:63:d2:d5:b1:c1:ea:83:c3:30:53:81:3d:08:c0:26:e1:65:
57:5a:1c:fc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZbs4ekPaTJapVRymFbG1HjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZmEyOTM2OGM4YmU2OWM4ZWRkNWFhMTkzNTU3ZmNiYTJh
NTdlYzgwHhcNMjUwNTIwMDg0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg5ODg0NWI0YTEwODhmZWNjMDNlMDA2MjI2YzA3ZDdiYTZjY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8K919vCdGvM+8kI6jDsLZkLlGTKH
bRiUX9RXuv/Dhw9lh5xzoioecX3CQnNWwSWBv70AzruMwMkLiD+XKqx1AvFlpmh+
UY5zmaouLpJRds/RFQW3M826lWcyHrh+PbnX9ZMlOcHifeDi9J9H04nrZ5cUEM9i
7xRNIcNg6R9UOJORSMeq938WOiDumgo/vEbCKIctS5nD7W0VzNiEerylEBzKktyw
X0DoAzqfJa6o1mWAfj+B7AeI+fbX+5l3gzjuA8Wxz9rCZjZfU8emorWaDtnSK/g5
REF2fMSsAX2PPSfFo2buH8Ax/O8iSwWTc58rBVBWTYd8WOqoNCauCA7oBQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF+JiEW0oQiP7MA+AGImwH17pszxMB8GA1UdIwQY
MBaAFD36KTaMi+acjt1aoZNVf8uipX7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODkt
YmQ1OGQwMDIxYTA5LzEvWDRtSVJiU2hDSV9zd0Q0QVlpYkFmWHVtelBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODktYmQ1OGQwMDIxYTA5
LzEvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLQgMAwQC
LY3wAwQCTo7UAwQCsvsQAwQCubO4AwQCub5kAwQCwSbgAwQCwjE4AwQC1D9wMA0G
CSqGSIb3DQEBCwUAA4IBAQCjt6UBhqGs9xNvKoLuxg1EZPDV3AWX8b02379xtwHq
ukK70GnnsiQDGEmYT+QzcGPgjadBkzGDfM/fajYmzwChR7rwcV+KotAqX6rqy9Nf
piNg2mvzKt7WPXLu3EL1UjXsjppUx80dtWLJViM1/RgYS1lTU01NL94PaC7rKpnA
US4kFj5tEAX7REXbMu1ZNsa1xUqNeYgXhTPB/bRxMiYeRnUb4WlNJcAKnPskFzuS
tM+0treEEJOR5u3440jE5kO1A5sZuZnSdIPfh3Zvbt10tyddIUrnUGTC+qZe6tlv
eMhn6Ia6KUlu/rJ6Y9LVscHqg8MwU4E9CMAm4WVXWhz8
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:58:39 2025 by rpki-client