Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iUszO4RsF5JsN8aKUe_282AVKhk.roa
File: iUszO4RsF5JsN8aKUe_282AVKhk.roa (raw, json)
Hash identifier: enoTtDZiqWsnqxvI57kUqxwInlER5hpkldCuT2PJxWc=
Subject key identifier: 89:4B:33:3B:84:6C:17:92:6C:37:C6:8A:51:EF:F6:F3:60:15:2A:19
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019914578695AEC3189BEC5C15CE446936B8
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iUszO4RsF5JsN8aKUe_282AVKhk.roa
Signing time: Thu 04 Sep 2025 10:48:24 +0000
ROA not before: Thu 04 Sep 2025 10:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.120.0/21 maxlen: 24
109.248.16.0/20 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 08:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:57:86:95:ae:c3:18:9b:ec:5c:15:ce:44:69:36:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Sep 4 10:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=894b333b846c17926c37c68a51eff6f360152a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:11:b8:88:6e:59:15:79:fe:d7:95:10:1d:
99:40:f1:a5:72:7a:d4:11:4c:ac:3e:d5:9b:85:0d:
7c:0d:06:c1:b7:98:ff:0e:9f:05:38:33:e4:29:4f:
0b:44:73:5e:de:c9:79:d6:be:1e:fb:02:31:c8:f9:
09:62:28:ea:4f:d5:c7:ba:7e:57:19:e6:08:57:f6:
11:cb:8f:6f:0b:7a:7c:c2:75:2f:76:6b:6d:ee:cf:
4b:3e:c3:12:74:5d:63:85:7e:ae:cd:a7:59:11:0b:
f2:af:48:5b:2e:33:08:d5:f9:49:91:8e:7f:be:5e:
72:ad:78:eb:6c:be:6e:d0:e9:4c:db:2b:ef:a2:cd:
53:19:a4:71:09:2b:49:f5:b5:7f:8b:85:a5:6a:e5:
a9:6a:e5:d5:d3:4e:9e:e6:93:77:ba:f9:7e:f7:02:
91:93:20:1b:b2:92:29:fc:7b:39:b0:93:f7:05:60:
7e:ed:4b:12:4d:ef:24:5c:73:f1:8c:f3:0b:63:af:
31:56:52:3e:50:67:f9:6c:e3:ac:08:85:dc:c2:73:
c0:59:43:73:1c:dd:43:6f:d7:91:30:00:d7:bc:cb:
84:6f:01:5e:db:c9:d1:76:59:00:49:35:4d:4f:a1:
1d:78:08:cf:f3:b7:0f:c3:49:6f:9b:e9:dc:13:34:
bc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4B:33:3B:84:6C:17:92:6C:37:C6:8A:51:EF:F6:F3:60:15:2A:19
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iUszO4RsF5JsN8aKUe_282AVKhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.120.0/21
109.248.16.0/20
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
8c:07:0c:d7:29:58:eb:9f:5b:f4:48:58:10:33:58:01:80:86:
55:ff:a0:71:01:36:d8:1c:c2:9c:30:b4:aa:26:89:5b:84:3a:
3d:7b:59:97:1d:31:e1:04:77:6e:09:6e:2b:cd:0b:bc:39:4c:
f8:61:85:c4:87:b3:54:a7:d1:3f:04:bb:79:71:b9:85:16:c7:
f2:46:4d:75:35:bb:aa:2c:c6:6a:5d:1d:ec:2e:bc:73:3d:ac:
9e:7e:68:c8:23:79:56:b0:21:3d:be:4d:4f:73:eb:1e:d3:6f:
06:79:a5:bb:5f:6a:0e:9d:3d:84:44:c8:d5:1a:2f:69:21:4b:
5f:e0:24:99:20:3f:cb:26:a6:55:ba:11:b8:75:06:d6:85:45:
2a:58:d4:b8:28:be:11:41:90:0b:ae:49:b5:18:f4:97:07:30:
34:54:8b:62:b5:99:7f:9f:ef:41:37:75:cf:2c:36:d0:4e:6b:
a1:3c:54:dd:02:e9:cb:25:cc:a5:76:e5:0a:bb:72:7f:ef:ac:
2d:7b:33:95:b3:4c:bf:df:9a:15:9d:77:09:5c:6a:b7:fc:38:
aa:4b:37:e5:60:ef:bf:4b:38:40:ca:15:8b:3c:8b:5b:86:7a:
77:b2:db:2e:91:ed:3a:0d:45:23:c5:5f:ba:e8:f7:4a:80:3b:
91:7a:4d:17
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZkUV4aVrsMYm+xcFc5EaTa4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwOTA0MTA0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRiMzMzYjg0NmMxNzkyNmMzN2M2OGE1MWVmZjZmMzYwMTUyYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7kRuIhuWRV5/teVEB2ZQPGlcnrU
EUysPtWbhQ18DQbBt5j/Dp8FODPkKU8LRHNe3sl51r4e+wIxyPkJYijqT9XHun5X
GeYIV/YRy49vC3p8wnUvdmtt7s9LPsMSdF1jhX6uzadZEQvyr0hbLjMI1flJkY5/
vl5yrXjrbL5u0OlM2yvvos1TGaRxCStJ9bV/i4WlauWpauXV006e5pN3uvl+9wKR
kyAbspIp/Hs5sJP3BWB+7UsSTe8kXHPxjPMLY68xVlI+UGf5bOOsCIXcwnPAWUNz
HN1Db9eRMADXvMuEbwFe28nRdlkASTVNT6EdeAjP87cPw0lvm+ncEzS8tQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIlLMzuEbBeSbDfGilHv9vNgFSoZMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvaVVzek80UnNGNUpzTjhhS1VlXzI4MkFWS2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLgh4AwQE
bfgQAwQAvIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQCMBwzXKVjrn1v0SFgQM1gBgIZV/6BxATbYHMKcMLSqJolbhDo9e1mXHTHhBHdu
CW4rzQu8OUz4YYXEh7NUp9E/BLt5cbmFFsfyRk11NbuqLMZqXR3sLrxzPayefmjI
I3lWsCE9vk1Pc+se028GeaW7X2oOnT2ERMjVGi9pIUtf4CSZID/LJqZVuhG4dQbW
hUUqWNS4KL4RQZALrkm1GPSXBzA0VItitZl/n+9BN3XPLDbQTmuhPFTdAunLJcyl
duUKu3J/76wtezOVs0y/35oVnXcJXGq3/DiqSzflYO+/SzhAyhWLPItbhnp3stsu
ke06DUUjxV+66PdKgDuRek0X
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:50:33 2025 by rpki-client