Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4PQhz7MOxuhGtS_nPubpyXMJOcI.roa
File: 4PQhz7MOxuhGtS_nPubpyXMJOcI.roa (raw, json)
Hash identifier: BnJSvsApOD8luZipfIRx4R+p7IT8Z+rfRgGtpM8nPhY=
Subject key identifier: E0:F4:21:CF:B3:0E:C6:E8:46:B5:2F:E7:3E:E6:E9:C9:73:09:39:C2
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0197466DEAF96644BDBECD66D024582254C7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4PQhz7MOxuhGtS_nPubpyXMJOcI.roa
Signing time: Fri 06 Jun 2025 18:08:17 +0000
ROA not before: Fri 06 Jun 2025 18:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:46:6d:ea:f9:66:44:bd:be:cd:66:d0:24:58:22:54:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 6 18:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0f421cfb30ec6e846b52fe73ee6e9c9730939c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:af:a3:68:4b:87:36:91:46:79:23:54:08:
fe:1d:a3:26:9c:60:aa:a9:f3:db:cd:64:73:ff:11:
3d:6f:90:40:17:76:70:ed:02:d6:6a:13:9d:17:98:
25:b8:20:7f:cf:af:5c:f3:fd:59:0e:99:0d:a9:a2:
04:73:3d:c6:77:ec:85:46:9e:75:e5:d9:0b:90:5e:
86:22:65:1f:7d:65:0c:cb:7f:cd:40:bb:d8:34:06:
36:e4:84:c3:d0:d0:ac:6d:de:9f:52:71:f6:6a:15:
3f:63:80:80:b9:c9:13:17:23:17:12:31:3d:66:68:
47:bd:40:e7:de:3a:82:d1:8d:be:a7:cb:0f:60:5d:
4f:7c:8a:f8:0c:20:c4:e1:64:22:b3:a8:fe:c2:21:
79:fd:bf:8b:ac:60:04:c2:30:3f:fa:8b:b9:3d:0c:
05:68:1c:97:c5:01:66:6a:73:48:62:a5:99:a7:62:
19:4f:37:d0:24:19:ed:c1:33:e7:9b:2e:1a:5e:bb:
8e:98:02:4e:c2:be:4e:7a:94:53:ff:54:a1:0f:8f:
cf:9d:c9:60:10:b1:32:2e:ae:5a:74:de:5c:81:b5:
59:e3:fe:08:f3:58:61:cf:7c:c4:9b:1f:ce:e8:0b:
21:fb:42:00:2a:95:d1:b6:ce:ed:7e:6a:f7:33:3a:
33:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F4:21:CF:B3:0E:C6:E8:46:B5:2F:E7:3E:E6:E9:C9:73:09:39:C2
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4PQhz7MOxuhGtS_nPubpyXMJOcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.163.0/24
Signature Algorithm: sha256WithRSAEncryption
01:7d:d9:2f:68:e6:9a:7d:48:4b:3a:74:0b:f5:59:7d:25:fb:
69:28:bd:a5:2a:f6:6f:53:d4:86:f2:f9:10:d2:8e:91:a9:99:
b3:20:ba:a4:c1:ab:e3:76:53:e6:e9:e4:b3:4a:4e:07:b2:60:
a3:b5:26:d9:3f:1d:e5:5b:cc:b1:9a:1b:3e:ad:33:00:f2:74:
9e:1d:89:1f:61:d1:95:e6:03:98:74:27:ef:36:6c:3b:fb:cb:
91:e0:e0:aa:88:2b:86:9d:e4:bf:6f:02:68:62:46:c3:60:52:
2c:07:48:29:2f:22:95:a4:26:e8:4b:2b:95:b1:03:97:72:f1:
ae:ca:bc:a8:8e:4e:22:35:73:d4:e0:fd:bb:7a:18:1d:9e:ac:
dc:41:ba:aa:a1:c9:96:28:27:7e:17:de:ed:49:c3:31:ff:eb:
c8:dc:ba:2c:08:9d:89:db:64:e7:9f:0c:92:20:aa:b8:b0:d7:
f6:72:93:02:13:3f:a3:f9:ac:ed:ba:d7:db:ae:4e:8e:05:1a:
15:1e:4d:b5:07:dc:3a:5c:3c:29:f8:71:cc:c4:65:70:30:aa:
f0:1e:e9:81:f1:ff:f9:ff:34:bb:00:07:9a:90:7c:69:53:51:
bb:e1:c8:02:0f:0b:5d:8a:6a:d2:60:16:05:62:75:b6:fd:b0:
84:6e:d7:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdGber5ZkS9vs1m0CRYIlTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwNjA2MTgwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGY0MjFjZmIzMGVjNmU4NDZiNTJmZTczZWU2ZTljOTczMDkzOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCavo2hLhzaRRnkjVAj+HaMmnGCq
qfPbzWRz/xE9b5BAF3Zw7QLWahOdF5gluCB/z69c8/1ZDpkNqaIEcz3Gd+yFRp51
5dkLkF6GImUffWUMy3/NQLvYNAY25ITD0NCsbd6fUnH2ahU/Y4CAuckTFyMXEjE9
ZmhHvUDn3jqC0Y2+p8sPYF1PfIr4DCDE4WQis6j+wiF5/b+LrGAEwjA/+ou5PQwF
aByXxQFmanNIYqWZp2IZTzfQJBntwTPnmy4aXruOmAJOwr5OepRT/1ShD4/Pnclg
ELEyLq5adN5cgbVZ4/4I81hhz3zEmx/O6Ash+0IAKpXRts7tfmr3MzozewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOD0Ic+zDsboRrUv5z7m6clzCTnCMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvNFBRaHo3TU94dWhHdFNfblB1YnB5WE1KT2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQAwSSjMA0GCSqGSIb3DQEBCwUAA4IBAQABfdkvaOaafUhLOnQL
9Vl9JftpKL2lKvZvU9SG8vkQ0o6RqZmzILqkwavjdlPm6eSzSk4HsmCjtSbZPx3l
W8yxmhs+rTMA8nSeHYkfYdGV5gOYdCfvNmw7+8uR4OCqiCuGneS/bwJoYkbDYFIs
B0gpLyKVpCboSyuVsQOXcvGuyryojk4iNXPU4P27ehgdnqzcQbqqocmWKCd+F97t
ScMx/+vI3LosCJ2J22TnnwySIKq4sNf2cpMCEz+j+aztutfbrk6OBRoVHk21B9w6
XDwp+HHMxGVwMKrwHumB8f/5/zS7AAeakHxpU1G74cgCDwtdimrSYBYFYnW2/bCE
btfB
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:40:32 2025 by rpki-client