Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/4x7-ktBsTiUrH2DBAq-wxpcapYU.roa
File: 4x7-ktBsTiUrH2DBAq-wxpcapYU.roa (raw, json)
Hash identifier: Xys/kT1aUSVNNJGlwnZKJ/BEiA9WnHrr8DhfuUAzSu8=
Subject key identifier: E3:1E:FE:92:D0:6C:4E:25:2B:1F:60:C1:02:AF:B0:C6:97:1A:A5:85
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0196FD610091EFD1F00D167664144F23ABAE
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/4x7-ktBsTiUrH2DBAq-wxpcapYU.roa
Signing time: Fri 23 May 2025 13:41:54 +0000
ROA not before: Fri 23 May 2025 13:41:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
37.44.229.0/24 maxlen: 24
45.66.92.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
192.145.52.0/24 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:61:00:91:ef:d1:f0:0d:16:76:64:14:4f:23:ab:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: May 23 13:41:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e31efe92d06c4e252b1f60c102afb0c6971aa585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a7:f0:9b:d9:c1:9b:8f:de:5e:cf:42:dd:de:
0d:38:20:96:3d:2e:0c:8f:cd:c8:81:cb:fe:10:8e:
dc:d7:44:34:17:fe:c1:fd:7c:03:80:e1:08:29:13:
28:1d:91:0a:fa:a7:9c:a1:0e:d3:72:4d:14:15:21:
19:6e:34:92:17:0f:18:ea:12:54:ac:7a:6f:b1:49:
71:8d:fc:65:49:ab:c5:af:d8:e0:27:4d:68:8f:82:
b8:48:f2:ee:d7:83:1b:36:c9:69:55:5f:57:b1:b7:
2c:1b:7c:ad:c2:a3:d4:7a:29:3f:34:9b:21:3c:9d:
05:10:96:9c:1e:29:c8:94:73:d8:c5:53:e4:a4:a9:
e6:63:6a:d6:1d:9e:5c:79:2c:c8:14:aa:9b:96:aa:
c0:b7:68:ff:2f:00:be:7e:5f:4a:fb:92:0e:f7:74:
87:c0:a2:c0:23:fc:4d:8d:82:77:54:e8:06:9b:91:
a5:ed:6f:dc:6b:7a:10:bc:1e:78:41:fd:62:cc:8d:
44:dc:b6:d4:24:55:f3:39:cb:0b:46:64:dd:99:50:
35:b6:3c:26:e5:9e:53:ee:6d:55:ca:9d:09:86:f8:
e0:23:19:3a:9b:da:99:18:54:2e:ad:c7:00:88:b8:
0f:7a:eb:b7:db:70:01:8e:22:76:e5:0b:80:0f:25:
d9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1E:FE:92:D0:6C:4E:25:2B:1F:60:C1:02:AF:B0:C6:97:1A:A5:85
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/4x7-ktBsTiUrH2DBAq-wxpcapYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/23
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:7a:b3:ad:32:92:a4:76:f7:86:89:ed:5d:72:07:0e:da:8f:
8b:ce:af:dc:a8:13:5d:66:46:b4:d9:4b:ba:82:52:4e:44:88:
35:f1:94:5b:e2:db:f8:12:cb:aa:90:d8:1f:cb:1d:3d:d3:e9:
12:b7:57:0b:bd:a7:95:7c:39:61:2b:8a:e0:09:4d:3e:3f:54:
8a:85:9a:59:8a:d6:e4:1a:d1:c2:69:34:50:59:87:e1:ac:07:
93:ec:40:98:69:d5:e6:76:57:07:84:63:fa:a2:e8:79:6c:b5:
bd:7f:fb:d4:97:c9:79:13:19:95:43:d5:26:41:51:27:f4:09:
93:47:14:ef:33:1c:bf:9d:b5:b2:70:33:ba:15:b2:5f:72:d4:
25:3c:18:3d:80:25:94:af:bb:73:4b:81:9e:f2:c5:1a:c4:8d:
80:76:e0:5d:c4:9c:71:0d:ab:ed:22:bb:2c:3d:45:41:da:62:
6f:5d:d9:76:93:fb:04:4e:4c:7a:bc:0c:fb:2b:e5:9d:74:d2:
8e:2e:ff:2b:df:d6:1b:2f:8c:60:77:a5:a1:5e:7d:b5:ba:40:
a1:82:12:69:01:fd:ac:1f:a2:85:71:cd:8a:70:58:20:cf:f3:
1b:f3:17:78:a1:8b:40:07:a9:7d:7c:2c:66:fe:39:b9:c4:a2:
20:b1:c8:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZb9YQCR79HwDRZ2ZBRPI6uuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwNTIzMTM0MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFlZmU5MmQwNmM0ZTI1MmIxZjYwYzEwMmFmYjBjNjk3MWFhNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Kfwm9nBm4/eXs9C3d4NOCCWPS4M
j83Igcv+EI7c10Q0F/7B/XwDgOEIKRMoHZEK+qecoQ7Tck0UFSEZbjSSFw8Y6hJU
rHpvsUlxjfxlSavFr9jgJ01oj4K4SPLu14MbNslpVV9XsbcsG3ytwqPUeik/NJsh
PJ0FEJacHinIlHPYxVPkpKnmY2rWHZ5ceSzIFKqblqrAt2j/LwC+fl9K+5IO93SH
wKLAI/xNjYJ3VOgGm5Gl7W/ca3oQvB54Qf1izI1E3LbUJFXzOcsLRmTdmVA1tjwm
5Z5T7m1Vyp0JhvjgIxk6m9qZGFQurccAiLgPeuu323ABjiJ25QuADyXZwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOMe/pLQbE4lKx9gwQKvsMaXGqWFMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvNHg3LWt0QnNUaVVySDJEQkFxLXd4cGNhcFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQB
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQBeerOtMpKkdveGie1d
cgcO2o+Lzq/cqBNdZka02Uu6glJORIg18ZRb4tv4EsuqkNgfyx090+kSt1cLvaeV
fDlhK4rgCU0+P1SKhZpZitbkGtHCaTRQWYfhrAeT7ECYadXmdlcHhGP6ouh5bLW9
f/vUl8l5ExmVQ9UmQVEn9AmTRxTvMxy/nbWycDO6FbJfctQlPBg9gCWUr7tzS4Ge
8sUaxI2AduBdxJxxDavtIrssPUVB2mJvXdl2k/sETkx6vAz7K+WddNKOLv8r39Yb
L4xgd6WhXn21ukChghJpAf2sH6KFcc2KcFggz/Mb8xd4oYtAB6l9fCxm/jm5xKIg
scje
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:16:44 2025 by rpki-client