Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/47eIJ8V_vUeaf931FM7IxK91CcE.roa
File: 47eIJ8V_vUeaf931FM7IxK91CcE.roa (raw, json)
Hash identifier: f6v2+FWyDEZuskjBVMtWMIwIswmDslvBkOwQrDqg5eI=
Subject key identifier: E3:B7:88:27:C5:7F:BD:47:9A:7F:DD:F5:14:CE:C8:C4:AF:75:09:C1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A019BDE2842A05EAA20ED2BF0B9E2AB97
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/47eIJ8V_vUeaf931FM7IxK91CcE.roa
Signing time: Mon 20 Oct 2025 12:33:03 +0000
ROA not before: Mon 20 Oct 2025 12:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207461
IP address blocks: 45.94.47.0/24 maxlen: 24
193.5.65.0/24 maxlen: 24
2a0f:3d86:100::/48 maxlen: 48
2a13:8c86:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:9b:de:28:42:a0:5e:aa:20:ed:2b:f0:b9:e2:ab:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 20 12:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3b78827c57fbd479a7fddf514cec8c4af7509c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e3:d9:d3:31:3b:e0:f8:43:89:bf:eb:04:21:
87:92:23:00:b8:9d:a3:12:27:eb:91:e2:9d:ce:fb:
53:b8:47:f6:6b:86:7d:95:64:61:f7:19:34:43:60:
3f:04:3d:0b:9d:00:d2:03:87:9b:97:e8:ae:e6:63:
ae:f1:00:01:00:f4:77:83:da:46:eb:16:44:55:3d:
d3:1b:b9:94:81:9b:31:f2:40:99:81:49:f8:a8:0b:
26:86:40:ec:96:f1:a5:75:fb:ab:80:9b:e2:b6:37:
44:11:43:6d:85:f0:c4:8c:8f:ec:a6:de:9d:34:02:
f3:a0:73:89:2e:6a:49:28:d2:9a:7c:8e:a0:a6:ca:
94:ba:1e:7f:db:76:cd:4c:18:73:90:2a:f1:29:09:
da:39:99:5e:72:40:3f:01:24:21:81:a4:c5:f0:7c:
3d:77:ed:2b:e7:2d:b5:c4:52:f1:d9:c2:f3:0f:1c:
7d:3b:c8:e2:95:89:c3:71:7a:31:90:12:a3:e1:74:
e6:c7:bf:11:87:7f:1a:73:f9:00:8c:b5:70:69:54:
00:ac:af:34:f4:a6:58:95:40:72:a0:fb:cd:30:72:
55:0f:7e:f8:34:dc:96:49:3b:b0:e4:84:b5:e7:e9:
7b:60:9d:c3:4c:1b:fb:51:6e:38:9b:cf:9c:25:00:
9f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B7:88:27:C5:7F:BD:47:9A:7F:DD:F5:14:CE:C8:C4:AF:75:09:C1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/47eIJ8V_vUeaf931FM7IxK91CcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.47.0/24
193.5.65.0/24
IPv6:
2a0f:3d86:100::/48
2a13:8c86:120::/48
Signature Algorithm: sha256WithRSAEncryption
79:ef:2f:42:44:2a:e3:af:db:49:b5:36:f0:71:84:f8:ea:b1:
c1:2e:a8:81:d4:da:58:8e:12:35:89:f9:fa:f9:cc:b3:99:2b:
51:d1:1b:72:01:89:72:d7:9d:84:dc:e5:4f:a0:47:5c:ba:a5:
fb:73:6a:ef:af:ef:12:73:ab:2b:7f:aa:87:e9:6c:e5:09:12:
37:9e:20:e1:77:4a:3d:b1:b7:08:cf:64:df:8c:8d:da:71:5d:
db:d4:b5:f4:df:75:6c:7d:08:49:d0:7f:ae:58:99:d0:b4:cf:
f2:ed:f4:70:53:41:2b:d3:33:10:cb:c1:eb:6e:54:8d:5b:54:
10:10:87:7b:40:f3:6c:33:75:b6:4f:cb:07:a1:db:35:18:30:
6d:c4:98:86:4c:69:d7:43:59:48:20:f4:46:97:73:e1:87:aa:
23:33:c6:9c:37:38:50:c5:f3:7d:52:7a:16:7b:f6:e8:55:b6:
ac:5e:15:25:bb:38:86:b4:ec:71:5a:5b:9d:23:9d:bb:a3:98:
18:ef:d3:76:a0:98:17:96:ea:6f:fa:9a:9c:c7:3c:8a:17:88:
76:e4:62:9b:07:2b:60:e5:3e:f1:a0:ea:f0:b1:f7:79:59:4a:
f4:d3:b6:7b:fb:e8:1c:53:8e:5c:c1:de:d6:25:24:94:cf:19:
bc:4e:8d:aa
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZoBm94oQqBeqiDtK/C54quXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDIwMTIzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2I3ODgyN2M1N2ZiZDQ3OWE3ZmRkZjUxNGNlYzhjNGFmNzUwOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyePZ0zE74PhDib/rBCGHkiMAuJ2j
EifrkeKdzvtTuEf2a4Z9lWRh9xk0Q2A/BD0LnQDSA4ebl+iu5mOu8QABAPR3g9pG
6xZEVT3TG7mUgZsx8kCZgUn4qAsmhkDslvGldfurgJvitjdEEUNthfDEjI/spt6d
NALzoHOJLmpJKNKafI6gpsqUuh5/23bNTBhzkCrxKQnaOZleckA/ASQhgaTF8Hw9
d+0r5y21xFLx2cLzDxx9O8jilYnDcXoxkBKj4XTmx78Rh38ac/kAjLVwaVQArK80
9KZYlUByoPvNMHJVD374NNyWSTuw5IS15+l7YJ3DTBv7UW44m8+cJQCfFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOO3iCfFf71Hmn/d9RTOyMSvdQnBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNDdlSUo4Vl92VWVhZjkzMUZNN0l4SzkxQ2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALV4vAwQA
wQVBMBgEAgACMBIDBwAqDz2GAQADBwAqE4yGASAwDQYJKoZIhvcNAQELBQADggEB
AHnvL0JEKuOv20m1NvBxhPjqscEuqIHU2liOEjWJ+fr5zLOZK1HRG3IBiXLXnYTc
5U+gR1y6pftzau+v7xJzqyt/qofpbOUJEjeeIOF3Sj2xtwjPZN+MjdpxXdvUtfTf
dWx9CEnQf65YmdC0z/Lt9HBTQSvTMxDLwetuVI1bVBAQh3tA82wzdbZPyweh2zUY
MG3EmIZMaddDWUgg9EaXc+GHqiMzxpw3OFDF831SehZ79uhVtqxeFSW7OIa07HFa
W50jnbujmBjv03agmBeW6m/6mpzHPIoXiHbkYpsHK2DlPvGg6vCx93lZSvTTtnv7
6BxTjlzB3tYlJJTPGbxOjao=
-----END CERTIFICATE-----
Generated at Wed Oct 22 05:21:46 2025 by rpki-client