Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/Ivy3m4Flvw_zoq8Hw6rIxjNbc60.roa
File: Ivy3m4Flvw_zoq8Hw6rIxjNbc60.roa (raw, json)
Hash identifier: r8eSfS6R14mAIVwo2SfhQBG0x09EdYm/K0sgoOKrdGE=
Subject key identifier: 22:FC:B7:9B:81:65:BF:0F:F3:A2:AF:07:C3:AA:C8:C6:33:5B:73:AD
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 01973137034F070B8961AC21D7070B5576DE
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/Ivy3m4Flvw_zoq8Hw6rIxjNbc60.roa
Signing time: Mon 02 Jun 2025 15:16:18 +0000
ROA not before: Mon 02 Jun 2025 15:16:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197580
IP address blocks: 46.245.136.0/21 maxlen: 21
83.174.148.0/23 maxlen: 23
83.174.151.0/24 maxlen: 24
83.174.152.0/23 maxlen: 23
83.174.154.0/24 maxlen: 24
83.174.156.0/22 maxlen: 22
185.42.208.0/24 maxlen: 24
185.42.211.0/24 maxlen: 24
185.254.216.0/23 maxlen: 23
185.254.219.0/24 maxlen: 24
2a01:6320::/32 maxlen: 32
2a05:dec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:37:03:4f:07:0b:89:61:ac:21:d7:07:0b:55:76:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Jun 2 15:16:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22fcb79b8165bf0ff3a2af07c3aac8c6335b73ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:04:3b:db:44:62:3e:dc:b6:35:69:5c:20:ad:
5f:86:3c:7e:48:60:5e:da:51:21:a9:d4:6d:a6:f7:
bf:a0:a1:3a:87:59:bd:d7:6c:91:51:d9:f5:cf:b9:
bc:26:94:87:04:c2:5f:01:ca:2e:75:91:62:bb:23:
99:e1:3e:31:42:c1:52:b4:97:a3:95:8e:bb:48:d1:
7f:1a:1e:e3:80:e4:92:b5:05:11:c7:bf:b1:d0:ee:
01:9b:46:a9:4c:55:be:26:42:6e:ad:30:20:4a:51:
a0:f2:8a:95:76:f5:b0:6e:2b:68:b8:92:89:70:67:
a4:08:83:ee:e0:0b:7d:27:83:3a:91:5c:7a:1b:1b:
bf:bb:93:3e:cc:4e:50:a8:08:e0:dc:bc:47:16:40:
46:48:82:14:41:ff:ce:c3:64:a2:dd:95:39:cb:9b:
e7:ec:40:14:f3:c2:22:6b:10:f6:79:f2:16:e2:d8:
e8:35:68:6c:05:ff:48:fa:90:59:e2:d0:00:b6:6d:
b0:65:69:c6:9f:fc:a9:85:2c:05:0c:a6:8e:1c:8a:
7a:21:5e:15:10:28:cd:a9:bc:30:b4:da:eb:27:89:
8c:2c:ce:a3:64:00:e3:98:6a:c3:a5:cb:78:01:56:
03:a3:8e:06:25:54:80:75:f9:91:f7:f7:55:11:b0:
de:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FC:B7:9B:81:65:BF:0F:F3:A2:AF:07:C3:AA:C8:C6:33:5B:73:AD
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/Ivy3m4Flvw_zoq8Hw6rIxjNbc60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0/23
83.174.151.0-83.174.154.255
83.174.156.0/22
185.42.208.0/24
185.42.211.0/24
185.254.216.0/23
185.254.219.0/24
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
19:a1:db:25:80:b7:3a:bc:23:d7:9b:5d:23:87:13:b7:0d:9f:
39:72:93:36:12:62:b3:7e:90:57:78:9f:19:d8:c2:68:58:f2:
7f:1b:38:b6:a4:99:9d:49:e6:6d:22:11:48:62:4f:b5:99:13:
55:d4:79:57:e5:b9:9c:9c:6e:bb:fa:81:3f:9d:09:35:09:e4:
89:bf:e0:5d:cb:c9:67:88:9b:82:8d:3b:f7:dc:23:df:eb:c2:
e4:37:44:c0:ef:25:45:5d:ab:40:e6:c8:3b:c0:bc:48:36:c6:
ef:a7:06:89:48:2f:bb:d8:44:4a:88:32:b7:37:f0:a2:5b:56:
83:58:a0:5d:25:ba:26:c0:5b:3b:78:1d:ae:b9:86:8f:82:da:
31:86:9b:cd:d0:87:9b:aa:a5:ee:ed:8b:d2:20:5a:57:ba:3e:
62:34:63:78:e3:b5:89:a8:62:13:d4:b2:3f:c1:c5:d0:7b:d5:
80:e0:60:76:e7:b7:e2:aa:cf:51:24:77:69:d4:05:6f:56:74:
13:fe:13:a1:8b:26:60:9f:a9:c9:9d:01:fe:76:34:2e:19:95:
db:c0:39:bc:61:48:b4:53:e1:fb:69:a3:45:ac:f7:cd:ff:76:
28:e6:fb:2e:35:2c:5d:83:16:6d:dc:19:b2:e1:d1:e4:c9:a2:
c9:19:b3:9c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZcxNwNPBwuJYawh1wcLVXbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjUwNjAyMTUxNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZjYjc5YjgxNjViZjBmZjNhMmFmMDdjM2FhYzhjNjMzNWI3M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QQ720RiPty2NWlcIK1fhjx+SGBe
2lEhqdRtpve/oKE6h1m912yRUdn1z7m8JpSHBMJfAcoudZFiuyOZ4T4xQsFStJej
lY67SNF/Gh7jgOSStQURx7+x0O4Bm0apTFW+JkJurTAgSlGg8oqVdvWwbitouJKJ
cGekCIPu4At9J4M6kVx6Gxu/u5M+zE5QqAjg3LxHFkBGSIIUQf/Ow2Si3ZU5y5vn
7EAU88IiaxD2efIW4tjoNWhsBf9I+pBZ4tAAtm2wZWnGn/yphSwFDKaOHIp6IV4V
ECjNqbwwtNrrJ4mMLM6jZADjmGrDpct4AVYDo44GJVSAdfmR9/dVEbDebwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCL8t5uBZb8P86KvB8OqyMYzW3OtMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvSXZ5M200Rmx2d196b3E4SHc2ckl4ak5iYzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDLvWIAwQB
U66UMAwDBABTrpcDBABTrpoDBAJTrpwDBAC5KtADBAC5KtMDBAG5/tgDBAC5/tsw
FAQCAAIwDgMFACoBYyADBQMqBd7AMA0GCSqGSIb3DQEBCwUAA4IBAQAZodslgLc6
vCPXm10jhxO3DZ85cpM2EmKzfpBXeJ8Z2MJoWPJ/Gzi2pJmdSeZtIhFIYk+1mRNV
1HlX5bmcnG67+oE/nQk1CeSJv+Bdy8lniJuCjTv33CPf68LkN0TA7yVFXatA5sg7
wLxINsbvpwaJSC+72ERKiDK3N/CiW1aDWKBdJbomwFs7eB2uuYaPgtoxhpvN0Ieb
qqXu7YvSIFpXuj5iNGN447WJqGIT1LI/wcXQe9WA4GB257fiqs9RJHdp1AVvVnQT
/hOhiyZgn6nJnQH+djQuGZXbwDm8YUi0U+H7aaNFrPfN/3Yo5vsuNSxdgxZt3Bmy
4dHkyaLJGbOc
-----END CERTIFICATE-----
Generated at Sat Jun 14 15:50:09 2025 by rpki-client