Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/lRDNNZCwk7wDe_H4Q4TIuNXHJ6U.roa
File: lRDNNZCwk7wDe_H4Q4TIuNXHJ6U.roa (raw, json)
Hash identifier: Wr1LVv/CBNJaedzrWmalGhXhHfFCafMvAh8UXIMoPcc=
Subject key identifier: 95:10:CD:35:90:B0:93:BC:03:7B:F1:F8:43:84:C8:B8:D5:C7:27:A5
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 01997012CA401F9384FD9CE84C3074F06A58
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/lRDNNZCwk7wDe_H4Q4TIuNXHJ6U.roa
Signing time: Mon 22 Sep 2025 06:18:23 +0000
ROA not before: Mon 22 Sep 2025 06:18:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 45.136.39.0/24 maxlen: 24
185.38.26.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
194.31.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:12:ca:40:1f:93:84:fd:9c:e8:4c:30:74:f0:6a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Sep 22 06:18:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9510cd3590b093bc037bf1f84384c8b8d5c727a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0b:1b:78:9a:2b:3a:83:93:71:8b:ea:e9:d5:
8f:c3:64:d9:5b:4d:59:78:ba:aa:39:04:61:d9:9c:
89:68:d3:e7:98:cb:c3:4e:63:28:9b:48:aa:41:f3:
32:99:ab:8d:76:d2:58:da:98:31:c6:62:38:c3:d2:
d4:1a:dd:f2:d4:45:b6:02:7c:73:23:9a:2c:1a:40:
8e:c8:e4:fa:9f:8e:ce:d2:7a:31:a6:92:f3:d1:af:
2f:05:ba:37:57:5f:52:19:15:25:1c:c9:fa:52:4d:
b6:97:56:69:fa:cb:d8:eb:5b:e5:2e:a1:a1:5e:1d:
23:db:f8:bf:34:2f:0f:6f:64:3e:bf:e0:4a:aa:ae:
3a:ec:ff:de:bd:ab:fe:81:f6:9b:44:89:4e:3c:39:
33:ba:71:2b:ae:a9:93:b8:a8:3d:77:ec:70:0d:5a:
f6:93:db:11:88:4d:c2:e1:ff:af:a8:50:8c:a5:0f:
13:40:b1:b1:22:57:a6:48:76:8a:b2:48:a7:99:ec:
40:33:b3:8e:5d:78:45:54:f3:f5:9a:4c:34:34:45:
cb:65:8f:40:77:24:ec:49:c9:68:f7:f7:85:94:d2:
8a:17:1b:fe:5d:0c:c8:44:20:dc:5a:19:d0:bd:af:
76:97:78:72:96:9c:96:8b:50:1f:f0:13:91:85:76:
d6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:10:CD:35:90:B0:93:BC:03:7B:F1:F8:43:84:C8:B8:D5:C7:27:A5
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/lRDNNZCwk7wDe_H4Q4TIuNXHJ6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.39.0/24
185.38.26.0/24
194.31.165.0/24
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:1b:00:e8:4a:b4:3d:9b:69:c1:cd:3b:1e:cb:0f:b9:54:e5:
27:ef:5a:e5:89:55:39:10:b0:9c:f8:c6:e0:36:46:0d:0f:fc:
b5:ed:f4:0a:18:8c:23:b0:cd:f9:7e:06:5c:a8:75:53:ae:9d:
b7:cf:7d:f0:88:25:76:3b:bb:2a:ea:cd:41:35:e5:2e:90:b7:
6e:e0:f1:4e:a5:6d:4c:3d:18:43:31:43:9a:e1:7b:aa:85:ef:
8e:67:ad:af:dd:fb:7d:77:ea:39:96:ef:ca:5e:f3:27:fe:98:
90:d7:e5:25:a7:0d:70:93:c4:eb:22:f6:b6:de:a1:d8:3d:54:
68:e1:d7:d8:b5:65:59:ee:e3:78:11:1e:60:fc:d0:c2:fb:fc:
de:0a:d5:f4:c6:d4:8c:ee:d4:9b:57:19:a5:a9:7e:88:25:90:
9c:f2:d9:8e:f0:a4:c6:ed:c4:bd:77:13:62:11:2f:65:41:9f:
cc:db:77:04:16:ca:1e:29:01:5a:60:72:df:fa:d3:fb:bf:ef:
57:90:8f:70:04:8c:33:c0:d8:96:60:bf:74:54:ce:eb:4d:68:
72:24:f4:1b:03:f0:4d:8d:87:74:77:3f:2d:b1:a9:34:e8:10:
7a:98:b0:12:60:43:88:f9:af:bb:41:c2:4d:28:d4:e9:d3:43:
92:d0:46:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlwEspAH5OE/ZzoTDB08GpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwOTIyMDYxODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTEwY2QzNTkwYjA5M2JjMDM3YmYxZjg0Mzg0YzhiOGQ1YzcyN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gsbeJorOoOTcYvq6dWPw2TZW01Z
eLqqOQRh2ZyJaNPnmMvDTmMom0iqQfMymauNdtJY2pgxxmI4w9LUGt3y1EW2Anxz
I5osGkCOyOT6n47O0noxppLz0a8vBbo3V19SGRUlHMn6Uk22l1Zp+svY61vlLqGh
Xh0j2/i/NC8Pb2Q+v+BKqq467P/evav+gfabRIlOPDkzunErrqmTuKg9d+xwDVr2
k9sRiE3C4f+vqFCMpQ8TQLGxIlemSHaKskinmexAM7OOXXhFVPP1mkw0NEXLZY9A
dyTsSclo9/eFlNKKFxv+XQzIRCDcWhnQva92l3hylpyWi1Af8BORhXbW0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJUQzTWQsJO8A3vx+EOEyLjVxyelMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvbFJETk5aQ3drN3dEZV9INFE0VEl1TlhISjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYgnAwQA
uSYaAwQAwh+lAwQAwh+nMA0GCSqGSIb3DQEBCwUAA4IBAQCxGwDoSrQ9m2nBzTse
yw+5VOUn71rliVU5ELCc+MbgNkYND/y17fQKGIwjsM35fgZcqHVTrp23z33wiCV2
O7sq6s1BNeUukLdu4PFOpW1MPRhDMUOa4Xuqhe+OZ62v3ft9d+o5lu/KXvMn/piQ
1+Ulpw1wk8TrIva23qHYPVRo4dfYtWVZ7uN4ER5g/NDC+/zeCtX0xtSM7tSbVxml
qX6IJZCc8tmO8KTG7cS9dxNiES9lQZ/M23cEFsoeKQFaYHLf+tP7v+9XkI9wBIwz
wNiWYL90VM7rTWhyJPQbA/BNjYd0dz8tsak06BB6mLASYEOI+a+7QcJNKNTp00OS
0EZv
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:19 2025 by rpki-client