Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/CshdLYgm8KyBI5ue0kfqXsT_Uys.roa
File: CshdLYgm8KyBI5ue0kfqXsT_Uys.roa (raw, json)
Hash identifier: DVS6FpXLV5zruadQ+b5hngh4jzKnFCNJRTeuOL+rHMo=
Subject key identifier: 0A:C8:5D:2D:88:26:F0:AC:81:23:9B:9E:D2:47:EA:5E:C4:FF:53:2B
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 019919338FE4C0B65D2989251CAC2EA5FF34
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/CshdLYgm8KyBI5ue0kfqXsT_Uys.roa
Signing time: Fri 05 Sep 2025 09:27:13 +0000
ROA not before: Fri 05 Sep 2025 09:27:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20668
IP address blocks: 89.35.0.0/23 maxlen: 24
89.40.42.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
188.214.150.0/24 maxlen: 24
194.26.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:19:33:8f:e4:c0:b6:5d:29:89:25:1c:ac:2e:a5:ff:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Sep 5 09:27:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ac85d2d8826f0ac81239b9ed247ea5ec4ff532b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:82:cf:14:a3:9b:26:4f:65:26:8b:9c:d4:f3:
97:52:83:af:6d:34:38:2f:94:dc:8c:72:bb:b0:20:
78:04:65:aa:55:eb:5e:3a:54:03:82:ab:f9:79:84:
53:3b:55:d6:4f:a0:f5:50:22:94:26:f4:c8:29:c0:
9d:9e:3c:31:c0:c2:70:e5:83:66:e6:05:ec:71:78:
4c:a6:81:1e:15:3a:90:64:a8:b2:de:ea:ae:e2:15:
5c:6b:96:11:ea:2f:2d:eb:d2:77:df:10:e8:08:5e:
13:43:f3:93:0d:8b:04:b3:79:55:8c:b1:a5:a2:c3:
3f:ca:84:33:2c:76:a2:7c:e8:01:6b:df:b3:ca:57:
0a:d9:59:81:f9:a3:71:e7:9e:1d:f5:cb:54:63:fa:
5b:d0:17:17:ea:11:1a:5f:4d:cf:a1:9f:55:a1:9b:
51:b0:80:04:14:f0:7b:c1:62:cc:e7:ae:f1:17:3b:
f4:97:08:9e:79:a2:3b:f4:f3:cd:78:d7:86:d3:1b:
f5:9a:76:a8:2a:17:5c:d7:19:11:9e:ce:0d:7f:80:
50:17:66:dc:c4:e3:65:be:b8:e5:2c:a5:f9:3e:a8:
12:18:3e:79:ad:18:28:3a:64:32:91:d4:a9:59:fc:
1e:69:60:f2:4c:77:d0:fd:75:c8:ce:10:dc:9e:60:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C8:5D:2D:88:26:F0:AC:81:23:9B:9E:D2:47:EA:5E:C4:FF:53:2B
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/CshdLYgm8KyBI5ue0kfqXsT_Uys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.0.0/23
89.40.42.0/24
93.113.205.0/24
188.214.150.0/24
194.26.128.0/24
Signature Algorithm: sha256WithRSAEncryption
08:87:0e:51:b5:73:70:cc:27:00:b0:d5:74:20:f7:ca:cf:d1:
72:c5:62:34:34:61:b9:4d:6e:f3:65:8d:26:93:47:1b:32:94:
a3:72:d6:59:37:e7:02:96:80:c5:ab:3e:b5:b4:91:06:75:d9:
70:ea:b6:39:d7:c5:7f:86:46:eb:1f:e0:9c:70:b3:63:0e:a6:
3f:c9:74:c9:15:e7:5f:90:f9:9e:3b:11:e7:50:fd:44:64:60:
3d:91:63:ac:e1:05:73:18:24:53:1f:17:c7:51:51:b0:f0:0a:
eb:20:aa:24:00:09:13:31:3a:f4:10:9a:f5:03:d8:03:5b:ca:
d4:07:5c:92:a9:d1:c1:aa:65:7d:e9:24:42:5b:9e:ee:38:48:
77:f1:5b:02:13:3b:50:c5:50:f4:f2:d6:fb:7c:3f:d9:bd:6d:
9e:a2:a4:ae:a1:b7:48:0e:86:45:50:10:44:a8:f0:7a:9a:2f:
1a:00:7b:b7:68:b7:15:50:06:64:95:00:c8:96:e5:32:57:28:
4f:91:4b:7b:02:83:6f:04:ea:90:d2:f6:ae:4b:4f:4c:1b:0a:
e2:7d:46:f6:4b:55:7f:22:11:bc:78:f9:a6:0e:cf:8f:2e:84:
3f:78:3a:26:2a:93:b8:a2:9f:1c:6a:7a:43:b2:b2:3d:46:85:
73:28:b3:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZkZM4/kwLZdKYklHKwupf80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjUwOTA1MDkyNzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWM4NWQyZDg4MjZmMGFjODEyMzliOWVkMjQ3ZWE1ZWM0ZmY1MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ILPFKObJk9lJouc1POXUoOvbTQ4
L5TcjHK7sCB4BGWqVeteOlQDgqv5eYRTO1XWT6D1UCKUJvTIKcCdnjwxwMJw5YNm
5gXscXhMpoEeFTqQZKiy3uqu4hVca5YR6i8t69J33xDoCF4TQ/OTDYsEs3lVjLGl
osM/yoQzLHaifOgBa9+zylcK2VmB+aNx554d9ctUY/pb0BcX6hEaX03PoZ9VoZtR
sIAEFPB7wWLM567xFzv0lwieeaI79PPNeNeG0xv1mnaoKhdc1xkRns4Nf4BQF2bc
xONlvrjlLKX5PqgSGD55rRgoOmQykdSpWfweaWDyTHfQ/XXIzhDcnmDB7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFArIXS2IJvCsgSObntJH6l7E/1MrMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvQ3NoZExZZ204S3lCSTV1ZTBrZnFYc1RfVXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWSMAAwQA
WSgqAwQAXXHNAwQAvNaWAwQAwhqAMA0GCSqGSIb3DQEBCwUAA4IBAQAIhw5RtXNw
zCcAsNV0IPfKz9FyxWI0NGG5TW7zZY0mk0cbMpSjctZZN+cCloDFqz61tJEGddlw
6rY518V/hkbrH+CccLNjDqY/yXTJFedfkPmeOxHnUP1EZGA9kWOs4QVzGCRTHxfH
UVGw8ArrIKokAAkTMTr0EJr1A9gDW8rUB1ySqdHBqmV96SRCW57uOEh38VsCEztQ
xVD08tb7fD/ZvW2eoqSuobdIDoZFUBBEqPB6mi8aAHu3aLcVUAZklQDIluUyVyhP
kUt7AoNvBOqQ0vauS09MGwrifUb2S1V/IhG8ePmmDs+PLoQ/eDomKpO4op8canpD
srI9RoVzKLMS
-----END CERTIFICATE-----
Generated at Thu Sep 18 07:10:47 2025 by rpki-client