Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/dPOsPKxQV7RK7bRZH219oriyw2A.roa
File: dPOsPKxQV7RK7bRZH219oriyw2A.roa (raw, json)
Hash identifier: LGV5o25NJR8U4mI0sYyGAmjYHBoshsRrD6voeO6vKNo=
Subject key identifier: 74:F3:AC:3C:AC:50:57:B4:4A:ED:B4:59:1F:6D:7D:A2:B8:B2:C3:60
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01990F9431A63B2EECA345DFE68CD17E637E
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/dPOsPKxQV7RK7bRZH219oriyw2A.roa
Signing time: Wed 03 Sep 2025 12:36:34 +0000
ROA not before: Wed 03 Sep 2025 12:36:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.140.58.0/24 maxlen: 24
212.81.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:94:31:a6:3b:2e:ec:a3:45:df:e6:8c:d1:7e:63:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Sep 3 12:36:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74f3ac3cac5057b44aedb4591f6d7da2b8b2c360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9d:2f:7a:ed:9c:ff:4a:db:c1:0c:91:87:3f:
1a:6a:bb:a2:7b:85:b5:78:48:bd:e1:a9:fb:49:e5:
00:0a:ae:a8:20:d0:08:40:b6:0a:b7:42:b8:a2:c1:
62:8f:38:87:d4:73:0d:6c:ec:a9:56:93:49:ee:5b:
6b:c4:ea:b6:05:5a:85:b1:b8:77:e0:2a:88:9f:59:
50:66:e0:5a:fe:d6:0c:53:15:ee:a8:a0:b6:03:6d:
42:be:5e:0e:5b:95:b5:91:29:a4:bb:65:1f:31:fa:
da:44:8c:06:d4:8d:83:0a:7a:a0:ec:09:88:a9:02:
3c:7b:ec:a5:21:3a:b5:4b:b7:dd:4e:88:a8:ff:a1:
2f:23:19:60:9f:1e:fb:22:1b:74:08:78:47:3d:89:
7a:cb:fd:94:a3:cd:58:73:7b:5c:a4:1c:40:2b:b9:
e8:ab:e5:1b:49:d3:86:70:d4:e8:ef:f7:77:19:84:
61:89:93:b0:e5:06:da:9c:d2:ec:75:7a:6d:87:ad:
6e:b9:e3:e4:75:0f:cc:42:9d:3b:d4:d5:9f:1e:05:
b8:68:c9:76:c7:6f:31:94:bf:df:43:42:f4:a6:ad:
ef:f3:55:e9:1b:79:fb:df:8a:53:90:b2:88:c6:f1:
bb:7f:e3:80:63:a5:29:a4:11:d6:bf:3e:4e:77:0b:
2c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F3:AC:3C:AC:50:57:B4:4A:ED:B4:59:1F:6D:7D:A2:B8:B2:C3:60
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/dPOsPKxQV7RK7bRZH219oriyw2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.58.0/24
212.81.44.0/24
Signature Algorithm: sha256WithRSAEncryption
09:a8:1a:0d:d6:39:6d:be:22:9d:be:58:2d:80:dc:b2:a2:3a:
0a:24:6b:4d:3b:1e:af:c2:ca:31:cf:80:19:3f:8f:24:df:be:
1f:d0:f8:68:2e:81:a2:1f:af:50:2e:12:5c:1a:cf:d1:4b:39:
03:48:af:80:6a:d9:92:7d:a2:bc:c2:f2:5b:7d:d3:ed:7f:60:
1a:e0:a3:b3:f1:c6:59:82:d8:62:48:41:03:13:de:9a:da:69:
ca:c1:69:fb:bc:0e:2c:c5:2b:9c:fc:9f:0e:b4:d9:94:85:81:
03:5d:3e:43:2a:62:0c:28:ea:83:38:1a:fb:26:cd:87:83:67:
79:03:c1:40:06:7c:a0:fe:6a:50:57:a2:b7:67:c3:c4:ec:02:
c3:5e:43:d9:f3:32:a5:80:c1:09:08:fe:2f:af:ff:65:b7:72:
15:70:2a:68:54:22:94:cd:d6:f9:3f:b6:87:ee:e5:09:36:3b:
41:f9:bb:2c:c4:48:a3:52:6c:4c:2a:b7:5d:61:69:0d:fe:85:
a6:cc:bf:b0:85:c6:c0:eb:1b:90:fe:88:88:4f:20:11:f9:e9:
93:10:d7:af:84:c5:3b:6b:99:35:3d:84:a1:cc:c1:c7:c0:87:
c2:f1:ee:54:5a:4f:6d:ae:38:58:84:88:92:cc:1f:f7:a6:f7:
16:5e:c6:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkPlDGmOy7so0Xf5ozRfmN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwOTAzMTIzNjM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYzYWMzY2FjNTA1N2I0NGFlZGI0NTkxZjZkN2RhMmI4YjJjMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp0veu2c/0rbwQyRhz8aaruie4W1
eEi94an7SeUACq6oINAIQLYKt0K4osFijziH1HMNbOypVpNJ7ltrxOq2BVqFsbh3
4CqIn1lQZuBa/tYMUxXuqKC2A21Cvl4OW5W1kSmku2UfMfraRIwG1I2DCnqg7AmI
qQI8e+ylITq1S7fdToio/6EvIxlgnx77Iht0CHhHPYl6y/2Uo81Yc3tcpBxAK7no
q+UbSdOGcNTo7/d3GYRhiZOw5QbanNLsdXpth61uuePkdQ/MQp071NWfHgW4aMl2
x28xlL/fQ0L0pq3v81XpG3n734pTkLKIxvG7f+OAY6UppBHWvz5OdwssEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTzrDysUFe0Su20WR9tfaK4ssNgMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvZFBPc1BLeFFWN1JLN2JSWkgyMTlvcml5dzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYw6AwQA
1FEsMA0GCSqGSIb3DQEBCwUAA4IBAQAJqBoN1jltviKdvlgtgNyyojoKJGtNOx6v
wsoxz4AZP48k374f0PhoLoGiH69QLhJcGs/RSzkDSK+AatmSfaK8wvJbfdPtf2Aa
4KOz8cZZgthiSEEDE96a2mnKwWn7vA4sxSuc/J8OtNmUhYEDXT5DKmIMKOqDOBr7
Js2Hg2d5A8FABnyg/mpQV6K3Z8PE7ALDXkPZ8zKlgMEJCP4vr/9lt3IVcCpoVCKU
zdb5P7aH7uUJNjtB+bssxEijUmxMKrddYWkN/oWmzL+whcbA6xuQ/oiITyAR+emT
ENevhMU7a5k1PYShzMHHwIfC8e5UWk9trjhYhIiSzB/3pvcWXsZ8
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:14:27 2025 by rpki-client