Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IjGKaTutBbkICXXHozBPIKypf7w.roa
File: IjGKaTutBbkICXXHozBPIKypf7w.roa (raw, json)
Hash identifier: VOW95FZ8AySSPLpDvWDxYXW9/q1IIZz9SXX0RExSn7w=
Subject key identifier: 22:31:8A:69:3B:AD:05:B9:08:09:75:C7:A3:30:4F:20:AC:A9:7F:BC
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0199A87A2B24164179C7991420B023512E5C
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IjGKaTutBbkICXXHozBPIKypf7w.roa
Signing time: Fri 03 Oct 2025 05:10:02 +0000
ROA not before: Fri 03 Oct 2025 05:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142111
IP address blocks: 46.37.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a8:7a:2b:24:16:41:79:c7:99:14:20:b0:23:51:2e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 3 05:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22318a693bad05b9080975c7a3304f20aca97fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:f6:d4:8b:24:12:1c:bd:1d:9b:7c:f8:74:
25:3a:10:4d:6e:f8:86:ab:0b:13:2e:c6:bf:bf:8e:
11:53:dc:8d:a2:aa:22:24:cf:13:82:1b:3d:8a:8c:
d7:7e:08:b4:48:98:f2:a4:95:0f:8f:08:36:70:67:
7e:af:95:e2:8c:ca:d2:25:19:f8:2d:b9:63:28:49:
72:6b:f4:48:92:4c:56:1a:96:a0:d9:e0:20:65:87:
b8:62:af:be:e5:d4:5e:6d:90:c1:cc:b1:c5:c0:39:
19:2a:e2:4e:dd:eb:d2:44:ab:9b:90:00:f2:12:e1:
76:62:c4:9e:2a:b7:dc:1f:27:d1:7b:6c:8d:98:3a:
d0:1b:a9:fe:69:22:cf:98:d0:43:6a:4c:1f:1f:dd:
e0:80:64:32:19:7e:ca:33:f3:1a:81:7b:cd:3f:82:
89:06:98:89:c1:20:ff:9d:55:bf:60:6b:a8:ef:67:
88:a4:07:bb:08:21:62:53:1a:cd:bf:fe:9d:a5:f8:
56:5b:a1:4b:cb:79:e1:3d:e3:45:f5:2c:ab:0e:90:
7f:05:bd:ba:1f:7a:2c:b8:af:45:07:cc:a2:22:38:
29:c5:a7:e7:7e:eb:18:a1:2d:bb:3b:2a:fd:cf:5d:
e6:7f:f5:d1:6b:76:9c:ae:bb:a2:00:31:c2:3a:a1:
04:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:31:8A:69:3B:AD:05:B9:08:09:75:C7:A3:30:4F:20:AC:A9:7F:BC
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/IjGKaTutBbkICXXHozBPIKypf7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.112.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4f:18:76:eb:ca:b5:a5:55:4f:6e:62:8e:b6:74:9f:9e:e4:
4d:98:40:f8:6e:ee:4f:2f:e6:90:24:f2:8f:5e:bc:d7:d9:f9:
75:8d:51:ca:fa:b6:26:09:9a:f1:48:9b:b0:93:ac:7b:27:4e:
40:55:ea:f7:96:20:9c:74:c8:b3:e2:00:7c:d5:58:6f:e1:b1:
49:6e:e9:36:c6:8d:4c:24:21:84:b4:32:fe:c0:14:1a:10:ea:
96:b0:6a:4a:64:2c:5d:5a:31:6b:f8:41:a0:2b:b1:cb:ea:5d:
f8:23:e8:4f:64:b4:58:a4:84:09:19:0c:16:63:e9:8c:4f:e4:
0e:b1:f9:44:24:60:d8:df:2d:c4:c7:82:b1:e8:2e:2c:c2:5d:
1a:53:ec:5a:b6:50:8f:e9:54:8f:b1:f8:5e:92:7b:91:04:76:
a0:1c:c7:15:46:04:09:96:fa:5c:16:ab:19:03:b7:20:44:de:
54:9a:e4:63:ef:37:4e:21:38:43:8f:b1:e8:fd:39:62:92:9a:
45:87:e1:07:92:1d:bc:e8:ce:98:bb:18:4b:36:63:fc:d8:4f:
9d:7a:23:50:3c:ba:1f:9c:67:2f:14:e4:93:7a:27:1e:9b:06:
48:e1:26:c0:99:69:3c:3a:c8:d1:6b:c8:95:93:42:df:2c:15:
13:37:31:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmoeiskFkF5x5kUILAjUS5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUxMDAzMDUxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjMxOGE2OTNiYWQwNWI5MDgwOTc1YzdhMzMwNGYyMGFjYTk3ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh/21IskEhy9HZt8+HQlOhBNbviG
qwsTLsa/v44RU9yNoqoiJM8Tghs9iozXfgi0SJjypJUPjwg2cGd+r5XijMrSJRn4
LbljKElya/RIkkxWGpag2eAgZYe4Yq++5dRebZDBzLHFwDkZKuJO3evSRKubkADy
EuF2YsSeKrfcHyfRe2yNmDrQG6n+aSLPmNBDakwfH93ggGQyGX7KM/MagXvNP4KJ
BpiJwSD/nVW/YGuo72eIpAe7CCFiUxrNv/6dpfhWW6FLy3nhPeNF9SyrDpB/Bb26
H3osuK9FB8yiIjgpxafnfusYoS27Oyr9z13mf/XRa3acrruiADHCOqEE2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIximk7rQW5CAl1x6MwTyCsqX+8MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvSWpHS2FUdXRCYmtJQ1hYSG96QlBJS3lwZjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVwMA0G
CSqGSIb3DQEBCwUAA4IBAQApTxh268q1pVVPbmKOtnSfnuRNmED4bu5PL+aQJPKP
XrzX2fl1jVHK+rYmCZrxSJuwk6x7J05AVer3liCcdMiz4gB81Vhv4bFJbuk2xo1M
JCGEtDL+wBQaEOqWsGpKZCxdWjFr+EGgK7HL6l34I+hPZLRYpIQJGQwWY+mMT+QO
sflEJGDY3y3Ex4Kx6C4swl0aU+xatlCP6VSPsfheknuRBHagHMcVRgQJlvpcFqsZ
A7cgRN5UmuRj7zdOIThDj7Ho/TlikppFh+EHkh286M6YuxhLNmP82E+deiNQPLof
nGcvFOSTeicemwZI4SbAmWk8OsjRa8iVk0LfLBUTNzH9
-----END CERTIFICATE-----
Generated at Sat Oct 18 18:48:23 2025 by rpki-client