Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dolHUeMcOG3n_XT10nauhYrbidk.roa
File: dolHUeMcOG3n_XT10nauhYrbidk.roa (raw, json)
Hash identifier: LTHdECdWQgInoyQThhGiH/oyDwc4L5pb1fc/+4zfKg4=
Subject key identifier: 76:89:47:51:E3:1C:38:6D:E7:FD:74:F5:D2:76:AE:85:8A:DB:89:D9
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0198F6A44105B9AAD18A930759B58B10BB7B
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dolHUeMcOG3n_XT10nauhYrbidk.roa
Signing time: Fri 29 Aug 2025 16:23:36 +0000
ROA not before: Fri 29 Aug 2025 16:23:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56630
IP address blocks: 46.243.0.0/24 maxlen: 24
185.37.192.0/24 maxlen: 24
185.37.193.0/24 maxlen: 24
194.79.60.0/24 maxlen: 24
194.79.61.0/24 maxlen: 24
194.79.62.0/24 maxlen: 24
194.79.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:a4:41:05:b9:aa:d1:8a:93:07:59:b5:8b:10:bb:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 29 16:23:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76894751e31c386de7fd74f5d276ae858adb89d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:82:c1:29:f1:c9:67:a1:ed:e4:3c:8a:c2:97:
e1:e7:90:27:d5:81:aa:59:5b:ff:65:f5:d0:2d:a5:
b7:1a:cc:65:a4:44:dd:69:df:82:d3:d5:59:a8:55:
e3:d9:c9:60:de:fb:65:1e:9a:d2:df:87:40:92:49:
81:e5:c5:f3:65:09:a0:6f:63:42:00:58:14:fd:2d:
60:87:ce:c2:d3:32:4c:d7:1e:ba:77:c4:01:25:d6:
a9:f2:13:41:81:69:7f:4f:29:e7:09:77:e1:a3:81:
8a:69:b8:5e:54:45:15:b0:70:03:33:53:3c:53:bb:
3b:59:70:45:7c:f0:7a:69:4f:95:3c:a4:5c:26:36:
51:71:7d:c1:70:23:ba:f0:af:c0:6d:5d:68:26:fa:
59:6f:3a:2e:78:f5:c1:0f:a5:34:88:e2:cc:21:13:
88:e0:c0:62:41:7e:1d:51:fd:85:39:10:bc:30:13:
1d:eb:b2:39:9c:15:10:bd:4f:aa:a1:05:80:b6:be:
03:ab:b3:7f:49:89:e6:39:5f:d2:46:10:42:23:27:
2d:cd:7d:94:5e:51:29:5d:0f:00:82:19:30:10:c0:
58:34:ca:0d:87:44:0d:c8:7a:b4:d9:98:72:4a:23:
f0:bf:c9:6d:ac:2f:9b:62:57:92:d0:bc:d8:5e:f2:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:89:47:51:E3:1C:38:6D:E7:FD:74:F5:D2:76:AE:85:8A:DB:89:D9
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/dolHUeMcOG3n_XT10nauhYrbidk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.0.0/24
185.37.192.0/23
194.79.60.0/22
Signature Algorithm: sha256WithRSAEncryption
37:65:21:37:3d:93:a1:c4:31:e3:b0:fe:aa:e4:bf:b0:0f:60:
0b:e8:ac:fd:72:b3:12:de:8a:ac:73:b3:24:fe:16:b2:50:a6:
6c:aa:a9:27:f0:09:2e:1f:d4:c6:4e:db:80:d7:2d:77:52:cc:
5a:44:68:c4:b4:d1:39:c4:fd:63:8f:73:5d:ac:df:aa:d6:db:
0f:01:12:05:89:5f:9a:2e:7d:ee:1f:e6:82:dc:0a:03:fc:82:
87:95:06:27:ae:c8:5b:aa:50:00:2d:44:a1:e8:3e:04:d2:0d:
e2:f0:85:b5:0d:24:f8:3b:b9:a4:ce:1d:90:73:f2:bb:08:a0:
63:31:17:59:05:4f:62:e6:ed:53:27:1e:0d:a3:6c:a5:18:df:
52:65:9b:99:fb:11:8b:55:ee:37:32:f2:bb:11:93:56:bc:b4:
bc:ae:bf:83:71:a6:04:1d:e3:31:90:81:d1:6d:63:69:31:54:
e7:c5:08:46:a3:0c:20:c0:4a:09:c6:e3:d4:b9:d5:b0:6d:41:
a9:3d:f8:f4:a4:29:b5:7a:c5:15:c1:99:0d:bb:bd:89:05:3b:
c0:90:2e:1a:d1:b5:40:2a:78:23:e5:fb:c7:4d:29:a2:5f:47:
9d:e2:e8:8b:f5:04:be:e1:08:2c:7f:4e:e0:67:3e:90:d6:2f:
35:e8:38:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZj2pEEFuarRipMHWbWLELt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODI5MTYyMzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg5NDc1MWUzMWMzODZkZTdmZDc0ZjVkMjc2YWU4NThhZGI4OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4LBKfHJZ6Ht5DyKwpfh55An1YGq
WVv/ZfXQLaW3GsxlpETdad+C09VZqFXj2clg3vtlHprS34dAkkmB5cXzZQmgb2NC
AFgU/S1gh87C0zJM1x66d8QBJdap8hNBgWl/TynnCXfho4GKabheVEUVsHADM1M8
U7s7WXBFfPB6aU+VPKRcJjZRcX3BcCO68K/AbV1oJvpZbzouePXBD6U0iOLMIROI
4MBiQX4dUf2FORC8MBMd67I5nBUQvU+qoQWAtr4Dq7N/SYnmOV/SRhBCIyctzX2U
XlEpXQ8AghkwEMBYNMoNh0QNyHq02ZhySiPwv8ltrC+bYleS0LzYXvLT0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHaJR1HjHDht5/109dJ2roWK24nZMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvZG9sSFVlTWNPRzNuX1hUMTBuYXVoWXJiaWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALvMAAwQB
uSXAAwQCwk88MA0GCSqGSIb3DQEBCwUAA4IBAQA3ZSE3PZOhxDHjsP6q5L+wD2AL
6Kz9crMS3oqsc7Mk/hayUKZsqqkn8AkuH9TGTtuA1y13UsxaRGjEtNE5xP1jj3Nd
rN+q1tsPARIFiV+aLn3uH+aC3AoD/IKHlQYnrshbqlAALUSh6D4E0g3i8IW1DST4
O7mkzh2Qc/K7CKBjMRdZBU9i5u1TJx4No2ylGN9SZZuZ+xGLVe43MvK7EZNWvLS8
rr+DcaYEHeMxkIHRbWNpMVTnxQhGowwgwEoJxuPUudWwbUGpPfj0pCm1esUVwZkN
u72JBTvAkC4a0bVAKngj5fvHTSmiX0ed4uiL9QS+4Qgsf07gZz6Q1i816DiQ
-----END CERTIFICATE-----
Generated at Sat Sep 6 12:26:56 2025 by rpki-client