Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/wrVdtsFJg-xxcwL89uUP6qnVtLk.roa
File: wrVdtsFJg-xxcwL89uUP6qnVtLk.roa (raw, json)
Hash identifier: Y5fuW3nl7fba2JKNfboUC/pVBV59jurhYdqhnS+frGI=
Subject key identifier: C2:B5:5D:B6:C1:49:83:EC:71:73:02:FC:F6:E5:0F:EA:A9:D5:B4:B9
Certificate issuer: /CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Certificate serial: 0198F5535685B9DA4FFB67694F7BA6EFC85A
Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/wrVdtsFJg-xxcwL89uUP6qnVtLk.roa
Signing time: Fri 29 Aug 2025 10:15:36 +0000
ROA not before: Fri 29 Aug 2025 10:15:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208288
IP address blocks: 45.147.112.0/22 maxlen: 22
45.147.112.0/23 maxlen: 23
45.147.112.0/24 maxlen: 24
45.147.113.0/24 maxlen: 24
45.147.114.0/23 maxlen: 23
45.147.114.0/24 maxlen: 24
45.147.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:53:56:85:b9:da:4f:fb:67:69:4f:7b:a6:ef:c8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Validity
Not Before: Aug 29 10:15:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2b55db6c14983ec717302fcf6e50feaa9d5b4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8e:35:21:e0:94:53:bb:a5:d2:9a:ae:2c:dd:
f4:a4:b5:cf:30:26:70:6b:ce:68:d5:fa:05:59:3b:
05:9d:f6:18:1a:34:9c:3d:d8:5a:6b:a8:c9:4b:61:
d6:e2:0e:64:73:a6:55:f9:ec:9f:ca:7e:7c:5a:f6:
8c:0d:54:8d:de:a0:74:5b:33:73:71:47:d1:67:90:
ae:58:f8:c6:a4:82:f8:bb:43:56:91:b3:e1:34:79:
ef:48:c4:f4:66:af:56:03:04:af:89:00:cb:b6:9f:
7d:a8:79:73:5f:a8:31:d5:06:b3:4c:c4:bf:c3:8c:
5e:39:9f:45:eb:9d:21:53:42:81:8c:00:b9:1e:36:
b8:1b:d2:27:ca:31:a4:ec:8c:34:a4:84:2f:cd:28:
ca:cf:67:8a:da:1e:60:05:38:62:fd:1b:f1:9b:c2:
d9:bd:0c:f5:7b:27:cb:57:4e:1f:0f:8e:1c:0f:d2:
7e:ae:4e:27:b7:37:e3:c2:c0:30:c8:04:14:92:66:
4a:5c:57:be:e1:d1:db:23:24:62:2e:60:05:c1:fa:
7b:02:70:9f:75:fa:39:15:79:8c:c8:a3:eb:af:66:
27:5d:8e:0e:c8:21:15:f9:c3:5b:51:d7:7c:98:66:
a5:47:52:00:99:72:94:07:88:67:28:b6:e5:95:50:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B5:5D:B6:C1:49:83:EC:71:73:02:FC:F6:E5:0F:EA:A9:D5:B4:B9
X509v3 Authority Key Identifier:
keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/wrVdtsFJg-xxcwL89uUP6qnVtLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.112.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:b6:bd:0a:c4:81:ff:f7:ff:98:f4:5f:28:fb:0c:57:4c:65:
37:0f:22:84:60:85:5f:c8:9b:4c:19:74:3f:97:d0:62:08:dc:
e7:c8:e4:72:03:a8:07:f0:5d:81:27:b8:6d:04:69:4e:dd:76:
48:46:63:ff:ff:23:7a:79:7b:3a:df:2f:e0:99:4b:38:25:c6:
cb:dc:5c:c2:ba:d7:fa:09:fe:b1:80:f8:6b:94:09:25:ed:ab:
65:2b:1a:3d:b6:ca:5b:ef:c7:e6:44:2e:60:27:8c:56:67:bf:
38:9b:2f:e4:98:8c:5d:b2:a2:1b:66:46:70:c6:bd:fa:a0:c6:
e1:d4:2c:91:5d:cf:02:21:83:e1:28:22:d7:ce:20:e0:42:46:
cd:f5:c5:f8:9f:27:8e:0b:82:50:9e:8c:55:9e:f9:85:7b:0d:
ba:50:e2:66:02:79:36:bb:48:23:06:74:a5:5a:88:02:3c:f9:
ef:e9:40:06:0a:89:f0:4f:af:10:09:d6:87:cf:da:24:d0:13:
f1:33:4f:f0:53:8d:56:5e:49:a6:2b:72:25:6f:86:66:68:bd:
eb:76:96:85:03:70:48:02:f9:33:9e:d0:1c:77:b4:a2:fa:16:
56:bd:99:8c:e3:7a:79:c1:07:75:c5:aa:69:c2:10:94:01:4a:
a8:33:a7:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZj1U1aFudpP+2dpT3um78haMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTA4NTNhMjRhOGM3NjIyMzRlODkxM2E0YTViMjk4NWMz
MzFkYWQwHhcNMjUwODI5MTAxNTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI1NWRiNmMxNDk4M2VjNzE3MzAyZmNmNmU1MGZlYWE5ZDViNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I41IeCUU7ul0pquLN30pLXPMCZw
a85o1foFWTsFnfYYGjScPdhaa6jJS2HW4g5kc6ZV+eyfyn58WvaMDVSN3qB0WzNz
cUfRZ5CuWPjGpIL4u0NWkbPhNHnvSMT0Zq9WAwSviQDLtp99qHlzX6gx1QazTMS/
w4xeOZ9F650hU0KBjAC5Hja4G9InyjGk7Iw0pIQvzSjKz2eK2h5gBThi/Rvxm8LZ
vQz1eyfLV04fD44cD9J+rk4ntzfjwsAwyAQUkmZKXFe+4dHbIyRiLmAFwfp7AnCf
dfo5FXmMyKPrr2YnXY4OyCEV+cNbUdd8mGalR1IAmXKUB4hnKLbllVB7SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMK1XbbBSYPscXMC/PblD+qp1bS5MB8GA1UdIwQY
MBaAFJpQhTokqMdiI06JE6SlsphcMx2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgt
ODhiNThkMDJiMmExLzEvd3JWZHRzRkpnLXh4Y3dMODl1VVA2cW5WdExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgtODhiNThkMDJiMmEx
LzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZNwMA0G
CSqGSIb3DQEBCwUAA4IBAQArtr0KxIH/9/+Y9F8o+wxXTGU3DyKEYIVfyJtMGXQ/
l9BiCNznyORyA6gH8F2BJ7htBGlO3XZIRmP//yN6eXs63y/gmUs4JcbL3FzCutf6
Cf6xgPhrlAkl7atlKxo9tspb78fmRC5gJ4xWZ784my/kmIxdsqIbZkZwxr36oMbh
1CyRXc8CIYPhKCLXziDgQkbN9cX4nyeOC4JQnoxVnvmFew26UOJmAnk2u0gjBnSl
WogCPPnv6UAGConwT68QCdaHz9ok0BPxM0/wU41WXkmmK3Ilb4ZmaL3rdpaFA3BI
AvkzntAcd7Si+hZWvZmM43p5wQd1xappwhCUAUqoM6f7
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:35:44 2025 by rpki-client