Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/VJ4tqhsbAxvbZbMk4UpOcvURbX8.roa
File: VJ4tqhsbAxvbZbMk4UpOcvURbX8.roa (raw, json)
Hash identifier: rFhoSBbOl1/XJywdO7kEvMzIk6v7w1dBiBMHnGzvKJc=
Subject key identifier: 54:9E:2D:AA:1B:1B:03:1B:DB:65:B3:24:E1:4A:4E:72:F5:11:6D:7F
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 0198C6C56E046CA3CEFA3F17B5B665042DA6
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/VJ4tqhsbAxvbZbMk4UpOcvURbX8.roa
Signing time: Wed 20 Aug 2025 09:18:04 +0000
ROA not before: Wed 20 Aug 2025 09:18:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56798
IP address blocks: 45.66.220.0/22 maxlen: 22
45.86.36.0/24 maxlen: 24
91.200.144.0/24 maxlen: 24
91.207.207.0/24 maxlen: 24
91.223.132.0/24 maxlen: 24
185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
195.114.125.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
2a0f:9180:1::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
2a10:d440:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.mft
rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:c5:6e:04:6c:a3:ce:fa:3f:17:b5:b6:65:04:2d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Aug 20 09:18:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=549e2daa1b1b031bdb65b324e14a4e72f5116d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:e0:21:f7:ca:09:f1:ea:f2:02:42:27:2a:
ac:42:26:4f:b9:0c:51:aa:bc:46:96:c4:c9:1d:20:
29:57:8c:83:1c:2a:28:e9:03:9a:5b:75:eb:69:64:
6a:5e:9e:e8:9f:dc:60:19:22:06:3b:9f:1f:b8:af:
53:8d:86:b6:50:d5:84:bb:03:b7:78:00:24:96:90:
0a:ab:b6:5b:d2:93:2f:5b:68:72:ca:5e:63:42:9f:
ef:2c:4d:63:27:03:fd:b1:b8:85:af:b7:87:d1:0e:
9e:8c:d0:3b:d1:f1:e3:bb:5f:d3:0a:79:83:66:92:
32:ba:de:e9:16:ab:ba:78:48:92:0b:08:e5:46:0b:
49:da:82:15:fa:8e:4f:6e:25:15:a7:1f:6e:e6:ec:
bd:9a:4d:cc:85:65:b4:66:1f:50:46:a8:a2:40:66:
7f:cc:7d:de:03:90:d6:ba:8e:a9:0b:52:bd:b8:66:
9f:1b:a9:7e:77:84:1a:b3:77:c0:b6:e0:0f:f8:83:
11:af:54:f2:83:19:15:ec:97:c0:94:3a:4a:3f:03:
98:91:f9:6b:4c:99:01:e9:7e:d8:53:26:09:aa:3b:
bf:08:e6:ea:c7:98:d5:e5:02:91:11:49:06:60:0d:
aa:a8:ad:66:f9:0c:9d:d9:e1:02:54:e7:af:4c:83:
4a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9E:2D:AA:1B:1B:03:1B:DB:65:B3:24:E1:4A:4E:72:F5:11:6D:7F
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/VJ4tqhsbAxvbZbMk4UpOcvURbX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
45.86.36.0/24
91.200.144.0/24
91.207.207.0/24
91.223.132.0/24
185.34.102.0/24
185.54.7.0/24
193.17.33.0/24
195.114.125.0/24
IPv6:
2a0f:9180::/29
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:13:83:e4:43:53:1d:99:ce:39:ff:d0:0e:80:13:e7:f0:64:
76:e1:88:05:64:d6:11:a3:1f:ac:5f:68:31:d4:b1:f1:73:e5:
e0:58:74:e2:1a:a2:62:26:31:b0:99:9c:e4:10:86:5d:e2:ef:
1b:1d:94:df:83:33:4c:89:d2:7a:a1:e1:44:8c:cc:aa:ca:7e:
dc:e5:b9:44:6f:02:c7:7e:32:93:26:f0:c2:a0:79:4d:42:01:
ec:9c:6e:3e:49:5e:b7:3d:e0:16:c8:68:1d:20:b9:79:ba:32:
43:55:9e:bf:3b:09:23:76:26:54:27:24:48:0e:b5:58:15:34:
41:2a:53:46:d4:14:73:17:49:ee:aa:59:af:86:56:f0:14:5e:
7c:09:a9:9b:74:ce:fa:8c:9d:e8:53:8e:9f:4c:51:fa:ab:23:
8b:75:35:1e:f1:de:fa:a5:26:71:df:b9:00:46:12:d2:43:b5:
95:c9:b3:b2:1a:4b:ab:ba:f6:eb:33:f5:48:cf:03:b0:b5:7e:
fc:6b:80:30:22:53:e0:a6:f1:b7:39:03:8f:11:b7:a2:3a:b2:
11:22:c9:b5:e5:d9:99:8f:b1:78:0f:c5:da:bd:9b:20:26:23:
e8:48:79:0b:d2:02:c1:a6:8f:7b:de:74:d3:49:50:ad:81:06:
31:6d:ba:90
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZjGxW4EbKPO+j8XtbZlBC2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjUwODIwMDkxODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDllMmRhYTFiMWIwMzFiZGI2NWIzMjRlMTRhNGU3MmY1MTE2ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuHgIffKCfHq8gJCJyqsQiZPuQxR
qrxGlsTJHSApV4yDHCoo6QOaW3XraWRqXp7on9xgGSIGO58fuK9TjYa2UNWEuwO3
eAAklpAKq7Zb0pMvW2hyyl5jQp/vLE1jJwP9sbiFr7eH0Q6ejNA70fHju1/TCnmD
ZpIyut7pFqu6eEiSCwjlRgtJ2oIV+o5PbiUVpx9u5uy9mk3MhWW0Zh9QRqiiQGZ/
zH3eA5DWuo6pC1K9uGafG6l+d4Qas3fAtuAP+IMRr1TygxkV7JfAlDpKPwOYkflr
TJkB6X7YUyYJqju/CObqx5jV5QKREUkGYA2qqK1m+Qyd2eECVOevTINKOQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFFSeLaobGwMb22WzJOFKTnL1EW1/MB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvVko0dHFoc2JBeHZiWmJNazRVcE9jdlVSYlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTA8BAIAATA2AwQCLULcAwQA
LVYkAwQAW8iQAwQAW8/PAwQAW9+EAwQAuSJmAwQAuTYHAwQAwREhAwQAw3J9MCEE
AgACMBsDBQMqD5GAMBIDBwAqENRAAAEDBwAqENRAAAIwDQYJKoZIhvcNAQELBQAD
ggEBAFgTg+RDUx2Zzjn/0A6AE+fwZHbhiAVk1hGjH6xfaDHUsfFz5eBYdOIaomIm
MbCZnOQQhl3i7xsdlN+DM0yJ0nqh4USMzKrKftzluURvAsd+MpMm8MKgeU1CAeyc
bj5JXrc94BbIaB0guXm6MkNVnr87CSN2JlQnJEgOtVgVNEEqU0bUFHMXSe6qWa+G
VvAUXnwJqZt0zvqMnehTjp9MUfqrI4t1NR7x3vqlJnHfuQBGEtJDtZXJs7IaS6u6
9usz9UjPA7C1fvxrgDAiU+Cm8bc5A48Rt6I6shEiybXl2ZmPsXgPxdq9myAmI+hI
eQvSAsGmj3vedNNJUK2BBjFtupA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:56:55 2025 by rpki-client