Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/cFHDyKq0TisIF4st_X3wRki2NZI.roa
File: cFHDyKq0TisIF4st_X3wRki2NZI.roa (raw, json)
Hash identifier: nQ+7suNe42MS4eTJtwhtgpZztomyKvLYgZva47OCeaY=
Subject key identifier: 70:51:C3:C8:AA:B4:4E:2B:08:17:8B:2D:FD:7D:F0:46:48:B6:35:92
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0197A6E69BCFC66EB56E79FA7BA8DB2DBBC8
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/cFHDyKq0TisIF4st_X3wRki2NZI.roa
Signing time: Wed 25 Jun 2025 11:43:40 +0000
ROA not before: Wed 25 Jun 2025 11:43:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47814
IP address blocks: 46.19.204.251/32 maxlen: 32
46.19.205.0/24 maxlen: 24
46.19.206.0/24 maxlen: 24
80.81.44.0/24 maxlen: 24
83.223.139.0/24 maxlen: 24
83.223.149.0/24 maxlen: 24
94.101.224.0/24 maxlen: 24
94.101.228.0/24 maxlen: 24
94.101.233.206/32 maxlen: 32
94.101.234.0/24 maxlen: 24
94.101.238.0/24 maxlen: 24
217.69.115.0/24 maxlen: 24
217.69.117.0/24 maxlen: 24
217.69.118.0/24 maxlen: 24
2001:1bf8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:e6:9b:cf:c6:6e:b5:6e:79:fa:7b:a8:db:2d:bb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 25 11:43:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7051c3c8aab44e2b08178b2dfd7df04648b63592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cd:2e:01:b5:0c:50:70:0d:f5:81:21:d5:32:
bc:a9:26:06:49:c9:5f:36:96:45:2b:cd:d8:b7:2f:
22:72:c3:08:64:f3:ed:14:ee:a2:a0:dc:f8:53:13:
49:0e:70:97:26:cc:eb:55:fe:19:47:12:d1:da:2f:
41:3c:e1:f9:64:cc:49:4d:ec:b1:56:1c:74:fc:47:
89:b5:0a:25:d3:b7:3e:51:80:17:ca:d2:64:17:ce:
3c:1d:cd:15:d8:6b:1d:4d:65:ac:29:36:c7:5e:6c:
1b:03:cc:80:c9:93:73:4c:73:c6:a0:3c:8d:8a:c3:
8f:c9:c8:c1:e8:ca:e8:cf:b1:d3:2e:46:a4:3a:02:
e5:85:c6:e4:67:52:f6:ae:db:49:5b:5a:64:e7:98:
48:b2:c4:e9:17:00:85:92:e0:88:87:58:e8:f6:23:
e8:e9:41:92:27:85:00:2b:5e:47:ae:49:bf:21:75:
f3:2b:40:53:56:5f:78:50:72:58:f7:c3:84:7d:bb:
e0:fd:b6:f8:5d:50:8f:b4:a2:e9:c7:e5:96:eb:81:
34:74:86:34:b2:fe:b8:95:7e:28:81:98:72:3e:8f:
f8:dc:e2:99:2b:66:47:1d:28:54:b9:98:93:8f:92:
6d:73:e8:0e:c9:cc:b7:83:d4:78:78:72:0b:1f:30:
b1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:51:C3:C8:AA:B4:4E:2B:08:17:8B:2D:FD:7D:F0:46:48:B6:35:92
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/cFHDyKq0TisIF4st_X3wRki2NZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.204.251/32
46.19.205.0-46.19.206.255
80.81.44.0/24
83.223.139.0/24
83.223.149.0/24
94.101.224.0/24
94.101.228.0/24
94.101.233.206/32
94.101.234.0/24
94.101.238.0/24
217.69.115.0/24
217.69.117.0-217.69.118.255
IPv6:
2001:1bf8::/29
Signature Algorithm: sha256WithRSAEncryption
4c:e4:80:2d:a8:54:12:9e:7b:35:8a:0e:79:e1:ed:ea:5e:99:
0d:24:f7:c6:16:9d:61:51:17:9c:9a:c5:0b:7d:41:82:aa:75:
98:4c:5d:7b:94:d9:ab:c8:c5:1b:60:87:87:6f:21:6a:2a:97:
0b:49:60:d2:35:c3:71:68:2d:c2:89:48:85:ca:80:2d:c1:b1:
48:68:12:c7:d8:5d:3d:2e:bb:2e:4c:f1:69:e2:41:d9:77:33:
75:04:e9:7f:83:f7:74:05:eb:bd:d2:c5:82:8a:5f:e0:66:04:
c9:a3:cd:e1:13:d7:32:47:fa:92:b8:4c:09:92:08:74:5a:fb:
49:be:00:30:05:d9:1f:c6:8b:ed:fc:ea:bc:d7:50:88:e0:f4:
da:a9:fc:4a:84:4d:4a:55:eb:02:4f:44:eb:52:95:0b:88:49:
59:bd:6f:4f:20:60:76:23:2d:93:cb:b5:ff:4e:44:ab:4e:2c:
b9:b0:de:e2:92:c6:45:37:3d:c2:76:d8:1c:d6:97:bb:c1:0e:
09:fb:45:bb:f8:c1:38:47:6c:9f:4b:9d:7f:30:de:ed:01:e0:
aa:8c:e8:f5:85:a9:e5:35:11:c8:f9:dc:31:55:c5:c8:93:ae:
a0:67:ad:04:cd:b5:06:cc:4a:40:44:80:82:47:03:a5:36:99:
b7:97:c6:f7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZem5pvPxm61bnn6e6jbLbvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNjI1MTE0MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDUxYzNjOGFhYjQ0ZTJiMDgxNzhiMmRmZDdkZjA0NjQ4YjYzNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM0uAbUMUHAN9YEh1TK8qSYGSclf
NpZFK83Yty8icsMIZPPtFO6ioNz4UxNJDnCXJszrVf4ZRxLR2i9BPOH5ZMxJTeyx
Vhx0/EeJtQol07c+UYAXytJkF848Hc0V2GsdTWWsKTbHXmwbA8yAyZNzTHPGoDyN
isOPycjB6Mroz7HTLkakOgLlhcbkZ1L2rttJW1pk55hIssTpFwCFkuCIh1jo9iPo
6UGSJ4UAK15Hrkm/IXXzK0BTVl94UHJY98OEfbvg/bb4XVCPtKLpx+WW64E0dIY0
sv64lX4ogZhyPo/43OKZK2ZHHShUuZiTj5Jtc+gOycy3g9R4eHILHzCx6wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFHBRw8iqtE4rCBeLLf198EZItjWSMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvY0ZIRHlLcTBUaXNJRjRzdF9YM3dSa2kyTlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMFAC4TzPsw
DAMEAC4TzQMEAC4TzgMEAFBRLAMEAFPfiwMEAFPflQMEAF5l4AMEAF5l5AMFAF5l
6c4DBABeZeoDBABeZe4DBADZRXMwDAMEANlFdQMEANlFdjANBAIAAjAHAwUDIAEb
+DANBgkqhkiG9w0BAQsFAAOCAQEATOSALahUEp57NYoOeeHt6l6ZDST3xhadYVEX
nJrFC31Bgqp1mExde5TZq8jFG2CHh28haiqXC0lg0jXDcWgtwolIhcqALcGxSGgS
x9hdPS67LkzxaeJB2XczdQTpf4P3dAXrvdLFgopf4GYEyaPN4RPXMkf6krhMCZII
dFr7Sb4AMAXZH8aL7fzqvNdQiOD02qn8SoRNSlXrAk9E61KVC4hJWb1vTyBgdiMt
k8u1/05Eq04subDe4pLGRTc9wnbYHNaXu8EOCftFu/jBOEdsn0udfzDe7QHgqozo
9YWp5TURyPncMVXFyJOuoGetBM21BsxKQESAgkcDpTaZt5fG9w==
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:20:17 2025 by rpki-client