Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/v4Kdp6s1EKUEjd2SmIhNxSG679s.roa
File: v4Kdp6s1EKUEjd2SmIhNxSG679s.roa (raw, json)
Hash identifier: ovIvxjDEnp211RLyO9XuLgOv75zi9t5bK+U+xaVNCuw=
Subject key identifier: BF:82:9D:A7:AB:35:10:A5:04:8D:DD:92:98:88:4D:C5:21:BA:EF:DB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01994E4431C146CCB2F662753A6917733F02
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/v4Kdp6s1EKUEjd2SmIhNxSG679s.roa
Signing time: Mon 15 Sep 2025 16:45:15 +0000
ROA not before: Mon 15 Sep 2025 16:45:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207177
IP address blocks: 45.86.17.0/24 maxlen: 24
45.86.18.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
171.22.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4e:44:31:c1:46:cc:b2:f6:62:75:3a:69:17:73:3f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 15 16:45:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf829da7ab3510a5048ddd9298884dc521baefdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:95:69:09:a4:b5:90:ad:58:64:e4:6a:f0:86:
8d:0a:9b:5e:bc:57:fa:bf:b1:b7:e7:34:bc:11:56:
eb:b2:8e:c9:2e:86:7c:6e:35:48:66:60:c5:49:8b:
5f:e4:99:ca:fd:8a:e7:30:ca:43:ae:79:c4:d5:d9:
b5:79:5e:2b:f1:68:f3:b8:d9:e7:7b:67:a9:34:f4:
09:1a:97:2b:c5:84:30:3b:7e:08:a3:06:81:03:9c:
74:fb:f6:13:c7:d8:8e:27:41:6d:b2:0c:6e:38:2b:
29:c8:b1:9a:cc:1e:b7:68:31:52:14:81:b7:e9:06:
63:2e:bc:03:c2:65:6a:75:54:e6:1b:9e:a7:25:fa:
e0:11:67:40:cd:8a:16:8c:69:82:78:36:ae:92:01:
2a:e5:dd:a1:20:96:d5:9a:ea:79:bb:3a:30:87:15:
60:14:99:a6:26:27:7b:8c:62:f0:0f:dd:d0:cc:24:
6f:7e:07:f7:0b:e2:9d:1a:51:58:87:70:f4:df:60:
62:8a:62:d4:db:c8:4b:5b:e5:72:0f:15:12:9d:ec:
70:12:58:8f:9a:91:f2:5a:63:f5:9b:d0:11:81:10:
b3:4f:f0:e0:9e:1f:7f:6e:58:a1:37:3d:89:e6:d6:
f8:7c:df:75:6f:e1:cf:fd:4b:b5:33:e7:75:10:3a:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:82:9D:A7:AB:35:10:A5:04:8D:DD:92:98:88:4D:C5:21:BA:EF:DB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/v4Kdp6s1EKUEjd2SmIhNxSG679s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.17.0-45.86.18.255
91.242.81.0/24
171.22.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:7b:8c:22:60:07:f1:e0:6b:a0:27:c3:ba:8c:39:9b:e1:43:
80:09:b3:2a:41:34:b9:e0:b2:a9:11:27:3b:ea:9f:2e:71:91:
47:64:87:f7:ff:a8:1b:33:ba:5d:34:53:fa:d3:f1:7f:c6:98:
fc:c2:b3:9b:7d:aa:10:d0:cf:47:d7:89:ad:9a:68:b9:e1:d9:
92:92:8b:c5:25:66:ee:5f:1c:93:a8:cb:e3:7a:cd:68:4b:fa:
4f:cf:da:5b:dd:99:8b:00:bd:a0:68:26:99:74:2b:f6:f9:5a:
92:a2:35:c9:eb:c2:f2:10:81:01:dd:85:3e:1c:bc:58:67:b9:
68:ee:ca:5c:c7:dc:ea:79:5d:3f:1f:fb:79:fa:e9:07:14:b5:
49:4c:55:89:d8:84:fd:14:17:c2:cb:d6:5b:22:cf:b4:e6:ea:
e9:58:c7:dc:20:86:e8:78:31:87:60:7a:6a:81:90:95:ff:ad:
15:a8:3b:02:67:44:ac:ea:98:d5:7e:ad:4a:34:e6:78:cc:c0:
ec:c2:ea:fe:08:23:b8:ed:e5:3a:f6:4f:7a:a6:f0:49:0e:e9:
5d:86:2f:ac:df:9b:56:d4:4a:eb:6a:c0:d3:19:06:13:17:6a:
3d:a7:86:9f:d5:f6:7e:03:de:ac:0c:22:dd:92:da:ba:80:44:
ca:db:91:04
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZlORDHBRsyy9mJ1OmkXcz8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwOTE1MTY0NTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgyOWRhN2FiMzUxMGE1MDQ4ZGRkOTI5ODg4NGRjNTIxYmFlZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZVpCaS1kK1YZORq8IaNCptevFf6
v7G35zS8EVbrso7JLoZ8bjVIZmDFSYtf5JnK/YrnMMpDrnnE1dm1eV4r8WjzuNnn
e2epNPQJGpcrxYQwO34IowaBA5x0+/YTx9iOJ0FtsgxuOCspyLGazB63aDFSFIG3
6QZjLrwDwmVqdVTmG56nJfrgEWdAzYoWjGmCeDaukgEq5d2hIJbVmup5uzowhxVg
FJmmJid7jGLwD93QzCRvfgf3C+KdGlFYh3D032BiimLU28hLW+VyDxUSnexwEliP
mpHyWmP1m9ARgRCzT/Dgnh9/blihNz2J5tb4fN91b+HP/Uu1M+d1EDr72wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL+CnaerNRClBI3dkpiITcUhuu/bMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdjRLZHA2czFFS1VFamQyU21JaE54U0c2NzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtVhED
BAAtVhIDBABb8lEDBAKrFjQwDQYJKoZIhvcNAQELBQADggEBAAp7jCJgB/Hga6An
w7qMOZvhQ4AJsypBNLngsqkRJzvqny5xkUdkh/f/qBszul00U/rT8X/GmPzCs5t9
qhDQz0fXia2aaLnh2ZKSi8UlZu5fHJOoy+N6zWhL+k/P2lvdmYsAvaBoJpl0K/b5
WpKiNcnrwvIQgQHdhT4cvFhnuWjuylzH3Op5XT8f+3n66QcUtUlMVYnYhP0UF8LL
1lsiz7Tm6ulYx9wghuh4MYdgemqBkJX/rRWoOwJnRKzqmNV+rUo05njMwOzC6v4I
I7jt5Tr2T3qm8EkO6V2GL6zfm1bUSutqwNMZBhMXaj2nhp/V9n4D3qwMIt2S2rqA
RMrbkQQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:14:06 2025 by rpki-client