Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/SKma3lJH_nMIY0Jk_dGXIETBqnk.roa
File: SKma3lJH_nMIY0Jk_dGXIETBqnk.roa (raw, json)
Hash identifier: UvrsRqXxi0T7Fu2Z9LEfglN30LChbDf1sZ63pwOaTP8=
Subject key identifier: 48:A9:9A:DE:52:47:FE:73:08:63:42:64:FD:D1:97:20:44:C1:AA:79
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 0198A3FE3D26FF357B8C56C463EA41D10000
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/SKma3lJH_nMIY0Jk_dGXIETBqnk.roa
Signing time: Wed 13 Aug 2025 15:13:24 +0000
ROA not before: Wed 13 Aug 2025 15:13:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204050
IP address blocks: 185.116.53.0/24 maxlen: 24
185.116.54.0/24 maxlen: 24
185.116.55.0/24 maxlen: 24
2a06:7a40:1::/48 maxlen: 48
2a06:7a40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Aug 2025 17:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:fe:3d:26:ff:35:7b:8c:56:c4:63:ea:41:d1:00:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Aug 13 15:13:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48a99ade5247fe7308634264fdd1972044c1aa79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:47:96:b6:b8:21:18:0d:5e:45:67:d8:07:ac:
e6:6d:88:88:27:ef:12:5c:ab:25:44:79:d4:46:92:
55:c0:3c:59:b8:19:26:89:2f:9c:bf:2d:23:01:7f:
47:de:13:20:e6:cd:30:a5:3a:32:72:9f:1f:9c:0e:
78:0c:28:84:88:9e:5c:65:65:9c:a3:a8:4a:db:0f:
95:58:dc:05:5a:16:4b:03:91:e1:56:f4:c1:80:06:
2b:b9:d3:a3:93:3c:e1:9e:cf:dd:13:64:ad:35:e5:
aa:44:9d:0c:0c:c2:4c:05:30:8d:2a:14:00:31:8b:
ca:70:98:34:8b:1e:47:f2:71:f5:83:1e:2a:05:53:
28:eb:27:63:5e:74:13:96:24:fd:cb:ee:2b:04:a6:
e6:75:26:83:13:8a:c9:65:48:f1:80:8d:22:53:62:
1e:a8:f2:ce:df:6a:07:70:bf:c8:9f:a6:29:5d:7f:
2f:ec:21:11:f8:6c:d4:44:43:d0:af:c8:00:d0:32:
3b:d8:02:9b:36:5b:4f:27:86:64:80:58:a5:d2:eb:
11:da:34:1b:c2:f5:70:ba:4d:cf:5f:63:f2:31:ed:
c4:9c:15:c1:5a:9d:96:d2:6a:a6:67:03:c5:36:b5:
d5:27:a5:ef:ef:f6:b3:1b:ff:9a:c0:65:9b:1d:67:
79:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A9:9A:DE:52:47:FE:73:08:63:42:64:FD:D1:97:20:44:C1:AA:79
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/SKma3lJH_nMIY0Jk_dGXIETBqnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.53.0-185.116.55.255
IPv6:
2a06:7a40:1::-2a06:7a40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b0:0b:ef:f0:b9:ae:29:54:f3:4d:65:b8:ec:5c:70:0b:2b:67:
55:b4:6b:c0:49:6a:60:89:3a:1b:56:80:1e:38:b3:f5:75:35:
b3:0b:a5:98:5b:7f:75:23:5a:18:72:4e:93:ed:50:d9:8b:0b:
e8:c8:11:9d:c0:6a:19:c7:bf:53:e9:e2:70:6d:83:87:3f:d8:
d4:b4:6a:ef:b0:45:1c:25:33:2d:df:9e:a7:a3:e0:0d:3e:61:
f5:4a:82:65:e4:25:a1:f9:bd:70:dd:2a:7a:26:ad:66:33:ba:
6e:c8:d2:ae:59:7f:bb:f3:53:cd:9f:b5:cb:6c:2a:49:55:98:
6c:a8:15:19:92:7b:2e:4f:f4:8f:40:17:c4:be:68:c7:f7:0d:
bb:61:08:c3:fd:b5:e7:68:4f:c8:ff:36:4f:4a:0e:7c:0f:57:
ff:bc:ac:88:c0:72:da:70:06:0c:7b:e4:5c:03:d3:c9:2b:ae:
76:f8:b0:81:3e:f6:ce:25:4c:ca:95:82:aa:ac:1f:d0:d6:09:
30:4a:59:32:f2:cc:62:17:97:34:b6:71:0e:38:9f:7f:bf:d0:
b1:74:3b:b9:ce:6f:c9:fa:7f:ac:59:e1:9d:1b:e7:f7:b9:95:
29:ce:78:bb:78:fb:8d:6d:22:ef:9a:16:f5:b2:65:0d:71:55:
18:a8:8c:74
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZij/j0m/zV7jFbEY+pB0QAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUwODEzMTUxMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE5OWFkZTUyNDdmZTczMDg2MzQyNjRmZGQxOTcyMDQ0YzFhYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0eWtrghGA1eRWfYB6zmbYiIJ+8S
XKslRHnURpJVwDxZuBkmiS+cvy0jAX9H3hMg5s0wpToycp8fnA54DCiEiJ5cZWWc
o6hK2w+VWNwFWhZLA5HhVvTBgAYrudOjkzzhns/dE2StNeWqRJ0MDMJMBTCNKhQA
MYvKcJg0ix5H8nH1gx4qBVMo6ydjXnQTliT9y+4rBKbmdSaDE4rJZUjxgI0iU2Ie
qPLO32oHcL/In6YpXX8v7CER+GzUREPQr8gA0DI72AKbNltPJ4ZkgFil0usR2jQb
wvVwuk3PX2PyMe3EnBXBWp2W0mqmZwPFNrXVJ6Xv7/azG/+awGWbHWd5CQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEipmt5SR/5zCGNCZP3RlyBEwap5MB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvU0ttYTNsSkhfbk1JWTBKa19kR1hJRVRCcW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAC5dDUD
BAO5dDAwGgQCAAIwFDASAwcAKgZ6QAABAwcAKgZ6QAACMA0GCSqGSIb3DQEBCwUA
A4IBAQCwC+/wua4pVPNNZbjsXHALK2dVtGvASWpgiTobVoAeOLP1dTWzC6WYW391
I1oYck6T7VDZiwvoyBGdwGoZx79T6eJwbYOHP9jUtGrvsEUcJTMt356no+ANPmH1
SoJl5CWh+b1w3Sp6Jq1mM7puyNKuWX+781PNn7XLbCpJVZhsqBUZknsuT/SPQBfE
vmjH9w27YQjD/bXnaE/I/zZPSg58D1f/vKyIwHLacAYMe+RcA9PJK652+LCBPvbO
JUzKlYKqrB/Q1gkwSlky8sxiF5c0tnEOOJ9/v9CxdDu5zm/J+n+sWeGdG+f3uZUp
zni7ePuNbSLvmhb1smUNcVUYqIx0
-----END CERTIFICATE-----
Generated at Mon Aug 25 03:03:20 2025 by rpki-client