Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/fUiU9NND6NDkXeCCtG2FpkvLAtQ.roa
File: fUiU9NND6NDkXeCCtG2FpkvLAtQ.roa (raw, json)
Hash identifier: BipzZjfv9NJLde/5SLk/7HBxUjct/iO+maQqs2utFTw=
Subject key identifier: 7D:48:94:F4:D3:43:E8:D0:E4:5D:E0:82:B4:6D:85:A6:4B:CB:02:D4
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 0198AA6A36FB3B3A8A3CB4A1069122405A13
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/fUiU9NND6NDkXeCCtG2FpkvLAtQ.roa
Signing time: Thu 14 Aug 2025 21:09:04 +0000
ROA not before: Thu 14 Aug 2025 21:09:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39521
IP address blocks: 45.10.16.0/23 maxlen: 24
45.10.16.0/24 maxlen: 24
45.10.17.0/24 maxlen: 24
45.10.18.0/24 maxlen: 24
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
45.95.40.0/24 maxlen: 24
45.95.41.0/24 maxlen: 24
45.130.100.0/22 maxlen: 22
83.229.34.0/24 maxlen: 24
95.178.107.0/24 maxlen: 24
185.144.56.0/22 maxlen: 24
188.191.49.0/24 maxlen: 24
188.191.50.0/24 maxlen: 24
188.191.51.0/24 maxlen: 24
217.194.153.0/24 maxlen: 24
2a05:e4c0::/32 maxlen: 32
2a05:e4c1::/32 maxlen: 32
2a05:e4c7::/36 maxlen: 36
2a07:3bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:aa:6a:36:fb:3b:3a:8a:3c:b4:a1:06:91:22:40:5a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Aug 14 21:09:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d4894f4d343e8d0e45de082b46d85a64bcb02d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7b:dd:d0:9f:c7:1f:e7:e5:47:49:3d:a6:ae:
0b:99:7b:11:f8:3d:d4:e4:5a:a3:02:d0:ca:06:35:
2d:c5:aa:1c:6e:43:d3:a1:21:9f:8c:8d:7d:41:12:
d7:38:aa:b8:e5:3e:c5:7f:8f:fc:aa:79:b9:fb:f0:
23:f3:b4:49:43:05:62:95:a5:bd:80:40:cf:01:33:
c6:90:f0:85:be:52:66:f9:68:38:1a:82:6c:39:5f:
cb:61:38:2b:8b:d7:c8:bf:ef:70:f8:cd:c2:5e:a2:
6f:e3:1b:1b:3c:07:51:9e:b9:be:a8:32:8f:9a:0e:
f7:0b:e4:07:94:09:d3:83:6e:87:a5:90:87:f8:47:
9c:84:e3:36:a8:d8:9a:9d:01:c0:7b:84:42:de:65:
c3:02:ef:d0:c3:98:8e:ae:83:f0:58:86:2c:2b:f7:
fd:9c:d8:8a:1d:36:81:75:b0:a2:74:84:91:ba:00:
16:58:e1:55:64:60:84:5e:ac:89:2e:3b:aa:8d:65:
58:03:39:54:a4:08:e8:a2:b4:21:ea:74:0d:7b:29:
bd:2c:62:47:ff:a0:5b:25:ba:76:e2:6e:57:fc:bc:
0c:f0:c8:59:69:3d:e1:07:9b:9a:9c:9d:c7:b1:ee:
12:3a:90:79:58:a7:ae:0b:e1:5b:87:f0:87:82:03:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:48:94:F4:D3:43:E8:D0:E4:5D:E0:82:B4:6D:85:A6:4B:CB:02:D4
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/fUiU9NND6NDkXeCCtG2FpkvLAtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.16.0-45.10.18.255
45.88.5.0-45.88.7.255
45.95.40.0/23
45.130.100.0/22
83.229.34.0/24
95.178.107.0/24
185.144.56.0/22
188.191.49.0-188.191.51.255
217.194.153.0/24
IPv6:
2a05:e4c0::/31
2a05:e4c7::/36
2a07:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
51:a9:80:52:dd:c3:5b:2e:75:14:29:ae:92:6d:49:d8:68:24:
6a:22:ee:c8:3e:36:2c:30:23:cc:3f:69:66:b0:7d:3b:a8:5d:
70:af:a5:3d:49:d3:ea:81:5f:97:07:27:3f:d9:c0:9a:60:2a:
b9:24:ea:31:02:1f:49:d4:48:29:6c:5d:56:5c:18:76:dd:61:
e5:90:1b:6c:8e:24:bd:3d:ea:3e:bc:c7:56:f8:89:d2:dc:1c:
11:8f:77:27:e0:68:ba:50:d3:c9:dd:24:d1:fa:cf:b5:15:8d:
25:3b:e7:d9:26:7f:e2:e6:0f:67:3f:ef:b2:6e:3f:c6:a8:d2:
21:9e:fa:c7:eb:4d:41:c1:59:9c:67:60:6e:fd:84:84:54:84:
e7:d3:c5:b8:42:b3:cb:34:ee:56:98:9f:c0:6a:5a:be:e2:0c:
1b:9a:87:7e:ad:6a:17:37:55:ba:84:eb:13:07:50:37:ad:d6:
be:cb:71:41:24:3f:1c:8b:aa:73:98:bd:4e:55:c1:e7:0e:a1:
62:13:54:e5:be:f8:44:cd:1f:db:db:60:61:88:50:bf:88:b2:
2b:7a:d5:d8:e1:5e:3b:75:69:fe:33:ac:05:83:f1:5c:91:8d:
66:df:bf:73:61:10:0c:3b:c4:27:56:d5:a0:d8:e5:e5:cb:6e:
8c:86:26:b6
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZiqajb7OzqKPLShBpEiQFoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjUwODE0MjEwOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQ4OTRmNGQzNDNlOGQwZTQ1ZGUwODJiNDZkODVhNjRiY2IwMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHvd0J/HH+flR0k9pq4LmXsR+D3U
5FqjAtDKBjUtxaocbkPToSGfjI19QRLXOKq45T7Ff4/8qnm5+/Aj87RJQwVilaW9
gEDPATPGkPCFvlJm+Wg4GoJsOV/LYTgri9fIv+9w+M3CXqJv4xsbPAdRnrm+qDKP
mg73C+QHlAnTg26HpZCH+EechOM2qNianQHAe4RC3mXDAu/Qw5iOroPwWIYsK/f9
nNiKHTaBdbCidISRugAWWOFVZGCEXqyJLjuqjWVYAzlUpAjoorQh6nQNeym9LGJH
/6BbJbp24m5X/LwM8MhZaT3hB5uanJ3Hse4SOpB5WKeuC+Fbh/CHggM6iwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFH1IlPTTQ+jQ5F3ggrRthaZLywLUMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvZlVpVTlOTkQ2TkRrWGVDQ3RHMkZwa3ZMQXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwVAQCAAEwTjAMAwQELQoQ
AwQALQoSMAwDBAAtWAUDBAMtWAADBAEtXygDBAItgmQDBABT5SIDBABfsmsDBAK5
kDgwDAMEALy/MQMEAry/MAMEANnCmTAcBAIAAjAWAwUBKgXkwAMGBCoF5McAAwUD
Kgc7wDANBgkqhkiG9w0BAQsFAAOCAQEAUamAUt3DWy51FCmukm1J2GgkaiLuyD42
LDAjzD9pZrB9O6hdcK+lPUnT6oFflwcnP9nAmmAquSTqMQIfSdRIKWxdVlwYdt1h
5ZAbbI4kvT3qPrzHVviJ0twcEY93J+BoulDTyd0k0frPtRWNJTvn2SZ/4uYPZz/v
sm4/xqjSIZ76x+tNQcFZnGdgbv2EhFSE59PFuEKzyzTuVpifwGpavuIMG5qHfq1q
FzdVuoTrEwdQN63WvstxQSQ/HIuqc5i9TlXB5w6hYhNU5b74RM0f29tgYYhQv4iy
K3rV2OFeO3Vp/jOsBYPxXJGNZt+/c2EQDDvEJ1bVoNjl5ctujIYmtg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:10:15 2025 by rpki-client