Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/4kRsEvvYS9vLgzT9RvhH3Igjm9k.roa
File: 4kRsEvvYS9vLgzT9RvhH3Igjm9k.roa (raw, json)
Hash identifier: I03jyb6kvpeR9AlCu8KypQT8GWzh4/aSh4au4iyy8+I=
Subject key identifier: E2:44:6C:12:FB:D8:4B:DB:CB:83:34:FD:46:F8:47:DC:88:23:9B:D9
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 01995D6D3AFB9DC7902AA7D7120CD3F631CB
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/4kRsEvvYS9vLgzT9RvhH3Igjm9k.roa
Signing time: Thu 18 Sep 2025 15:24:23 +0000
ROA not before: Thu 18 Sep 2025 15:24:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44306
IP address blocks: 46.151.128.0/21 maxlen: 24
91.199.77.0/24 maxlen: 24
185.151.132.0/24 maxlen: 24
185.151.133.0/24 maxlen: 24
185.151.134.0/24 maxlen: 24
213.186.0.0/19 maxlen: 19
213.186.0.0/20 maxlen: 20
213.186.0.0/24 maxlen: 24
213.186.1.0/24 maxlen: 24
213.186.4.0/23 maxlen: 23
213.186.9.0/24 maxlen: 24
213.186.16.0/23 maxlen: 23
213.186.18.0/24 maxlen: 24
213.186.19.0/24 maxlen: 24
213.186.21.0/24 maxlen: 24
213.186.22.0/23 maxlen: 23
213.186.22.0/24 maxlen: 24
213.186.23.0/24 maxlen: 24
213.186.25.0/24 maxlen: 24
213.186.26.0/24 maxlen: 24
213.186.27.0/24 maxlen: 24
213.186.28.0/22 maxlen: 24
2a02:2608::/32 maxlen: 48
2a02:2608:1000::/48 maxlen: 48
2a02:2608:2000::/48 maxlen: 48
2a02:2608:3000::/48 maxlen: 48
2a02:2608:fffe::/48 maxlen: 48
2a02:2608:fffe:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:6d:3a:fb:9d:c7:90:2a:a7:d7:12:0c:d3:f6:31:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Sep 18 15:24:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2446c12fbd84bdbcb8334fd46f847dc88239bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:08:92:13:f9:9d:43:f0:bc:e8:da:84:a7:f4:
6a:20:23:82:b2:0b:9c:e1:27:d5:ec:57:7f:c7:78:
5f:4d:e6:8b:67:03:e0:80:7c:90:39:e5:93:2e:14:
7d:4f:96:6b:9f:85:f2:b0:bc:6d:3e:c8:fc:0d:f9:
d3:c7:fa:41:2a:e6:8d:ec:e9:0e:25:49:f9:23:e0:
ff:fc:08:79:62:3f:fd:b8:2b:fc:17:4b:ce:e4:59:
95:50:a4:69:1e:d2:de:88:df:ef:7a:3e:e5:8c:32:
1a:13:2f:5d:0c:8c:19:23:7d:99:66:18:7b:a7:93:
75:4e:1c:71:b1:9b:b1:a5:ed:34:ce:be:83:e3:6c:
3e:8a:ce:15:48:d4:a2:01:f2:35:c2:74:f4:1d:7c:
72:93:e3:c0:94:ff:30:ad:d9:e0:bc:35:b7:42:0f:
81:b8:e3:d4:4a:df:52:01:cb:e2:63:b2:55:40:e3:
02:02:1b:a5:d8:d0:09:88:0a:2b:e7:11:b8:8e:ad:
d2:9e:b6:a4:5a:35:c6:85:dd:15:28:97:be:11:de:
e7:20:97:cf:ad:c7:b0:47:7d:d3:8b:25:1e:b7:7c:
3c:c3:98:92:26:5b:16:22:86:95:6a:40:66:50:6a:
18:99:01:9d:73:f2:81:86:4c:65:0f:34:50:21:79:
41:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:44:6C:12:FB:D8:4B:DB:CB:83:34:FD:46:F8:47:DC:88:23:9B:D9
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/4kRsEvvYS9vLgzT9RvhH3Igjm9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.128.0/21
91.199.77.0/24
185.151.132.0-185.151.134.255
213.186.0.0/19
IPv6:
2a02:2608::/32
Signature Algorithm: sha256WithRSAEncryption
83:a9:2e:c0:b9:2c:dc:b5:2b:24:41:be:a4:c8:6f:97:a4:35:
1b:75:9e:55:6e:ac:66:d4:ba:bb:9e:1a:37:cd:30:85:81:bd:
99:01:91:70:02:81:78:b9:28:a2:ae:a2:cb:75:ff:66:4d:5f:
8e:bc:76:9d:2d:51:ea:ae:db:b3:23:bf:94:78:01:e8:1b:60:
ae:6d:6f:a6:bf:f0:30:41:22:66:21:b0:90:27:50:fb:b6:66:
0d:eb:0c:d9:fe:76:c9:02:9c:09:68:f6:c3:42:14:0b:b6:70:
1b:73:06:e5:61:54:10:64:a3:57:f4:47:eb:6a:ed:44:a9:83:
2a:c5:2a:57:ac:6d:03:ab:4b:14:d8:4a:eb:20:51:38:0c:37:
07:ca:5e:48:63:21:36:ae:a6:b3:92:23:8a:d9:37:86:5a:b5:
72:bc:52:38:2c:c2:3d:0a:6f:e8:b2:82:c1:cf:0b:a9:f3:be:
f8:8d:bf:e0:70:3a:85:39:47:23:10:90:ae:09:38:eb:78:dc:
a9:b4:3a:3d:f2:c9:72:65:a0:2a:f2:92:be:d4:eb:f0:6b:b0:
71:f4:a8:13:a2:75:3f:ba:34:b5:a8:6d:2c:57:82:2e:1e:73:
28:9d:59:c4:db:37:db:15:6c:d3:77:6f:ff:8d:b8:2f:24:13:
26:00:2b:55
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZldbTr7nceQKqfXEgzT9jHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDc4ZGUwMjM0ZTZmOTk3MDE1OTJmNTM2ZTQ1ZjVmNTU5
NGVlYzMwHhcNMjUwOTE4MTUyNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ0NmMxMmZiZDg0YmRiY2I4MzM0ZmQ0NmY4NDdkYzg4MjM5YmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAiSE/mdQ/C86NqEp/RqICOCsguc
4SfV7Fd/x3hfTeaLZwPggHyQOeWTLhR9T5Zrn4XysLxtPsj8DfnTx/pBKuaN7OkO
JUn5I+D//Ah5Yj/9uCv8F0vO5FmVUKRpHtLeiN/vej7ljDIaEy9dDIwZI32ZZhh7
p5N1ThxxsZuxpe00zr6D42w+is4VSNSiAfI1wnT0HXxyk+PAlP8wrdngvDW3Qg+B
uOPUSt9SAcviY7JVQOMCAhul2NAJiAor5xG4jq3SnrakWjXGhd0VKJe+Ed7nIJfP
rcewR33TiyUet3w8w5iSJlsWIoaVakBmUGoYmQGdc/KBhkxlDzRQIXlB0QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOJEbBL72Evby4M0/Ub4R9yII5vZMB8GA1UdIwQY
MBaAFKfXjeAjTm+ZcBWS9TbkX19VlO7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2Mt
MjhkNWI2MDdhNDdmLzEvNGtSc0V2dllTOXZMZ3pUOVJ2aEgzSWdqbTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zMWFhYmEtYWM3ZS00ODlmLTg3N2MtMjhkNWI2MDdhNDdm
LzEvcDllTjRDTk9iNWx3RlpMMU51UmZYMVdVN3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLpeAAwQA
W8dNMAwDBAK5l4QDBAC5l4YDBAXVugAwDQQCAAIwBwMFACoCJggwDQYJKoZIhvcN
AQELBQADggEBAIOpLsC5LNy1KyRBvqTIb5ekNRt1nlVurGbUurueGjfNMIWBvZkB
kXACgXi5KKKuost1/2ZNX468dp0tUequ27Mjv5R4AegbYK5tb6a/8DBBImYhsJAn
UPu2Zg3rDNn+dskCnAlo9sNCFAu2cBtzBuVhVBBko1f0R+tq7USpgyrFKlesbQOr
SxTYSusgUTgMNwfKXkhjITauprOSI4rZN4ZatXK8Ujgswj0Kb+iygsHPC6nzvviN
v+BwOoU5RyMQkK4JOOt43Km0Oj3yyXJloCrykr7U6/BrsHH0qBOidT+6NLWobSxX
gi4ecyidWcTbN9sVbNN3b/+NuC8kEyYAK1U=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:36 2025 by rpki-client