Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gHxt-7VNY3fc7Ia-bzrqoQMWyk4.roa
File: gHxt-7VNY3fc7Ia-bzrqoQMWyk4.roa (raw, json)
Hash identifier: zNJ0Kmvb3CH4yE59hTArSJep5ChElM6AnbN5rY/o7aE=
Subject key identifier: 80:7C:6D:FB:B5:4D:63:77:DC:EC:86:BE:6F:3A:EA:A1:03:16:CA:4E
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 0198A23B26AA247D4B6B6911312C8EDEE19F
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gHxt-7VNY3fc7Ia-bzrqoQMWyk4.roa
Signing time: Wed 13 Aug 2025 07:00:42 +0000
ROA not before: Wed 13 Aug 2025 07:00:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
185.118.188.0/22 maxlen: 24
185.237.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:3b:26:aa:24:7d:4b:6b:69:11:31:2c:8e:de:e1:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Aug 13 07:00:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=807c6dfbb54d6377dcec86be6f3aeaa10316ca4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:72:8b:6a:92:3c:dc:0e:96:60:ba:39:da:37:
31:fc:0c:55:87:ce:ae:0a:64:02:76:47:11:ce:e7:
5a:d5:5b:d9:44:7e:bc:6f:10:fd:34:ab:3c:3c:af:
e5:c9:77:7d:7b:54:4a:a6:11:0e:ac:66:bd:4c:0c:
54:f6:b3:87:fc:39:34:e1:5d:03:4b:11:30:1e:be:
37:71:61:18:0f:cc:68:43:e5:47:cc:e9:82:20:15:
91:b7:3a:1a:6f:71:43:86:68:00:47:c4:32:c4:f9:
85:c0:a5:9b:41:e9:ed:98:eb:10:5e:1a:7f:b6:1c:
6c:a2:46:60:b5:f9:5c:fc:1d:dd:43:1d:de:51:79:
a4:7f:76:95:1d:f7:02:0b:a8:46:38:59:4e:34:a3:
07:73:1a:72:73:41:a3:f2:75:ea:73:c7:6d:86:44:
eb:8e:f9:8e:da:99:a2:d6:b8:56:63:fa:3b:71:eb:
b9:4f:a0:cd:8e:c8:4d:06:b7:5c:9b:02:fe:6f:d1:
8e:71:44:23:30:fe:01:71:e5:95:2f:d1:e8:1b:18:
29:93:44:04:15:c6:72:ad:b1:f4:c5:57:8f:30:e2:
7b:ac:8d:0f:ab:c4:6d:73:c7:82:3d:93:35:6e:0d:
13:ce:df:cd:f0:48:de:3d:90:3c:f7:b9:fc:a7:87:
b6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7C:6D:FB:B5:4D:63:77:DC:EC:86:BE:6F:3A:EA:A1:03:16:CA:4E
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gHxt-7VNY3fc7Ia-bzrqoQMWyk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.73.0-45.148.75.255
185.118.188.0/22
185.237.136.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:25:da:14:05:16:61:eb:30:08:51:64:46:ca:40:ee:27:7f:
50:57:65:15:c3:ad:37:54:e2:31:e3:0a:cf:f6:de:61:57:a1:
61:88:72:b4:ce:ff:97:bc:83:72:1a:08:f3:d9:37:e9:04:c7:
6f:9b:41:35:9a:aa:67:50:54:09:8d:d5:0f:3a:88:84:7a:d8:
9b:8f:b3:c6:fb:56:57:3a:2f:7f:d7:34:31:ca:2f:8f:1c:75:
80:51:cc:ca:76:21:7e:55:1a:4e:3f:30:d0:f0:70:68:a2:17:
27:48:5a:42:b0:dd:1b:2b:db:9a:bf:be:07:7e:29:fd:7c:00:
c0:05:20:6a:e7:f1:08:3b:ae:0e:fc:50:88:75:4b:f1:8e:22:
f5:d0:94:1f:1f:ed:6a:c9:a3:87:4c:5f:1b:9e:fe:3b:c0:f5:
e3:bb:a1:56:c3:c2:fe:0b:f9:e0:56:57:23:8f:3b:7f:21:22:
49:14:e3:2f:df:6f:99:9b:04:9d:50:6d:a2:66:87:7c:60:6c:
25:d6:20:78:f3:b1:20:09:43:91:2a:97:0e:43:f3:60:10:b8:
c1:52:c1:42:3c:3b:f7:d5:db:69:f5:08:51:13:83:f9:f8:31:
79:59:5a:2a:67:d4:0f:d6:da:85:69:47:b1:cb:fb:55:16:51:
64:4b:86:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZiiOyaqJH1La2kRMSyO3uGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwODEzMDcwMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdjNmRmYmI1NGQ2Mzc3ZGNlYzg2YmU2ZjNhZWFhMTAzMTZjYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXKLapI83A6WYLo52jcx/AxVh86u
CmQCdkcRzuda1VvZRH68bxD9NKs8PK/lyXd9e1RKphEOrGa9TAxU9rOH/Dk04V0D
SxEwHr43cWEYD8xoQ+VHzOmCIBWRtzoab3FDhmgAR8QyxPmFwKWbQentmOsQXhp/
thxsokZgtflc/B3dQx3eUXmkf3aVHfcCC6hGOFlONKMHcxpyc0Gj8nXqc8dthkTr
jvmO2pmi1rhWY/o7ceu5T6DNjshNBrdcmwL+b9GOcUQjMP4BceWVL9HoGxgpk0QE
FcZyrbH0xVePMOJ7rI0Pq8Rtc8eCPZM1bg0Tzt/N8EjePZA897n8p4e2HQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIB8bfu1TWN33OyGvm866qEDFspOMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvZ0h4dC03Vk5ZM2ZjN0lhLWJ6cnFvUU1XeWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtlEkD
BAItlEgDBAK5drwDBAK57YgwDQYJKoZIhvcNAQELBQADggEBAB8l2hQFFmHrMAhR
ZEbKQO4nf1BXZRXDrTdU4jHjCs/23mFXoWGIcrTO/5e8g3IaCPPZN+kEx2+bQTWa
qmdQVAmN1Q86iIR62JuPs8b7Vlc6L3/XNDHKL48cdYBRzMp2IX5VGk4/MNDwcGii
FydIWkKw3Rsr25q/vgd+Kf18AMAFIGrn8Qg7rg78UIh1S/GOIvXQlB8f7WrJo4dM
Xxue/jvA9eO7oVbDwv4L+eBWVyOPO38hIkkU4y/fb5mbBJ1QbaJmh3xgbCXWIHjz
sSAJQ5Eqlw5D82AQuMFSwUI8O/fV22n1CFETg/n4MXlZWipn1A/W2oVpR7HL+1UW
UWRLhho=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:03:14 2025 by rpki-client