Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/pjkORl4e_icMku-dYwyxSK4dpvQ.roa
File: pjkORl4e_icMku-dYwyxSK4dpvQ.roa (raw, json)
Hash identifier: jYn2CwjUvaCvvwmPswUUWp4ZR7edzl8SVBDQU+3D+k8=
Subject key identifier: A6:39:0E:46:5E:1E:FE:27:0C:92:EF:9D:63:0C:B1:48:AE:1D:A6:F4
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 0198A30D7468F5BE6F34B9AAFB0D9003294F
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/pjkORl4e_icMku-dYwyxSK4dpvQ.roa
Signing time: Wed 13 Aug 2025 10:50:24 +0000
ROA not before: Wed 13 Aug 2025 10:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212552
IP address blocks: 146.19.130.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.221.237.0/24 maxlen: 24
185.231.59.0/24 maxlen: 24
193.163.201.0/24 maxlen: 24
2a14:7981::/32 maxlen: 32
2a14:7981:467::/48 maxlen: 48
2a14:7981:470::/48 maxlen: 48
2a14:7981:471::/48 maxlen: 48
2a14:7981:472::/48 maxlen: 48
2a14:7981:473::/48 maxlen: 48
2a14:7981:2002::/48 maxlen: 48
2a14:7981:3008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:0d:74:68:f5:be:6f:34:b9:aa:fb:0d:90:03:29:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Aug 13 10:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6390e465e1efe270c92ef9d630cb148ae1da6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c6:f3:79:68:74:48:c2:99:f3:ab:0f:40:25:
aa:c0:71:c0:50:89:9a:2f:0d:72:ff:e4:c7:47:dc:
e0:dc:9c:ee:86:b6:57:d5:7e:1b:37:52:28:f9:2c:
33:91:1f:4b:a1:84:38:79:ff:4b:31:5d:37:07:28:
d3:cf:c2:29:fb:a3:32:25:79:7d:80:13:e2:45:ad:
4b:f1:fa:fe:02:b1:48:10:ac:72:1f:78:c2:78:aa:
5c:b7:d0:ca:0c:e6:22:3e:09:f9:b0:54:09:f5:cd:
c9:ce:2b:69:48:de:a4:d4:20:2c:69:25:34:5e:b8:
fd:63:69:5f:a3:23:cf:17:d6:df:f3:49:c0:22:cc:
fb:83:f7:71:ec:86:0b:85:56:ac:b9:b3:d5:e0:52:
14:ba:f3:ec:32:6a:67:14:89:3a:b5:64:54:70:b2:
96:dc:8e:c7:00:66:6b:9b:9a:3a:25:0c:c2:d5:78:
fa:78:67:77:28:9e:2c:90:d8:8c:32:33:95:d2:e4:
a3:96:05:b0:e3:aa:fe:2d:02:4a:32:c7:40:33:8d:
e2:73:71:66:16:c3:d6:58:3d:88:bc:86:89:5c:72:
59:34:b3:ea:1d:f5:fc:e8:23:3b:9a:35:45:7c:23:
26:c6:e6:cd:a4:12:a6:23:81:c5:dd:20:a1:f2:b0:
93:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:39:0E:46:5E:1E:FE:27:0C:92:EF:9D:63:0C:B1:48:AE:1D:A6:F4
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/pjkORl4e_icMku-dYwyxSK4dpvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.130.0/24
185.110.191.0/24
185.221.237.0/24
185.231.59.0/24
193.163.201.0/24
IPv6:
2a14:7981::/32
Signature Algorithm: sha256WithRSAEncryption
1d:8e:ad:1e:dc:6d:a3:0b:67:1e:b2:86:5b:11:80:62:43:ad:
e0:3f:62:b8:2c:8d:c9:8d:b7:8a:3d:a9:a8:2f:88:7f:47:02:
64:48:77:c5:31:8d:f5:d9:64:cf:de:af:85:3e:e8:d1:20:e6:
c4:58:50:32:4d:9e:f3:cf:aa:0f:e0:ef:75:ac:bc:c0:8b:93:
5b:6f:0b:f5:1e:64:18:a0:0b:41:43:03:74:95:85:45:ff:d7:
f2:f3:32:c6:ee:b6:1c:24:b9:7d:15:b9:52:f2:90:c4:f6:d0:
95:c6:aa:17:f1:0d:fc:8f:b6:74:6e:f5:bb:1b:59:e5:bc:98:
be:70:8d:8f:a7:86:02:8a:ff:95:3a:9d:87:4f:c6:08:12:43:
59:a8:a5:a9:a5:87:df:ae:d7:3f:f3:b4:1c:92:dc:fd:4c:48:
f0:4e:c9:2a:e2:6c:9a:c1:f8:3d:03:ad:16:7a:79:6e:ca:7c:
15:06:4a:e0:5b:53:75:f9:bd:5e:e0:b2:49:a6:78:ce:f3:84:
23:dc:cd:cd:c2:59:64:a6:5e:d9:ab:8c:53:31:7c:c4:3e:d1:
82:e1:1f:07:6e:20:b2:6f:74:e8:1f:92:74:a8:0b:c9:ee:86:
63:e1:20:b0:e9:2c:44:4a:76:e9:a8:54:cf:d7:2d:fb:32:89:
ee:bb:9c:55
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZijDXRo9b5vNLmq+w2QAylPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjUwODEzMTA1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjM5MGU0NjVlMWVmZTI3MGM5MmVmOWQ2MzBjYjE0OGFlMWRhNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18bzeWh0SMKZ86sPQCWqwHHAUIma
Lw1y/+THR9zg3JzuhrZX1X4bN1Io+SwzkR9LoYQ4ef9LMV03ByjTz8Ip+6MyJXl9
gBPiRa1L8fr+ArFIEKxyH3jCeKpct9DKDOYiPgn5sFQJ9c3JzitpSN6k1CAsaSU0
Xrj9Y2lfoyPPF9bf80nAIsz7g/dx7IYLhVasubPV4FIUuvPsMmpnFIk6tWRUcLKW
3I7HAGZrm5o6JQzC1Xj6eGd3KJ4skNiMMjOV0uSjlgWw46r+LQJKMsdAM43ic3Fm
FsPWWD2IvIaJXHJZNLPqHfX86CM7mjVFfCMmxubNpBKmI4HF3SCh8rCTFQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKY5DkZeHv4nDJLvnWMMsUiuHab0MB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvcGprT1JsNGVfaWNNa3UtZFl3eXhTSzRkcHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAkhOCAwQA
uW6/AwQAud3tAwQAuec7AwQAwaPJMA0EAgACMAcDBQAqFHmBMA0GCSqGSIb3DQEB
CwUAA4IBAQAdjq0e3G2jC2cesoZbEYBiQ63gP2K4LI3JjbeKPamoL4h/RwJkSHfF
MY312WTP3q+FPujRIObEWFAyTZ7zz6oP4O91rLzAi5Nbbwv1HmQYoAtBQwN0lYVF
/9fy8zLG7rYcJLl9FblS8pDE9tCVxqoX8Q38j7Z0bvW7G1nlvJi+cI2Pp4YCiv+V
Op2HT8YIEkNZqKWppYffrtc/87Qcktz9TEjwTskq4myawfg9A60WenluynwVBkrg
W1N1+b1e4LJJpnjO84Qj3M3Nwllkpl7Zq4xTMXzEPtGC4R8HbiCyb3ToH5J0qAvJ
7oZj4SCw6SxESnbpqFTP1y37Monuu5xV
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:18:57 2025 by rpki-client