Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/IZW8Cqwr_D-Po8j-rY2wg4gV9R4.roa
File: IZW8Cqwr_D-Po8j-rY2wg4gV9R4.roa (raw, json)
Hash identifier: faXsZmEmW7RzlcMaOmIqHP7qeNNDTUksCHYYQluTIl0=
Subject key identifier: 21:95:BC:0A:AC:2B:FC:3F:8F:A3:C8:FE:AD:8D:B0:83:88:15:F5:1E
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01977E51C60E4B07426E439ECF17EC469099
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/IZW8Cqwr_D-Po8j-rY2wg4gV9R4.roa
Signing time: Tue 17 Jun 2025 14:36:17 +0000
ROA not before: Tue 17 Jun 2025 14:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2.59.219.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.148.244.0/24 maxlen: 24
78.40.116.0/24 maxlen: 24
78.40.117.0/24 maxlen: 24
93.185.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:51:c6:0e:4b:07:42:6e:43:9e:cf:17:ec:46:90:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 17 14:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2195bc0aac2bfc3f8fa3c8fead8db0838815f51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:48:51:52:fe:f8:04:c9:1c:63:c9:c7:67:
85:41:20:54:32:5b:5f:da:b2:0c:49:ad:3f:8d:6e:
ac:4d:62:ed:5e:24:9e:73:c2:b7:59:6e:60:66:a2:
5e:a2:13:1f:ff:1f:34:54:2c:c3:3b:7a:ed:79:5b:
2f:65:bf:4b:71:33:60:f9:f4:25:bf:b9:62:9b:52:
ba:27:95:92:d5:6a:b0:ce:1c:d2:c4:19:bf:de:a7:
76:a8:8c:7b:aa:19:21:6d:03:20:df:0f:65:35:0b:
72:4f:2b:81:15:6d:a0:5a:72:f6:41:1a:f9:73:ce:
b7:dc:7c:6c:63:38:55:fc:f9:e6:f9:6c:19:5a:5a:
11:fd:80:99:2f:5d:74:5b:2d:5f:54:13:6d:06:23:
fe:56:6f:6e:36:46:de:98:be:f9:6c:b8:4b:f4:5d:
e8:22:86:24:e0:b0:0b:cd:3f:6b:31:3d:40:6e:95:
38:e7:ae:12:d5:f4:43:cb:ff:91:0e:bc:45:3f:92:
3a:87:12:c7:9c:bf:0f:91:6e:63:10:62:ce:eb:20:
77:04:f7:56:c5:10:29:94:a5:e6:3e:ba:66:7f:68:
7a:b1:1d:55:78:59:12:fc:a5:9b:b2:e2:93:f5:3f:
21:fc:ca:a1:0c:22:0c:f8:af:b3:b0:d0:bb:ac:9e:
87:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:95:BC:0A:AC:2B:FC:3F:8F:A3:C8:FE:AD:8D:B0:83:88:15:F5:1E
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/IZW8Cqwr_D-Po8j-rY2wg4gV9R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.219.0/24
45.93.8.0/23
45.148.244.0/24
78.40.116.0/23
93.185.167.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:82:3d:d6:a3:79:6f:b4:15:a9:04:04:f6:e8:1a:8d:c0:c7:
fb:16:b6:f9:20:07:04:9d:ed:7b:6c:81:a7:16:e6:52:bb:85:
e2:cb:d6:e7:b4:e5:6c:41:e2:da:bc:68:01:f4:f3:8d:70:e6:
89:21:c2:b7:96:6d:e2:18:86:18:cd:41:55:8a:ba:ac:56:14:
92:97:28:4c:df:4e:26:41:06:79:2c:2c:ed:66:03:28:11:43:
94:c3:b5:49:62:76:c9:f8:7f:22:62:8b:5d:d3:f2:e2:b1:6e:
f7:1b:0e:73:e8:27:35:35:70:5e:da:e1:9d:24:a7:bd:6f:c2:
24:82:5d:e6:ff:50:6f:93:8d:08:87:02:31:5a:46:b6:e6:ab:
89:f7:32:ce:44:86:37:c7:4e:9e:ed:2c:c5:93:fb:4b:7d:c7:
1e:31:d8:6b:68:3b:90:b7:cf:71:bb:a2:a6:77:30:2b:41:b5:
fb:4c:a3:66:a1:86:c9:48:6a:9a:b9:21:af:fd:e0:90:82:e0:
c8:bf:8e:85:d4:c2:9f:ef:c4:2f:38:c4:6a:4d:f3:c9:16:e3:
f3:b9:61:ae:da:e8:6f:e0:c0:7a:4b:0f:61:19:b5:ea:cd:b7:
4f:72:33:a5:db:1f:8f:6d:20:2d:33:d8:24:e4:ba:62:0f:d5:
b5:35:30:eb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZd+UcYOSwdCbkOezxfsRpCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNjE3MTQzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk1YmMwYWFjMmJmYzNmOGZhM2M4ZmVhZDhkYjA4Mzg4MTVmNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZIUVL++ATJHGPJx2eFQSBUMltf
2rIMSa0/jW6sTWLtXiSec8K3WW5gZqJeohMf/x80VCzDO3rteVsvZb9LcTNg+fQl
v7lim1K6J5WS1WqwzhzSxBm/3qd2qIx7qhkhbQMg3w9lNQtyTyuBFW2gWnL2QRr5
c8633HxsYzhV/Pnm+WwZWloR/YCZL110Wy1fVBNtBiP+Vm9uNkbemL75bLhL9F3o
IoYk4LALzT9rMT1AbpU4564S1fRDy/+RDrxFP5I6hxLHnL8PkW5jEGLO6yB3BPdW
xRAplKXmPrpmf2h6sR1VeFkS/KWbsuKT9T8h/MqhDCIM+K+zsNC7rJ6HtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCGVvAqsK/w/j6PI/q2NsIOIFfUeMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvSVpXOENxd3JfRC1QbzhqLXJZMndnNGdWOVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjvbAwQB
LV0IAwQALZT0AwQBTih0AwQAXbmnMA0GCSqGSIb3DQEBCwUAA4IBAQCrgj3Wo3lv
tBWpBAT26BqNwMf7Frb5IAcEne17bIGnFuZSu4Xiy9bntOVsQeLavGgB9PONcOaJ
IcK3lm3iGIYYzUFVirqsVhSSlyhM304mQQZ5LCztZgMoEUOUw7VJYnbJ+H8iYotd
0/LisW73Gw5z6Cc1NXBe2uGdJKe9b8Ikgl3m/1Bvk40IhwIxWka25quJ9zLORIY3
x06e7SzFk/tLfcceMdhraDuQt89xu6KmdzArQbX7TKNmoYbJSGqauSGv/eCQguDI
v46F1MKf78QvOMRqTfPJFuPzuWGu2uhv4MB6Sw9hGbXqzbdPcjOl2x+PbSAtM9gk
5LpiD9W1NTDr
-----END CERTIFICATE-----
Generated at Sun Jun 29 10:23:42 2025 by rpki-client