Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/I0tfv2mZoSq2ysFvBwfbBYWY0JA.roa
File: I0tfv2mZoSq2ysFvBwfbBYWY0JA.roa (raw, json)
Hash identifier: yceQ2f4xBd7/pbAxmzYNJmFayAdTupB1EL529XI3SK8=
Subject key identifier: 23:4B:5F:BF:69:99:A1:2A:B6:CA:C1:6F:07:07:DB:05:85:98:D0:90
Certificate issuer: /CN=92c42484d75ad7a427dcf61b5ac9ac56543e9f33
Certificate serial: 0198D1ABF553D2F66C6C7FF8B83FB9CBDFA2
Authority key identifier: 92:C4:24:84:D7:5A:D7:A4:27:DC:F6:1B:5A:C9:AC:56:54:3E:9F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ksQkhNda16Qn3PYbWsmsVlQ-nzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/I0tfv2mZoSq2ysFvBwfbBYWY0JA.roa
Signing time: Fri 22 Aug 2025 12:06:04 +0000
ROA not before: Fri 22 Aug 2025 12:06:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39271
IP address blocks: 46.19.128.0/21 maxlen: 24
46.19.135.0/24 maxlen: 24
87.238.144.0/21 maxlen: 24
87.238.151.0/24 maxlen: 24
185.186.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/ksQkhNda16Qn3PYbWsmsVlQ-nzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/ksQkhNda16Qn3PYbWsmsVlQ-nzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ksQkhNda16Qn3PYbWsmsVlQ-nzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:ab:f5:53:d2:f6:6c:6c:7f:f8:b8:3f:b9:cb:df:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92c42484d75ad7a427dcf61b5ac9ac56543e9f33
Validity
Not Before: Aug 22 12:06:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=234b5fbf6999a12ab6cac16f0707db058598d090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:a9:53:f4:5e:26:64:ef:4a:c9:a5:f4:c2:
48:00:60:aa:9e:9e:97:c3:3d:69:81:db:17:79:72:
ba:ff:12:3c:6d:47:e8:a4:64:67:b1:b6:cd:77:37:
7c:1f:58:46:f3:16:0e:f8:17:58:17:3a:d6:4b:ee:
16:db:63:0a:b7:bf:3e:34:1e:ec:88:75:3c:05:16:
3f:fb:15:44:05:d8:68:99:54:87:b8:4e:f7:b2:cd:
f9:dd:64:36:87:53:e0:a7:0e:7f:bd:dd:77:b1:ce:
3f:cf:d8:27:71:d5:61:62:7d:21:44:6b:28:6a:57:
28:e8:c2:f1:58:b4:8c:7d:ef:ba:c8:34:b4:16:e4:
58:f7:7e:b2:70:bf:34:02:9b:23:9b:0c:e4:fd:a0:
4c:78:1d:b5:5a:95:a2:af:03:22:2b:0d:40:92:ad:
c2:13:af:b5:e0:e8:9f:9f:09:f8:8f:ca:a9:85:f7:
a4:ee:c6:ae:fa:13:d5:6f:4a:f5:ad:d4:36:32:29:
b1:07:b0:fc:a2:9a:38:79:4c:b0:fb:e2:77:34:d8:
f8:8e:7f:d4:21:68:8c:15:1a:c4:2d:12:df:db:f9:
03:a3:f4:5a:40:32:e4:89:bb:71:e1:92:34:f9:34:
bc:ae:59:bc:f8:0b:8e:5f:13:43:30:1b:ef:dc:57:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4B:5F:BF:69:99:A1:2A:B6:CA:C1:6F:07:07:DB:05:85:98:D0:90
X509v3 Authority Key Identifier:
keyid:92:C4:24:84:D7:5A:D7:A4:27:DC:F6:1B:5A:C9:AC:56:54:3E:9F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksQkhNda16Qn3PYbWsmsVlQ-nzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/I0tfv2mZoSq2ysFvBwfbBYWY0JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b92d0d-36f1-46f6-a661-292fead12d59/1/ksQkhNda16Qn3PYbWsmsVlQ-nzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.128.0/21
87.238.144.0/21
185.186.72.0/22
Signature Algorithm: sha256WithRSAEncryption
07:29:b4:a4:e4:6b:28:8d:20:03:93:f1:c9:4a:06:26:6f:37:
b5:04:70:ef:19:4b:9e:e6:79:63:99:04:04:2c:e0:ea:43:43:
82:92:c9:6c:2a:71:02:92:b0:84:fd:b3:5c:3c:61:bb:7f:8e:
7d:5b:b0:93:fc:ac:25:90:9a:2b:1d:d8:ce:1e:19:6a:f3:d9:
1f:52:76:38:cf:73:b2:da:2b:fa:7e:36:b5:dd:8e:98:bf:b6:
e8:6b:89:9f:ae:48:05:13:ff:18:4b:8d:68:b9:29:8d:e9:fb:
fe:91:db:a1:69:ae:b1:9f:d0:cd:79:76:85:85:1c:a3:39:96:
fe:6f:bb:e1:7c:a6:9c:ef:70:9b:8f:04:56:8d:b6:0a:b8:e2:
5a:97:43:31:10:67:48:b0:63:07:65:b0:ce:01:ba:b0:0a:c4:
36:18:c9:5b:8d:af:da:c3:7e:89:50:76:22:3b:01:46:7e:59:
b1:c8:59:a1:56:44:03:f7:f5:35:76:3f:34:52:b6:28:1f:fe:
c5:0e:5e:a5:53:1b:1f:29:68:e8:d7:1b:d6:aa:a7:64:90:0a:
62:bd:92:f1:61:f4:7e:f6:08:50:0d:0e:7f:15:e6:25:d3:6f:
8a:b5:9b:3a:63:56:cc:d2:f6:f9:0f:1e:50:f0:fb:c3:6f:e2:
a9:80:70:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjRq/VT0vZsbH/4uD+5y9+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYzQyNDg0ZDc1YWQ3YTQyN2RjZjYxYjVhYzlhYzU2NTQz
ZTlmMzMwHhcNMjUwODIyMTIwNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRiNWZiZjY5OTlhMTJhYjZjYWMxNmYwNzA3ZGIwNTg1OThkMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMapU/ReJmTvSsml9MJIAGCqnp6X
wz1pgdsXeXK6/xI8bUfopGRnsbbNdzd8H1hG8xYO+BdYFzrWS+4W22MKt78+NB7s
iHU8BRY/+xVEBdhomVSHuE73ss353WQ2h1Pgpw5/vd13sc4/z9gncdVhYn0hRGso
alco6MLxWLSMfe+6yDS0FuRY936ycL80Apsjmwzk/aBMeB21WpWirwMiKw1Akq3C
E6+14Oifnwn4j8qphfek7sau+hPVb0r1rdQ2MimxB7D8opo4eUyw++J3NNj4jn/U
IWiMFRrELRLf2/kDo/RaQDLkibtx4ZI0+TS8rlm8+AuOXxNDMBvv3FfAiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCNLX79pmaEqtsrBbwcH2wWFmNCQMB8GA1UdIwQY
MBaAFJLEJITXWtekJ9z2G1rJrFZUPp8zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NRa2hOZGExNlFuM1BZYldzbXNWbFEtbnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iOTJkMGQtMzZmMS00NmY2LWE2NjEt
MjkyZmVhZDEyZDU5LzEvSTB0ZnYybVpvU3EyeXNGdkJ3ZmJCWVdZMEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iOTJkMGQtMzZmMS00NmY2LWE2NjEtMjkyZmVhZDEyZDU5
LzEva3NRa2hOZGExNlFuM1BZYldzbXNWbFEtbnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLhOAAwQD
V+6QAwQCubpIMA0GCSqGSIb3DQEBCwUAA4IBAQAHKbSk5GsojSADk/HJSgYmbze1
BHDvGUue5nljmQQELODqQ0OCkslsKnECkrCE/bNcPGG7f459W7CT/KwlkJorHdjO
Hhlq89kfUnY4z3Oy2iv6fja13Y6Yv7boa4mfrkgFE/8YS41ouSmN6fv+kduhaa6x
n9DNeXaFhRyjOZb+b7vhfKac73CbjwRWjbYKuOJal0MxEGdIsGMHZbDOAbqwCsQ2
GMlbja/aw36JUHYiOwFGflmxyFmhVkQD9/U1dj80UrYoH/7FDl6lUxsfKWjo1xvW
qqdkkApivZLxYfR+9ghQDQ5/FeYl02+KtZs6Y1bM0vb5Dx5Q8PvDb+KpgHAD
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:00:36 2025 by rpki-client