Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/T76XHEYKPxvXgzVhYoIpXxSuwwA.roa
File: T76XHEYKPxvXgzVhYoIpXxSuwwA.roa (raw, json)
Hash identifier: gIybCKbgfywSTgVeKeQdR2l0hkSxZKXJNGi8hE3axtM=
Subject key identifier: 4F:BE:97:1C:46:0A:3F:1B:D7:83:35:61:62:82:29:5F:14:AE:C3:00
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0198C10AC1C8D55B687714E6DF9697079CD5
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/T76XHEYKPxvXgzVhYoIpXxSuwwA.roa
Signing time: Tue 19 Aug 2025 06:36:04 +0000
ROA not before: Tue 19 Aug 2025 06:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.11.52.0/24 maxlen: 24
45.11.53.0/24 maxlen: 24
45.11.54.0/23 maxlen: 24
45.11.176.0/24 maxlen: 24
45.11.177.0/24 maxlen: 24
45.11.178.0/23 maxlen: 24
45.13.108.0/24 maxlen: 24
45.13.109.0/24 maxlen: 24
45.13.110.0/23 maxlen: 24
45.14.216.0/24 maxlen: 24
45.14.217.0/24 maxlen: 24
45.14.218.0/23 maxlen: 24
45.91.117.0/24 maxlen: 24
45.133.140.0/24 maxlen: 24
45.133.142.0/24 maxlen: 24
91.212.20.0/24 maxlen: 24
91.212.27.0/24 maxlen: 24
193.39.246.0/24 maxlen: 24
195.80.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:0a:c1:c8:d5:5b:68:77:14:e6:df:96:97:07:9c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Aug 19 06:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fbe971c460a3f1bd78335616282295f14aec300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:01:14:d9:c3:c5:35:cd:f9:bb:18:0a:a7:2b:
f8:cc:03:30:32:6c:30:42:ed:44:99:47:9e:38:fa:
65:d1:b5:27:a7:74:77:83:d7:d9:44:21:4f:83:17:
a8:ee:7d:b2:8d:c0:ba:f6:b1:52:e3:dd:93:16:1f:
d9:96:64:b9:33:bd:80:d4:eb:67:14:84:a0:4e:6a:
cd:4f:31:a0:39:62:9c:4a:87:00:26:8f:16:03:7d:
f6:e2:1d:62:82:fc:68:4b:7b:7a:61:f0:a0:98:d0:
9d:76:25:00:39:39:4e:60:23:56:0c:dc:2d:17:37:
0d:d6:b6:6d:e3:d6:19:a2:68:9c:c0:7d:54:d1:1b:
fa:26:f3:e8:be:19:87:18:0f:47:ca:77:ee:93:62:
a9:54:c9:54:92:0f:fb:34:e4:fc:8a:12:ca:10:95:
eb:ac:09:3e:f0:a2:f3:90:e0:5b:cb:d9:fc:6b:bb:
7c:10:02:00:f5:87:cc:fc:a5:3a:77:44:5b:68:e4:
fc:9a:bf:15:73:7a:4b:d2:c5:11:69:5f:93:d1:49:
39:06:43:0e:1d:79:5d:6d:86:f2:1a:0f:5c:1b:56:
b8:41:e8:fb:d4:d2:6c:b0:34:d9:58:24:48:97:29:
a4:03:34:b3:c3:4c:61:8d:25:43:0f:64:fc:49:af:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BE:97:1C:46:0A:3F:1B:D7:83:35:61:62:82:29:5F:14:AE:C3:00
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/T76XHEYKPxvXgzVhYoIpXxSuwwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.52.0/22
45.11.176.0/22
45.13.108.0/22
45.14.216.0/22
45.91.117.0/24
45.133.140.0/24
45.133.142.0/24
91.212.20.0/24
91.212.27.0/24
193.39.246.0/24
195.80.230.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:c3:af:11:fe:77:08:13:ba:66:40:9c:cd:ab:88:aa:70:77:
19:67:79:ad:39:33:8a:86:50:49:d0:62:57:f1:47:b1:5c:b0:
eb:d6:fe:1e:06:7e:5b:3d:71:99:26:f7:b0:ab:71:cd:dc:30:
5b:3d:3c:ef:69:05:c4:63:e1:91:c4:97:56:b1:32:e6:18:cd:
37:d5:be:ab:9c:d3:41:71:57:4b:c8:82:a5:13:df:ef:0e:d1:
52:ea:cf:3d:14:2a:88:30:f2:66:3c:89:3b:d2:52:7c:a8:0a:
7f:2c:8f:36:08:b8:5f:62:08:50:8e:bd:a0:bb:40:43:32:d8:
df:07:69:9b:4f:f1:68:22:f1:80:f7:15:1d:93:dd:9b:50:09:
4b:ec:08:ae:f7:10:35:e8:b8:4e:68:8c:23:1a:bf:2d:38:aa:
03:40:0b:9e:bd:83:6a:bd:df:35:c6:29:53:85:42:16:92:88:
2a:d0:b0:1f:76:52:1e:94:e3:97:56:7b:f5:64:5a:e3:48:be:
06:58:e3:da:bf:5a:21:9a:74:2b:36:8b:9e:77:99:c6:05:94:
9b:6c:10:b4:9d:1a:d2:91:9b:1b:93:e8:d0:3d:62:81:c2:51:
40:54:6d:00:8e:f0:c8:dc:f0:25:c8:10:17:e2:b5:80:db:01:
e7:86:58:e9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZjBCsHI1VtodxTm35aXB5zVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwODE5MDYzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJlOTcxYzQ2MGEzZjFiZDc4MzM1NjE2MjgyMjk1ZjE0YWVjMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQEU2cPFNc35uxgKpyv4zAMwMmww
Qu1EmUeeOPpl0bUnp3R3g9fZRCFPgxeo7n2yjcC69rFS492TFh/ZlmS5M72A1Otn
FISgTmrNTzGgOWKcSocAJo8WA3324h1igvxoS3t6YfCgmNCddiUAOTlOYCNWDNwt
FzcN1rZt49YZomicwH1U0Rv6JvPovhmHGA9Hynfuk2KpVMlUkg/7NOT8ihLKEJXr
rAk+8KLzkOBby9n8a7t8EAIA9YfM/KU6d0RbaOT8mr8Vc3pL0sURaV+T0Uk5BkMO
HXldbYbyGg9cG1a4Qej71NJssDTZWCRIlymkAzSzw0xhjSVDD2T8Sa/r2wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE++lxxGCj8b14M1YWKCKV8UrsMAMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvVDc2WEhFWUtQeHZYZ3pWaFlvSXBYeFN1d3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQs0AwQC
LQuwAwQCLQ1sAwQCLQ7YAwQALVt1AwQALYWMAwQALYWOAwQAW9QUAwQAW9QbAwQA
wSf2AwQBw1DmMA0GCSqGSIb3DQEBCwUAA4IBAQBcw68R/ncIE7pmQJzNq4iqcHcZ
Z3mtOTOKhlBJ0GJX8UexXLDr1v4eBn5bPXGZJvewq3HN3DBbPTzvaQXEY+GRxJdW
sTLmGM031b6rnNNBcVdLyIKlE9/vDtFS6s89FCqIMPJmPIk70lJ8qAp/LI82CLhf
YghQjr2gu0BDMtjfB2mbT/FoIvGA9xUdk92bUAlL7Aiu9xA16LhOaIwjGr8tOKoD
QAuevYNqvd81xilThUIWkogq0LAfdlIelOOXVnv1ZFrjSL4GWOPav1ohmnQrNoue
d5nGBZSbbBC0nRrSkZsbk+jQPWKBwlFAVG0AjvDI3PAlyBAX4rWA2wHnhljp
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:25:46 2025 by rpki-client