Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9GniWazVWYzK1483J_RPiPc6Ihw.roa
File: 9GniWazVWYzK1483J_RPiPc6Ihw.roa (raw, json)
Hash identifier: ufW8N3Ky0keBE1rnscVTCzonoSNBNarU5CSgW0oGOsg=
Subject key identifier: F4:69:E2:59:AC:D5:59:8C:CA:D7:8F:37:27:F4:4F:88:F7:3A:22:1C
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01989E866667B700D2F196355AF2DEF5A050
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9GniWazVWYzK1483J_RPiPc6Ihw.roa
Signing time: Tue 12 Aug 2025 13:44:24 +0000
ROA not before: Tue 12 Aug 2025 13:44:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.144.197.0/24 maxlen: 24
46.244.18.0/23 maxlen: 24
46.244.97.0/24 maxlen: 24
46.244.108.0/23 maxlen: 24
46.244.110.0/24 maxlen: 24
46.244.114.0/23 maxlen: 24
92.240.144.0/22 maxlen: 24
92.240.149.0/24 maxlen: 24
92.240.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:86:66:67:b7:00:d2:f1:96:35:5a:f2:de:f5:a0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 12 13:44:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f469e259acd5598ccad78f3727f44f88f73a221c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:5f:89:25:97:51:8d:fa:e6:16:8a:f6:42:9b:
2e:29:a2:49:ac:c3:5b:ad:15:46:aa:a3:dc:74:18:
ac:fb:14:cc:81:5c:02:33:e5:96:7d:45:04:e0:26:
6e:a7:fb:b2:aa:92:3a:7c:e5:3d:db:75:c3:ed:a5:
af:de:e6:5a:1e:4d:fb:ea:9e:d8:5f:65:56:37:bb:
2e:d0:c5:04:26:0f:48:cb:3d:6d:24:14:de:f5:0d:
4d:f6:8c:8a:83:f6:74:0b:74:65:d4:58:3a:2a:01:
d5:36:c7:32:1a:b8:08:56:8d:c2:6a:35:45:ba:b4:
83:62:d2:bf:2e:e6:9e:c9:aa:3c:95:75:24:a3:bd:
ee:43:dc:f7:bd:8f:9f:c3:e6:93:50:94:c0:28:79:
e6:93:2b:07:7d:70:7c:bb:1a:f1:a4:b9:5a:63:ec:
40:4e:9e:ef:6d:8e:73:37:1a:89:3c:66:c4:eb:6f:
8d:51:e6:4a:62:59:07:12:bd:f0:60:4c:b2:a8:a9:
58:9b:5c:39:5d:4c:47:54:ae:e9:25:1a:01:62:54:
60:87:a4:d8:49:cb:ff:43:d2:25:22:c9:80:7b:2e:
2c:c0:d4:f9:00:84:03:03:dc:ba:23:3c:cf:c6:46:
90:cf:c2:33:06:3b:ad:05:34:54:72:44:c0:c3:81:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:69:E2:59:AC:D5:59:8C:CA:D7:8F:37:27:F4:4F:88:F7:3A:22:1C
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9GniWazVWYzK1483J_RPiPc6Ihw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.197.0/24
46.244.18.0/23
46.244.97.0/24
46.244.108.0-46.244.110.255
46.244.114.0/23
92.240.144.0/22
92.240.149.0/24
92.240.151.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:37:68:fe:f8:9b:49:9e:31:83:02:fd:9d:87:60:66:2e:79:
e5:b2:a0:0a:8b:54:06:77:af:41:c7:8c:8a:49:48:7e:05:ba:
7c:43:81:14:42:ac:89:90:94:27:9e:df:3e:6a:08:49:3a:79:
a8:8b:e5:1c:4e:a9:53:d3:90:72:07:e9:e2:71:23:78:06:da:
77:e7:6d:ad:7f:a1:93:b5:7c:99:33:d8:c0:71:79:56:0d:c5:
fd:a7:92:04:2f:a4:12:01:a3:dd:47:cf:7b:36:d3:23:af:89:
72:52:4a:41:f9:63:7b:e0:ff:c4:dd:37:cd:5c:d9:3b:2c:45:
12:23:aa:9e:a3:46:dc:1a:91:1b:50:72:47:fd:6a:88:89:80:
18:25:3d:f5:e9:5d:bb:87:ba:73:65:ec:d9:73:21:a1:cf:42:
71:1d:7b:54:1f:60:64:45:93:dd:47:94:98:76:45:fb:b5:11:
be:b4:23:b7:9d:26:90:2f:56:25:32:ff:fd:3e:ff:eb:32:03:
ba:62:c5:57:18:5f:a2:19:0d:74:8e:ae:3a:90:0e:b2:24:6c:
77:4d:0b:2c:00:e4:04:54:fe:e7:56:2c:d0:a1:98:02:4f:0a:
30:b9:0a:ba:ce:ca:53:f9:a4:e0:5f:27:a1:23:e9:a6:25:e0:
0f:ad:92:e2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZiehmZntwDS8ZY1WvLe9aBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwODEyMTM0NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY5ZTI1OWFjZDU1OThjY2FkNzhmMzcyN2Y0NGY4OGY3M2EyMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7l+JJZdRjfrmFor2QpsuKaJJrMNb
rRVGqqPcdBis+xTMgVwCM+WWfUUE4CZup/uyqpI6fOU923XD7aWv3uZaHk376p7Y
X2VWN7su0MUEJg9Iyz1tJBTe9Q1N9oyKg/Z0C3Rl1Fg6KgHVNscyGrgIVo3CajVF
urSDYtK/Luaeyao8lXUko73uQ9z3vY+fw+aTUJTAKHnmkysHfXB8uxrxpLlaY+xA
Tp7vbY5zNxqJPGbE62+NUeZKYlkHEr3wYEyyqKlYm1w5XUxHVK7pJRoBYlRgh6TY
Scv/Q9IlIsmAey4swNT5AIQDA9y6IzzPxkaQz8IzBjutBTRUckTAw4EgfQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPRp4lms1VmMytePNyf0T4j3OiIcMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOUduaVdhelZXWXpLMTQ4M0pfUlBpUGM2SWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZDFAwQB
LvQSAwQALvRhMAwDBAIu9GwDBAAu9G4DBAEu9HIDBAJc8JADBABc8JUDBABc8Jcw
DQYJKoZIhvcNAQELBQADggEBAEw3aP74m0meMYMC/Z2HYGYueeWyoAqLVAZ3r0HH
jIpJSH4FunxDgRRCrImQlCee3z5qCEk6eaiL5RxOqVPTkHIH6eJxI3gG2nfnba1/
oZO1fJkz2MBxeVYNxf2nkgQvpBIBo91Hz3s20yOviXJSSkH5Y3vg/8TdN81c2Tss
RRIjqp6jRtwakRtQckf9aoiJgBglPfXpXbuHunNl7NlzIaHPQnEde1QfYGRFk91H
lJh2Rfu1Eb60I7edJpAvViUy//0+/+syA7pixVcYX6IZDXSOrjqQDrIkbHdNCywA
5ARU/udWLNChmAJPCjC5CrrOylP5pOBfJ6Ej6aYl4A+tkuI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:31:19 2025 by rpki-client