Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4RKif-sVDnQcBzYwPxTkoab85KM.roa
File: 4RKif-sVDnQcBzYwPxTkoab85KM.roa (raw, json)
Hash identifier: SrOlgyMeJ89vYHgpHfX8GmpEUx/qSwc8CkZHX0V14Kg=
Subject key identifier: E1:12:A2:7F:EB:15:0E:74:1C:07:36:30:3F:14:E4:A1:A6:FC:E4:A3
Certificate issuer: /CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Certificate serial: 0197A09E61809C6D4E0E8AF7120DF8AF178C
Authority key identifier: 7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4RKif-sVDnQcBzYwPxTkoab85KM.roa
Signing time: Tue 24 Jun 2025 06:27:03 +0000
ROA not before: Tue 24 Jun 2025 06:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60501
IP address blocks: 46.30.216.0/24 maxlen: 24
185.30.64.0/22 maxlen: 22
185.109.24.0/22 maxlen: 22
185.109.24.0/24 maxlen: 24
185.109.25.0/24 maxlen: 24
185.109.26.0/24 maxlen: 24
185.109.27.0/24 maxlen: 24
185.187.62.0/24 maxlen: 24
185.253.53.0/24 maxlen: 24
193.43.208.0/24 maxlen: 24
194.156.180.0/22 maxlen: 22
2a00:ae20::/32 maxlen: 32
2a04:f440::/29 maxlen: 29
2a06:4dc0::/29 maxlen: 29
2a0d:cc0::/29 maxlen: 29
2a0f:ccc0::/29 maxlen: 29
2a10:b740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/exSNtC-Q6WRHvX9j7dinzL7qqEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/exSNtC-Q6WRHvX9j7dinzL7qqEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 18:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:9e:61:80:9c:6d:4e:0e:8a:f7:12:0d:f8:af:17:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Validity
Not Before: Jun 24 06:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e112a27feb150e741c0736303f14e4a1a6fce4a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c2:41:f2:9a:d1:0a:96:fb:32:e3:54:dd:2c:
c7:48:b6:8a:65:be:07:ed:d6:b3:da:52:d8:43:bb:
16:b6:0f:b0:72:4c:60:90:4e:6d:26:43:67:b4:05:
74:01:96:79:d2:ca:f3:47:c2:26:56:a7:0b:97:64:
bc:99:ba:b8:97:2f:b8:6e:b0:83:18:88:37:0e:ad:
78:09:8f:cd:8c:58:73:c4:a7:29:ed:15:2f:52:5f:
ed:fc:36:9b:77:38:53:59:cb:da:fc:be:cb:24:67:
e9:4a:6e:2c:57:07:6a:b8:d7:80:e2:39:42:cf:f2:
c1:c8:2a:d1:45:5e:e6:7e:9a:2c:de:ba:01:5a:87:
19:aa:3d:f8:a8:8e:90:fe:96:47:9f:4b:9a:10:70:
7f:7b:53:8b:49:da:e4:1c:b9:9d:6e:04:3b:70:da:
de:e5:f4:5b:e4:dd:a9:75:36:99:74:7c:ea:aa:18:
cb:8d:63:46:66:6d:5d:82:53:4b:ea:81:85:ee:6d:
ba:7d:0a:f3:be:3c:bd:e2:8d:21:9d:4b:30:88:51:
ee:fa:17:d0:5a:44:d6:18:e5:22:fe:58:28:c8:71:
e4:61:1c:24:06:6f:a8:33:54:01:72:b8:94:36:aa:
7a:82:ef:f8:ed:af:de:e2:d4:1b:7d:dd:16:a2:e4:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:12:A2:7F:EB:15:0E:74:1C:07:36:30:3F:14:E4:A1:A6:FC:E4:A3
X509v3 Authority Key Identifier:
keyid:7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4RKif-sVDnQcBzYwPxTkoab85KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/exSNtC-Q6WRHvX9j7dinzL7qqEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.216.0/24
185.30.64.0/22
185.109.24.0/22
185.187.62.0/24
185.253.53.0/24
193.43.208.0/24
194.156.180.0/22
IPv6:
2a00:ae20::/32
2a04:f440::/29
2a06:4dc0::/29
2a0d:cc0::/29
2a0f:ccc0::/29
2a10:b740::/29
Signature Algorithm: sha256WithRSAEncryption
2f:f0:8e:ed:1e:33:45:ae:98:8e:ca:1b:ec:9d:b2:4e:39:92:
49:3d:59:67:84:c2:d2:7d:e1:8f:de:ff:d5:78:1d:16:91:69:
c0:73:fc:de:ce:0a:92:99:4a:34:5c:60:0b:a5:5b:16:e5:49:
84:2a:df:3b:2e:36:ab:9a:03:6f:5a:79:ac:2b:01:0c:99:72:
55:9f:f3:b3:f9:f4:23:bd:dc:4b:48:a1:aa:50:65:e3:a9:04:
9a:0d:29:7c:b2:48:0a:af:4c:54:67:bb:d2:e4:a4:81:3a:ac:
14:e5:2b:9a:22:63:9d:7c:74:96:41:eb:85:34:08:97:d3:af:
b5:a5:00:f4:bd:7f:e1:e1:98:99:7f:9f:c7:08:21:48:e2:5a:
bd:31:0b:85:2a:ac:eb:24:d9:c1:10:36:2c:01:19:e6:64:bf:
ef:f1:70:f2:ef:4c:26:ab:4e:a9:83:1e:33:4c:3d:38:85:7d:
05:41:d9:6c:5f:e3:01:bc:f8:1b:a1:dd:15:88:72:48:b2:04:
30:d7:a7:1a:f1:08:52:cc:cc:ca:1c:d6:c7:f6:61:8a:dc:78:
55:01:18:9d:14:2c:6e:2f:0a:b2:31:a6:2e:6f:92:9d:81:3c:
bf:11:0a:17:fb:fa:66:65:ea:83:c6:e9:95:db:c7:05:78:1a:
99:96:63:58
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZegnmGAnG1ODor3Eg34rxeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMTQ4ZGI0MmY5MGU5NjQ0N2JkN2Y2M2VkZDhhN2NjYmVl
YWE4NDIwHhcNMjUwNjI0MDYyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEyYTI3ZmViMTUwZTc0MWMwNzM2MzAzZjE0ZTRhMWE2ZmNlNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8JB8prRCpb7MuNU3SzHSLaKZb4H
7daz2lLYQ7sWtg+wckxgkE5tJkNntAV0AZZ50srzR8ImVqcLl2S8mbq4ly+4brCD
GIg3Dq14CY/NjFhzxKcp7RUvUl/t/DabdzhTWcva/L7LJGfpSm4sVwdquNeA4jlC
z/LByCrRRV7mfpos3roBWocZqj34qI6Q/pZHn0uaEHB/e1OLSdrkHLmdbgQ7cNre
5fRb5N2pdTaZdHzqqhjLjWNGZm1dglNL6oGF7m26fQrzvjy94o0hnUswiFHu+hfQ
WkTWGOUi/lgoyHHkYRwkBm+oM1QBcriUNqp6gu/47a/e4tQbfd0WouTXjQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOESon/rFQ50HAc2MD8U5KGm/OSjMB8GA1UdIwQY
MBaAFHsUjbQvkOlkR71/Y+3Yp8y+6qhCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQt
ODZkNmMxMzA1MzU3LzEvNFJLaWYtc1ZEblFjQnpZd1B4VGtvYWI4NUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQtODZkNmMxMzA1MzU3
LzEvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQALh7YAwQC
uR5AAwQCuW0YAwQAubs+AwQAuf01AwQAwSvQAwQCwpy0MDAEAgACMCoDBQAqAK4g
AwUDKgT0QAMFAyoGTcADBQMqDQzAAwUDKg/MwAMFAyoQt0AwDQYJKoZIhvcNAQEL
BQADggEBAC/wju0eM0WumI7KG+ydsk45kkk9WWeEwtJ94Y/e/9V4HRaRacBz/N7O
CpKZSjRcYAulWxblSYQq3zsuNquaA29aeawrAQyZclWf87P59CO93EtIoapQZeOp
BJoNKXyySAqvTFRnu9LkpIE6rBTlK5oiY518dJZB64U0CJfTr7WlAPS9f+HhmJl/
n8cIIUjiWr0xC4UqrOsk2cEQNiwBGeZkv+/xcPLvTCarTqmDHjNMPTiFfQVB2Wxf
4wG8+Buh3RWIckiyBDDXpxrxCFLMzMoc1sf2YYrceFUBGJ0ULG4vCrIxpi5vkp2B
PL8RChf7+mZl6oPG6ZXbxwV4GpmWY1g=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:01 2025 by rpki-client