Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/45YgABqwBFtsKoNWzGWjzGlQmXY.roa
File: 45YgABqwBFtsKoNWzGWjzGlQmXY.roa (raw, json)
Hash identifier: 69CrJ34LHz68GqkpdbfhPTn+j85A3e/17oJ0+upnAuw=
Subject key identifier: E3:96:20:00:1A:B0:04:5B:6C:2A:83:56:CC:65:A3:CC:69:50:99:76
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 0199A8FE016E1D5C1ACB5D6BC729F8A72A4B
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/45YgABqwBFtsKoNWzGWjzGlQmXY.roa
Signing time: Fri 03 Oct 2025 07:34:02 +0000
ROA not before: Fri 03 Oct 2025 07:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200020
IP address blocks: 194.180.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a8:fe:01:6e:1d:5c:1a:cb:5d:6b:c7:29:f8:a7:2a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Oct 3 07:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e39620001ab0045b6c2a8356cc65a3cc69509976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:81:fa:ea:ab:8d:b9:04:d7:b8:0d:26:a7:b9:
63:5e:33:11:10:94:16:6e:4c:54:07:a8:a4:ad:0f:
f3:6d:4f:7c:c5:3d:27:2d:85:52:84:df:ee:cb:51:
23:e9:50:60:e9:91:30:f9:0e:5d:69:78:a4:7e:93:
e5:5d:3e:94:83:14:71:0a:8c:17:33:9c:88:11:8f:
ee:45:da:3d:31:24:1a:7f:d6:7f:86:50:97:b5:83:
21:01:0d:af:7c:b4:37:6d:89:42:a3:00:6b:68:53:
57:99:7f:a2:32:ac:15:7a:2d:97:29:98:41:17:43:
4a:88:5c:e4:6c:e0:81:4a:71:5b:b4:f2:ab:d0:25:
fb:21:7f:cf:ea:bd:79:4d:5f:5d:83:e0:18:7e:37:
4c:28:32:3b:5a:dd:6b:f0:7c:9a:0c:38:19:df:c4:
ef:35:2c:81:b5:70:dc:71:24:d5:27:1b:ae:0d:c4:
b6:84:f6:8b:02:d5:ae:71:c0:87:f7:c9:e3:36:f3:
6c:73:7b:64:63:a4:0f:5e:e4:d4:f9:ea:18:c5:99:
94:d9:ca:38:8d:90:db:33:6f:b7:83:83:89:6a:b0:
a0:ab:35:5a:fa:68:d2:30:1f:d9:59:5d:6d:ae:e3:
bb:c1:00:e1:3f:05:1e:a3:14:93:9d:d8:c2:9e:4b:
10:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:96:20:00:1A:B0:04:5B:6C:2A:83:56:CC:65:A3:CC:69:50:99:76
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/45YgABqwBFtsKoNWzGWjzGlQmXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.216.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6d:6c:99:0b:ba:cb:61:b4:bf:eb:66:a8:b0:51:4d:f5:ba:
75:2d:0b:a8:9c:e8:6e:72:07:4c:1b:81:71:d6:23:c8:c1:d4:
6e:22:8d:84:b0:7c:ee:c4:46:bc:72:04:75:3d:5e:0a:db:01:
a2:a2:0e:1d:02:7c:20:59:dd:30:f4:fd:06:98:12:22:95:39:
03:d8:77:d5:5f:1e:c9:c7:24:af:d3:3d:1b:5c:80:91:53:51:
1f:47:47:97:e3:56:36:e7:24:e3:6f:ef:ad:f0:3a:48:20:2d:
d5:ad:86:22:b5:2f:04:9a:3a:a9:32:73:30:c4:8f:2d:e2:c7:
88:ff:31:ac:fa:a8:72:c3:65:7c:cd:80:b2:52:7f:1d:ba:78:
e3:8c:ef:19:28:38:b1:72:fe:8c:e9:92:98:bb:58:20:02:cf:
8b:2d:2c:54:b9:88:fa:af:c7:37:53:65:40:79:f2:5d:cf:89:
16:1b:cf:ab:78:f0:6e:97:28:dc:01:f6:13:33:9b:da:c4:76:
8e:6d:e7:9b:0e:3e:a0:33:cc:ee:e7:cc:56:f4:1f:44:9b:49:
a1:ab:00:65:6d:69:d2:a7:55:02:b4:cb:d5:0a:6f:c3:da:5f:
b3:48:0d:15:fc:43:2a:35:fd:0f:63:71:04:3c:d8:21:fa:06:
8f:2e:11:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmo/gFuHVway11rxyn4pypLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjUxMDAzMDczNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk2MjAwMDFhYjAwNDViNmMyYTgzNTZjYzY1YTNjYzY5NTA5OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04H66quNuQTXuA0mp7ljXjMREJQW
bkxUB6ikrQ/zbU98xT0nLYVShN/uy1Ej6VBg6ZEw+Q5daXikfpPlXT6UgxRxCowX
M5yIEY/uRdo9MSQaf9Z/hlCXtYMhAQ2vfLQ3bYlCowBraFNXmX+iMqwVei2XKZhB
F0NKiFzkbOCBSnFbtPKr0CX7IX/P6r15TV9dg+AYfjdMKDI7Wt1r8HyaDDgZ38Tv
NSyBtXDccSTVJxuuDcS2hPaLAtWuccCH98njNvNsc3tkY6QPXuTU+eoYxZmU2co4
jZDbM2+3g4OJarCgqzVa+mjSMB/ZWV1truO7wQDhPwUeoxSTndjCnksQ4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOWIAAasARbbCqDVsxlo8xpUJl2MB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvNDVZZ0FCcXdCRnRzS29OV3pHV2p6R2xRbVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrTYMA0G
CSqGSIb3DQEBCwUAA4IBAQACbWyZC7rLYbS/62aosFFN9bp1LQuonOhucgdMG4Fx
1iPIwdRuIo2EsHzuxEa8cgR1PV4K2wGiog4dAnwgWd0w9P0GmBIilTkD2HfVXx7J
xySv0z0bXICRU1EfR0eX41Y25yTjb++t8DpIIC3VrYYitS8EmjqpMnMwxI8t4seI
/zGs+qhyw2V8zYCyUn8dunjjjO8ZKDixcv6M6ZKYu1ggAs+LLSxUuYj6r8c3U2VA
efJdz4kWG8+rePBulyjcAfYTM5vaxHaObeebDj6gM8zu58xW9B9Em0mhqwBlbWnS
p1UCtMvVCm/D2l+zSA0V/EMqNf0PY3EEPNgh+gaPLhF3
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:53:09 2025 by rpki-client