Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/iV5FZuMGLlixAMw0jkwzk7P8BYc.roa
File: iV5FZuMGLlixAMw0jkwzk7P8BYc.roa (raw, json)
Hash identifier: C9ucIF2yO9TSTl7qwXNqjkxkNJQX9XDq0UvZWNrPjQU=
Subject key identifier: 89:5E:45:66:E3:06:2E:58:B1:00:CC:34:8E:4C:33:93:B3:FC:05:87
Certificate issuer: /CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Certificate serial: 019884ADE0EDD24FC23425E1EF5DB9554323
Authority key identifier: A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/iV5FZuMGLlixAMw0jkwzk7P8BYc.roa
Signing time: Thu 07 Aug 2025 13:17:24 +0000
ROA not before: Thu 07 Aug 2025 13:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 46.235.14.0/24 maxlen: 24
178.210.180.0/24 maxlen: 24
217.70.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:ad:e0:ed:d2:4f:c2:34:25:e1:ef:5d:b9:55:43:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Validity
Not Before: Aug 7 13:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=895e4566e3062e58b100cc348e4c3393b3fc0587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:ab:b8:16:15:1b:9d:d7:cd:83:ed:0a:6f:
96:31:63:f4:bb:81:9c:81:a7:b6:d9:83:e0:c3:e6:
d3:2e:fb:55:c0:2a:99:ff:4a:93:1d:0d:0f:1e:12:
77:e1:6b:06:ca:1d:1a:5a:bc:c0:aa:16:62:2c:ad:
33:4f:19:4d:24:26:06:d2:b4:90:95:60:54:b3:d9:
77:44:86:21:a3:72:25:60:dc:bb:98:fb:7a:bc:d8:
a3:22:d0:65:45:e4:fc:53:9c:13:f4:80:49:20:96:
43:2b:18:10:0f:88:1d:5f:14:74:a1:6c:9a:f9:22:
21:63:86:91:31:1d:9e:af:ba:d3:39:0d:24:ca:f7:
5c:05:da:6f:16:f1:58:0f:c5:99:36:9a:61:b2:18:
e1:2d:2d:1e:7a:48:f0:46:5b:02:05:c5:06:d4:e5:
7e:b0:42:7e:5f:22:6a:e3:09:2b:af:36:f5:26:d2:
88:81:be:04:b1:cd:1b:de:12:68:10:49:46:84:5b:
00:fb:ea:3d:21:e3:f9:6d:19:76:6b:8d:5b:d0:ff:
f7:17:61:73:74:3b:9d:3e:ab:9c:09:ed:7d:b1:52:
55:fc:c1:8e:bb:0e:e9:22:7c:ab:20:5d:19:28:c5:
9a:f9:47:05:78:1a:33:ad:3c:ab:f1:83:38:59:34:
79:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5E:45:66:E3:06:2E:58:B1:00:CC:34:8E:4C:33:93:B3:FC:05:87
X509v3 Authority Key Identifier:
keyid:A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/iV5FZuMGLlixAMw0jkwzk7P8BYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.14.0/24
178.210.180.0/24
217.70.11.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c8:31:d9:20:9e:79:e2:05:d0:0b:a3:6a:dd:09:9f:a0:6c:
75:37:d4:4c:8b:be:b2:5d:cd:31:31:f7:38:2d:04:28:5d:82:
b4:0c:f0:e2:44:16:d9:68:05:ae:70:fe:81:4a:ce:cc:f0:ff:
67:a4:48:82:50:1e:98:74:7f:d2:52:14:30:93:3c:e8:8e:38:
1a:37:a2:f4:f0:86:15:90:a5:18:49:46:d3:0c:71:bb:1f:ad:
87:ed:3f:69:34:34:79:a1:e0:e7:1d:20:79:51:62:93:c5:99:
06:71:51:d1:2d:be:0b:bc:a5:e0:08:23:c8:49:67:ab:f5:5d:
8e:b0:e5:48:90:83:f3:e0:98:05:ff:0e:37:10:ad:97:82:fc:
5b:1a:28:4f:bc:51:b9:01:99:3d:30:47:18:ff:de:58:d8:29:
78:e1:ca:ab:92:dc:d7:4f:33:aa:96:31:c3:05:eb:24:c8:0c:
a1:7f:a4:47:8d:f1:ad:90:4e:7b:0c:14:d0:2c:06:a0:f2:aa:
45:a0:50:f5:d3:cd:bc:7e:a9:df:75:fc:f4:24:5e:e6:b9:7e:
01:7a:f0:26:d4:b5:dc:33:be:67:da:cb:27:0a:ec:07:8b:59:
b3:ad:27:51:b6:63:80:ab:f5:c8:d0:74:e5:45:48:7f:27:fd:
c2:26:3d:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiEreDt0k/CNCXh7125VUMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjFiMjJiMjA1NDUwMmJmZDM4ODkxMzgyOTExMDNkODNi
NmE1MGUwHhcNMjUwODA3MTMxNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVlNDU2NmUzMDYyZTU4YjEwMGNjMzQ4ZTRjMzM5M2IzZmMwNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBKruBYVG53XzYPtCm+WMWP0u4Gc
gae22YPgw+bTLvtVwCqZ/0qTHQ0PHhJ34WsGyh0aWrzAqhZiLK0zTxlNJCYG0rSQ
lWBUs9l3RIYho3IlYNy7mPt6vNijItBlReT8U5wT9IBJIJZDKxgQD4gdXxR0oWya
+SIhY4aRMR2er7rTOQ0kyvdcBdpvFvFYD8WZNpphshjhLS0eekjwRlsCBcUG1OV+
sEJ+XyJq4wkrrzb1JtKIgb4Esc0b3hJoEElGhFsA++o9IeP5bRl2a41b0P/3F2Fz
dDudPqucCe19sVJV/MGOuw7pInyrIF0ZKMWa+UcFeBozrTyr8YM4WTR59wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIleRWbjBi5YsQDMNI5MM5Oz/AWHMB8GA1UdIwQY
MBaAFKPxsisgVFAr/TiJE4KRED2DtqUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQt
MjRkMjcyY2UxMWUzLzEvaVY1Rlp1TUdMbGl4QU13MGprd3prN1A4QlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQtMjRkMjcyY2UxMWUz
LzEvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALusOAwQA
stK0AwQA2UYLMA0GCSqGSIb3DQEBCwUAA4IBAQAEyDHZIJ554gXQC6Nq3QmfoGx1
N9RMi76yXc0xMfc4LQQoXYK0DPDiRBbZaAWucP6BSs7M8P9npEiCUB6YdH/SUhQw
kzzojjgaN6L08IYVkKUYSUbTDHG7H62H7T9pNDR5oeDnHSB5UWKTxZkGcVHRLb4L
vKXgCCPISWer9V2OsOVIkIPz4JgF/w43EK2XgvxbGihPvFG5AZk9MEcY/95Y2Cl4
4cqrktzXTzOqljHDBeskyAyhf6RHjfGtkE57DBTQLAag8qpFoFD10828fqnfdfz0
JF7muX4BevAm1LXcM75n2ssnCuwHi1mzrSdRtmOAq/XI0HTlRUh/J/3CJj0B
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:50:37 2025 by rpki-client