Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/N4I-OxP3khwcwYxJaU0aHba1zxs.roa
File: N4I-OxP3khwcwYxJaU0aHba1zxs.roa (raw, json)
Hash identifier: ygfVyS5fxOHwbxH62pf8hcquio83EDy0LB1d41OKxko=
Subject key identifier: 37:82:3E:3B:13:F7:92:1C:1C:C1:8C:49:69:4D:1A:1D:B6:B5:CF:1B
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01987E35B7DA0B0C902985089D68EA93DEB7
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/N4I-OxP3khwcwYxJaU0aHba1zxs.roa
Signing time: Wed 06 Aug 2025 07:08:26 +0000
ROA not before: Wed 06 Aug 2025 07:08:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
194.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:35:b7:da:0b:0c:90:29:85:08:9d:68:ea:93:de:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Aug 6 07:08:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37823e3b13f7921c1cc18c49694d1a1db6b5cf1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1f:22:be:92:1a:72:7e:12:06:b4:ef:09:2d:
f4:18:29:be:5f:f7:9e:d2:af:f4:cc:4a:0c:42:13:
0e:39:b6:49:bb:12:a6:ed:bd:8e:d0:25:42:80:59:
24:b6:03:3b:17:0f:21:1b:9b:50:52:63:33:31:63:
fd:fe:e9:34:eb:2a:82:42:ec:41:43:b7:2e:a7:86:
c9:70:5f:16:24:f8:79:63:32:b8:e4:f3:f1:1d:80:
1a:a7:80:7f:d2:f8:84:6f:f5:b1:32:80:b3:21:08:
46:c9:99:5c:6a:2a:1d:b7:98:75:5d:24:3d:db:f8:
6e:ed:1f:cb:cf:57:c0:89:ca:c9:74:28:38:83:27:
18:96:34:43:dd:00:bc:49:7d:9b:5d:9b:d9:3f:49:
a5:f1:4e:1e:0a:75:ca:f9:96:3f:06:87:51:1e:0a:
83:53:09:fc:11:bd:3c:30:7c:7f:e4:eb:28:7f:20:
66:e3:78:be:0e:9f:cc:fc:46:a7:0c:fc:70:97:46:
b8:ed:49:41:ca:e2:2a:3e:e6:27:e8:12:b8:bc:54:
4c:2f:c7:ac:5d:9d:1e:b5:68:db:75:7e:38:ba:ed:
0d:d9:2d:6c:cf:fa:98:37:39:0e:43:50:4a:8c:88:
a2:e3:e8:a2:12:8e:94:b7:ea:8a:f0:3d:1f:98:5e:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:82:3E:3B:13:F7:92:1C:1C:C1:8C:49:69:4D:1A:1D:B6:B5:CF:1B
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/N4I-OxP3khwcwYxJaU0aHba1zxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0/20
Signature Algorithm: sha256WithRSAEncryption
ba:ee:56:c1:7e:c7:aa:d6:de:36:a5:be:5b:d5:82:79:e6:ae:
aa:4d:29:77:9c:82:f2:4d:82:88:1d:c8:83:36:b6:b5:72:73:
e3:5b:5c:ed:a3:59:45:f2:0f:63:07:ff:9d:aa:85:b6:30:12:
da:df:12:71:60:76:8c:15:42:8e:95:de:7e:d2:3d:5b:c7:05:
5e:09:cf:d5:b2:6e:c1:00:63:61:79:21:5e:11:c1:df:f1:a7:
d2:bf:8d:99:b7:c1:e8:e7:71:a3:26:86:16:32:55:f3:ef:5e:
8e:00:d4:55:60:00:a7:00:1b:b6:09:1c:57:5e:a7:5f:33:05:
c5:da:5f:c6:4c:2e:b0:ca:b6:0a:e6:05:58:68:ff:60:ad:ed:
90:da:31:46:d9:f0:73:05:24:aa:14:65:6d:c8:00:68:65:e8:
75:c5:2e:7c:7e:30:a9:9b:27:d2:ff:db:52:2a:c9:e6:0d:46:
87:12:55:dc:98:06:47:b2:3c:b0:f9:c8:af:f7:36:58:c2:87:
aa:8f:8d:bf:8d:53:01:e4:a6:11:74:f6:40:c5:95:0f:f4:f4:
27:33:44:d3:de:2f:65:81:61:f8:8e:e9:be:24:fd:b3:41:7b:
80:27:51:3f:39:a8:9f:ed:4a:61:82:14:e2:f4:7b:f0:fc:5d:
10:8d:51:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZh+NbfaCwyQKYUInWjqk963MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwODA2MDcwODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzgyM2UzYjEzZjc5MjFjMWNjMThjNDk2OTRkMWExZGI2YjVjZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh8ivpIacn4SBrTvCS30GCm+X/ee
0q/0zEoMQhMOObZJuxKm7b2O0CVCgFkktgM7Fw8hG5tQUmMzMWP9/uk06yqCQuxB
Q7cup4bJcF8WJPh5YzK45PPxHYAap4B/0viEb/WxMoCzIQhGyZlcaiodt5h1XSQ9
2/hu7R/Lz1fAicrJdCg4gycYljRD3QC8SX2bXZvZP0ml8U4eCnXK+ZY/BodRHgqD
Uwn8Eb08MHx/5OsofyBm43i+Dp/M/EanDPxwl0a47UlByuIqPuYn6BK4vFRML8es
XZ0etWjbdX44uu0N2S1sz/qYNzkOQ1BKjIii4+iiEo6Ut+qK8D0fmF56tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDeCPjsT95IcHMGMSWlNGh22tc8bMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTjRJLU94UDNraHdjd1l4SmFVMGFIYmExenhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwu4sAwQC
wu5IAwQEwu5QMA0GCSqGSIb3DQEBCwUAA4IBAQC67lbBfseq1t42pb5b1YJ55q6q
TSl3nILyTYKIHciDNra1cnPjW1zto1lF8g9jB/+dqoW2MBLa3xJxYHaMFUKOld5+
0j1bxwVeCc/Vsm7BAGNheSFeEcHf8afSv42Zt8Ho53GjJoYWMlXz716OANRVYACn
ABu2CRxXXqdfMwXF2l/GTC6wyrYK5gVYaP9gre2Q2jFG2fBzBSSqFGVtyABoZeh1
xS58fjCpmyfS/9tSKsnmDUaHElXcmAZHsjyw+civ9zZYwoeqj42/jVMB5KYRdPZA
xZUP9PQnM0TT3i9lgWH4jum+JP2zQXuAJ1E/Oaif7UphghTi9Hvw/F0QjVFd
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:55:32 2025 by rpki-client