Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/duQK_L6CU_XoLOUwAAqGbBQ_c-w.roa
File: duQK_L6CU_XoLOUwAAqGbBQ_c-w.roa (raw, json)
Hash identifier: c1e0IDxT38pGihwSE7PrZG6hwT/3gvgX+OwTOhT9gWg=
Subject key identifier: 76:E4:0A:FC:BE:82:53:F5:E8:2C:E5:30:00:0A:86:6C:14:3F:73:EC
Certificate issuer: /CN=4d98fe502ac16e957cc33ebc2ec1be83bbed7cc4
Certificate serial: 0197ABC3FF7C44A8F91601C6E819A888D232
Authority key identifier: 4D:98:FE:50:2A:C1:6E:95:7C:C3:3E:BC:2E:C1:BE:83:BB:ED:7C:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/duQK_L6CU_XoLOUwAAqGbBQ_c-w.roa
Signing time: Thu 26 Jun 2025 10:23:58 +0000
ROA not before: Thu 26 Jun 2025 10:23:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211401
IP address blocks: 185.46.40.0/22 maxlen: 22
2a00:eee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:c3:ff:7c:44:a8:f9:16:01:c6:e8:19:a8:88:d2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d98fe502ac16e957cc33ebc2ec1be83bbed7cc4
Validity
Not Before: Jun 26 10:23:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76e40afcbe8253f5e82ce530000a866c143f73ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:09:ae:78:d5:f8:68:36:d6:6b:e0:3e:ed:c9:
a0:22:47:0e:71:62:56:54:15:68:f2:60:23:91:e4:
c4:ef:50:f5:57:2b:22:27:2f:1f:6c:f7:71:a4:85:
cb:5e:5d:c1:72:09:76:1d:ea:3f:50:28:03:95:13:
71:46:87:0f:36:d5:cd:85:75:fc:cd:4c:fb:04:cd:
be:e8:d3:66:f7:82:79:aa:2a:fa:4b:04:aa:9a:ae:
3f:0c:c6:19:f2:d0:39:6d:1c:89:91:eb:f0:a2:ae:
c5:28:43:52:80:9f:1f:25:46:73:a6:45:4f:0b:13:
33:eb:68:8b:9e:8e:67:56:b0:a8:33:df:63:4d:7e:
06:ba:fc:ea:5e:38:d8:3d:8d:8f:e3:e5:38:39:59:
9c:8e:23:71:6a:77:4e:26:b1:e7:aa:79:93:c0:87:
56:48:9e:39:a3:e5:d3:06:5a:03:65:04:4a:37:de:
48:ab:29:42:b6:d2:22:8b:ee:12:9e:57:55:ed:0c:
55:a8:a8:b6:ab:bf:83:49:1b:be:44:6a:f3:92:94:
31:a6:86:57:a1:f2:b5:48:64:e9:e4:58:04:48:74:
cb:44:cf:79:a2:ac:48:fa:c4:70:0c:55:eb:e8:50:
93:ba:ae:c1:4f:4a:97:69:a9:55:f2:3d:55:72:1b:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E4:0A:FC:BE:82:53:F5:E8:2C:E5:30:00:0A:86:6C:14:3F:73:EC
X509v3 Authority Key Identifier:
keyid:4D:98:FE:50:2A:C1:6E:95:7C:C3:3E:BC:2E:C1:BE:83:BB:ED:7C:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/duQK_L6CU_XoLOUwAAqGbBQ_c-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.40.0/22
IPv6:
2a00:eee0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:b5:73:3a:45:96:bb:9d:bb:8b:34:c5:90:c5:5d:0f:7d:85:
06:98:3b:29:52:7a:86:05:11:d8:2f:49:91:49:9b:33:8e:75:
6e:09:d3:3d:e0:d5:5a:bd:79:0e:46:40:04:7c:32:47:d7:7b:
db:04:3a:56:f8:e9:7f:82:62:83:bc:4b:3f:ff:d1:cd:1d:75:
a6:e7:4c:6a:ca:87:b9:8c:60:d3:8f:c2:58:15:2d:da:0a:4a:
0c:3c:70:e1:f8:61:1a:10:3b:8c:93:0d:d0:8e:5a:de:58:a4:
b4:75:14:1d:2a:b0:89:53:c5:5b:f2:e8:25:fb:3d:d0:86:4a:
a6:04:fe:3a:16:05:ec:7d:20:a1:c6:21:cb:58:c4:78:20:5a:
10:89:05:fd:7e:21:ad:f9:36:7b:ac:c5:33:48:73:d3:c8:81:
e1:37:f9:0a:f2:e4:4c:85:cb:80:96:b0:2d:14:52:07:9a:a7:
21:d3:13:82:1e:19:dd:19:bc:41:91:25:88:89:4b:c9:42:b2:
4e:2f:99:02:75:c9:da:db:15:9a:38:47:b0:e7:37:aa:60:01:
e3:29:3b:5c:59:fb:b2:be:d3:3b:7b:26:20:0f:66:3c:55:c8:
53:39:a4:4b:4e:c4:4c:a9:93:75:17:4b:b2:7d:3d:aa:89:be:
6c:eb:d3:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZerw/98RKj5FgHG6BmoiNIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkOThmZTUwMmFjMTZlOTU3Y2MzM2ViYzJlYzFiZTgzYmJl
ZDdjYzQwHhcNMjUwNjI2MTAyMzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU0MGFmY2JlODI1M2Y1ZTgyY2U1MzAwMDBhODY2YzE0M2Y3M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AmueNX4aDbWa+A+7cmgIkcOcWJW
VBVo8mAjkeTE71D1VysiJy8fbPdxpIXLXl3Bcgl2Heo/UCgDlRNxRocPNtXNhXX8
zUz7BM2+6NNm94J5qir6SwSqmq4/DMYZ8tA5bRyJkevwoq7FKENSgJ8fJUZzpkVP
CxMz62iLno5nVrCoM99jTX4GuvzqXjjYPY2P4+U4OVmcjiNxandOJrHnqnmTwIdW
SJ45o+XTBloDZQRKN95IqylCttIii+4SnldV7QxVqKi2q7+DSRu+RGrzkpQxpoZX
ofK1SGTp5FgESHTLRM95oqxI+sRwDFXr6FCTuq7BT0qXaalV8j1Vchs1xwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHbkCvy+glP16CzlMAAKhmwUP3PsMB8GA1UdIwQY
MBaAFE2Y/lAqwW6VfMM+vC7BvoO77XzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFpqLVVDckJicFY4d3o2OExzRy1nN3Z0Zk1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wOWRhODctYTJiMi00MjliLWJlOTYt
Y2QwMDliMzAwYTZjLzEvZHVRS19MNkNVX1hvTE9Vd0FBcUdiQlFfYy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wOWRhODctYTJiMi00MjliLWJlOTYtY2QwMDliMzAwYTZj
LzEvVFpqLVVDckJicFY4d3o2OExzRy1nN3Z0Zk1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS4oMA0E
AgACMAcDBQAqAO7gMA0GCSqGSIb3DQEBCwUAA4IBAQC0tXM6RZa7nbuLNMWQxV0P
fYUGmDspUnqGBRHYL0mRSZszjnVuCdM94NVavXkORkAEfDJH13vbBDpW+Ol/gmKD
vEs//9HNHXWm50xqyoe5jGDTj8JYFS3aCkoMPHDh+GEaEDuMkw3QjlreWKS0dRQd
KrCJU8Vb8ugl+z3QhkqmBP46FgXsfSChxiHLWMR4IFoQiQX9fiGt+TZ7rMUzSHPT
yIHhN/kK8uRMhcuAlrAtFFIHmqch0xOCHhndGbxBkSWIiUvJQrJOL5kCdcna2xWa
OEew5zeqYAHjKTtcWfuyvtM7eyYgD2Y8VchTOaRLTsRMqZN1F0uyfT2qib5s69Pu
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:11:50 2025 by rpki-client