Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/0dwLJQRpdsuNfuiofPA4PjO0U8c.roa
File: 0dwLJQRpdsuNfuiofPA4PjO0U8c.roa (raw, json)
Hash identifier: xvhwiBzc6sj9frR0O87jctOS5dj3sqKjh7OcpHO4MQo=
Subject key identifier: D1:DC:0B:25:04:69:76:CB:8D:7E:E8:A8:7C:F0:38:3E:33:B4:53:C7
Certificate issuer: /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial: 0197A656DE59C8096C098611884C9E3B7724
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/0dwLJQRpdsuNfuiofPA4PjO0U8c.roa
Signing time: Wed 25 Jun 2025 09:06:40 +0000
ROA not before: Wed 25 Jun 2025 09:06:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48117
IP address blocks: 46.151.248.0/21 maxlen: 21
91.209.24.0/24 maxlen: 24
193.106.24.0/22 maxlen: 22
194.146.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:56:de:59:c8:09:6c:09:86:11:88:4c:9e:3b:77:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
Validity
Not Before: Jun 25 09:06:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1dc0b25046976cb8d7ee8a87cf0383e33b453c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:a1:2a:ee:22:3f:a8:dd:b8:13:1e:e8:fd:
1c:bf:60:f6:d1:d7:53:c0:1b:7e:66:f7:c4:95:91:
7e:51:6a:d3:a7:d5:3a:4a:68:42:b1:12:23:6d:60:
62:99:a6:61:68:01:25:0d:21:ec:ef:af:7b:42:af:
77:99:db:51:32:73:b0:11:41:71:c2:81:65:3d:2b:
52:e1:49:e6:b0:ae:fb:b0:b4:ad:3e:b5:22:3e:cf:
8b:99:0a:4a:6a:1b:b9:db:64:4b:73:7b:8f:3d:41:
b5:65:4b:24:d7:01:c5:60:bc:75:34:bf:72:ee:8a:
0b:2b:3b:a2:77:a7:ce:81:14:1e:29:d7:50:1a:ff:
ad:94:c4:4d:a3:df:c8:eb:20:5f:6d:eb:ac:61:63:
3a:57:be:89:e9:ea:4d:68:74:52:f6:fe:37:ba:c9:
6e:ac:51:42:81:64:33:67:8e:7a:aa:da:30:af:cd:
d4:f5:ef:9d:ac:5c:4b:b2:17:e5:8b:c8:cf:d9:0b:
e6:0c:ba:d3:61:fe:3c:58:b2:96:28:61:86:cb:ec:
fb:3d:1f:1e:72:4f:34:8e:d3:97:c5:12:04:b7:5d:
6e:ad:0b:6f:ef:3e:9e:82:d4:72:90:88:db:21:f3:
bf:be:45:fa:7d:bc:5a:a0:45:c8:e3:8c:c4:54:13:
ab:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DC:0B:25:04:69:76:CB:8D:7E:E8:A8:7C:F0:38:3E:33:B4:53:C7
X509v3 Authority Key Identifier:
keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/0dwLJQRpdsuNfuiofPA4PjO0U8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.248.0/21
91.209.24.0/24
193.106.24.0/22
194.146.136.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8b:45:79:63:83:03:92:5f:53:58:15:91:15:62:85:b3:f3:
a1:fd:ea:94:14:89:74:84:21:55:79:5d:c2:1b:39:33:75:c5:
74:ef:03:24:ff:87:7e:fa:fa:bd:f4:c4:f8:3d:07:2d:fb:0e:
c2:31:12:35:f6:68:50:ca:ba:44:fb:e6:2d:19:4e:6a:2b:b3:
50:aa:3b:39:6a:f0:c4:f6:57:0b:4f:72:44:7e:c8:4a:48:ef:
2b:12:df:33:33:bd:8b:38:e4:63:00:ff:8c:6a:48:5f:d5:da:
9e:44:b7:d3:49:64:54:7d:e6:c9:2f:b9:86:31:b2:e7:61:90:
35:bf:73:7f:14:13:bd:a0:bd:ba:00:21:74:66:fb:b8:21:bf:
51:f1:14:0c:c1:16:77:bf:58:f0:82:05:b2:a8:5b:06:73:56:
63:a4:3f:9b:00:33:0b:5d:29:1c:7c:32:51:2e:44:d8:8e:16:
7b:b2:7f:b7:cd:34:10:1b:ce:08:3d:47:d3:c6:d4:9b:d9:3b:
4f:7f:fe:e3:81:ef:87:d7:74:08:cc:56:78:f6:5a:32:5a:12:
39:a8:4d:d2:27:5c:13:36:9f:4f:30:0b:0d:2a:ee:b7:6a:a4:
45:2f:82:3f:7e:db:60:4d:b2:cd:64:f7:f1:8f:e2:81:ed:9d:
0b:a0:69:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZemVt5ZyAlsCYYRiEyeO3ckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNjI1MDkwNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRjMGIyNTA0Njk3NmNiOGQ3ZWU4YTg3Y2YwMzgzZTMzYjQ1M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/yhKu4iP6jduBMe6P0cv2D20ddT
wBt+ZvfElZF+UWrTp9U6SmhCsRIjbWBimaZhaAElDSHs7697Qq93mdtRMnOwEUFx
woFlPStS4UnmsK77sLStPrUiPs+LmQpKahu522RLc3uPPUG1ZUsk1wHFYLx1NL9y
7ooLKzuid6fOgRQeKddQGv+tlMRNo9/I6yBfbeusYWM6V76J6epNaHRS9v43uslu
rFFCgWQzZ456qtowr83U9e+drFxLshfli8jP2QvmDLrTYf48WLKWKGGGy+z7PR8e
ck80jtOXxRIEt11urQtv7z6egtRykIjbIfO/vkX6fbxaoEXI44zEVBOrZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNHcCyUEaXbLjX7oqHzwOD4ztFPHMB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvMGR3TEpRUnBkc3VOZnVpb2ZQQTRQak8wVThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLpf4AwQA
W9EYAwQCwWoYAwQCwpKIMA0GCSqGSIb3DQEBCwUAA4IBAQBLi0V5Y4MDkl9TWBWR
FWKFs/Oh/eqUFIl0hCFVeV3CGzkzdcV07wMk/4d++vq99MT4PQct+w7CMRI19mhQ
yrpE++YtGU5qK7NQqjs5avDE9lcLT3JEfshKSO8rEt8zM72LOORjAP+Makhf1dqe
RLfTSWRUfebJL7mGMbLnYZA1v3N/FBO9oL26ACF0Zvu4Ib9R8RQMwRZ3v1jwggWy
qFsGc1ZjpD+bADMLXSkcfDJRLkTYjhZ7sn+3zTQQG84IPUfTxtSb2TtPf/7jge+H
13QIzFZ49loyWhI5qE3SJ1wTNp9PMAsNKu63aqRFL4I/fttgTbLNZPfxj+KB7Z0L
oGnS
-----END CERTIFICATE-----
Generated at Wed Jul 2 16:23:35 2025 by rpki-client