Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/4QiyrBWYYUiwo_Av7ZU1XUSFpaQ.roa
File: 4QiyrBWYYUiwo_Av7ZU1XUSFpaQ.roa (raw, json)
Hash identifier: RtfzM+LX4oiwcUkjP8sphlMWUay8BeOur8TIFKSstI4=
Subject key identifier: E1:08:B2:AC:15:98:61:48:B0:A3:F0:2F:ED:95:35:5D:44:85:A5:A4
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0198AF667591FA511A00C802DE65427FD347
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/4QiyrBWYYUiwo_Av7ZU1XUSFpaQ.roa
Signing time: Fri 15 Aug 2025 20:23:04 +0000
ROA not before: Fri 15 Aug 2025 20:23:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
109.105.208.0/24 maxlen: 24
109.105.209.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
185.226.198.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
2a10:3c0:2::/48 maxlen: 48
2a10:3c0:3::/48 maxlen: 48
2a10:3c0:4::/48 maxlen: 48
2a10:3c0:100::/44 maxlen: 44
2a10:3c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:af:66:75:91:fa:51:1a:00:c8:02:de:65:42:7f:d3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Aug 15 20:23:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e108b2ac15986148b0a3f02fed95355d4485a5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:19:7e:64:bb:30:e0:03:4f:c7:87:f6:a7:
89:5c:f9:49:dd:09:e3:65:c4:b7:e0:b3:a7:2e:9a:
7f:09:f2:e8:9f:d3:8a:bf:24:c7:8d:9b:2c:68:ae:
40:11:b9:cd:e1:94:04:26:ba:86:a1:0a:98:3c:15:
e0:5d:49:f2:bb:8f:0f:d9:45:58:dd:f2:d0:fc:93:
ec:6c:45:40:e9:ca:e9:c9:f9:ab:3f:91:fa:86:2e:
ba:88:42:f8:9e:4d:0d:06:cf:17:c7:82:34:c4:ee:
6f:e6:00:31:30:ea:50:3f:fd:85:82:16:c6:c8:ea:
8f:6d:e7:f3:bb:7e:b5:ca:47:94:1d:85:ba:21:15:
8c:4e:d7:82:d7:b6:82:d8:ca:9b:f8:14:b9:25:4b:
82:36:f5:4f:6a:2a:1e:8e:1e:c9:10:7e:4b:5d:f7:
51:a1:b2:48:eb:e8:74:3b:f4:04:12:99:2f:67:e7:
e8:e9:58:2a:3d:2a:04:b3:2a:fe:99:d3:6b:52:3c:
b8:54:8c:10:c9:4d:36:b6:c1:06:98:e9:19:8d:d6:
58:0a:25:78:eb:e7:e0:a4:98:16:90:f2:d9:03:f0:
c1:8b:99:f4:b7:7e:73:a3:ba:d0:97:ac:7e:dc:d2:
1b:62:ee:c3:68:4c:ac:92:ed:2a:0b:69:c3:6e:e4:
c3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:08:B2:AC:15:98:61:48:B0:A3:F0:2F:ED:95:35:5D:44:85:A5:A4
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/4QiyrBWYYUiwo_Av7ZU1XUSFpaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
109.105.208.0/23
185.180.140.0/24
185.180.143.0/24
185.226.198.0/24
IPv6:
2a10:3c0:1::-2a10:3c0:4:ffff:ffff:ffff:ffff:ffff
2a10:3c0:100::/44
Signature Algorithm: sha256WithRSAEncryption
6c:72:9e:bd:a8:1c:be:a1:87:51:de:09:ff:d0:1b:3b:9e:38:
35:13:b9:85:ac:9c:3a:43:72:b1:e5:0f:07:85:0f:ad:a2:fd:
26:23:80:6f:33:d2:55:53:c9:70:01:f6:42:84:e6:a2:16:47:
07:f4:2c:8f:f7:a3:6c:1e:48:55:e8:a3:a1:0f:4c:55:16:d7:
8b:4c:5c:53:f7:60:56:02:c7:05:6b:b6:29:96:27:40:ca:31:
20:b2:16:ca:8e:98:29:f5:71:00:5a:23:31:df:aa:f7:2f:ec:
ea:e0:e2:3b:ea:71:75:8f:81:1c:fe:e2:65:02:a0:9c:1e:0f:
1c:f7:42:e3:3d:2f:bd:47:61:ee:9d:9a:47:01:5c:f1:81:46:
02:fc:8c:ee:ad:54:e5:c9:8e:57:a5:6d:eb:0f:7e:70:90:dc:
72:9a:f1:cd:5b:c7:dd:89:8e:af:30:70:f8:e3:16:2d:26:87:
a5:cd:d1:79:27:a6:b4:45:30:a0:4c:84:e7:06:d2:68:dd:c1:
35:8d:24:59:bc:b6:0b:6b:34:13:f1:be:5e:f9:cb:0f:de:7c:
5e:ba:e9:e6:bb:08:f3:0b:2c:96:78:ff:f0:26:6a:e9:98:f7:
6f:7c:bb:b4:82:bf:de:09:21:9e:8e:ae:6d:3b:79:31:a2:ec:
8f:b8:38:c3
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZivZnWR+lEaAMgC3mVCf9NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwODE1MjAyMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA4YjJhYzE1OTg2MTQ4YjBhM2YwMmZlZDk1MzU1ZDQ0ODVhNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquMZfmS7MOADT8eH9qeJXPlJ3Qnj
ZcS34LOnLpp/CfLon9OKvyTHjZssaK5AEbnN4ZQEJrqGoQqYPBXgXUnyu48P2UVY
3fLQ/JPsbEVA6crpyfmrP5H6hi66iEL4nk0NBs8Xx4I0xO5v5gAxMOpQP/2FghbG
yOqPbefzu361ykeUHYW6IRWMTteC17aC2Mqb+BS5JUuCNvVPaioejh7JEH5LXfdR
obJI6+h0O/QEEpkvZ+fo6VgqPSoEsyr+mdNrUjy4VIwQyU02tsEGmOkZjdZYCiV4
6+fgpJgWkPLZA/DBi5n0t35zo7rQl6x+3NIbYu7DaEysku0qC2nDbuTDTQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOEIsqwVmGFIsKPwL+2VNV1EhaWkMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvNFFpeXJCV1lZVWl3b19BdjdaVTFYVVNGcGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAsBAIAATAmMAwDBActnIAD
BAAtnIIDBAFtadADBAC5tIwDBAC5tI8DBAC54sYwIwQCAAIwHTASAwcAKhADwAAB
AwcAKhADwAAEAwcEKhADwAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBscp69qBy+oYdR
3gn/0Bs7njg1E7mFrJw6Q3Kx5Q8HhQ+tov0mI4BvM9JVU8lwAfZChOaiFkcH9CyP
96NsHkhV6KOhD0xVFteLTFxT92BWAscFa7YplidAyjEgshbKjpgp9XEAWiMx36r3
L+zq4OI76nF1j4Ec/uJlAqCcHg8c90LjPS+9R2HunZpHAVzxgUYC/IzurVTlyY5X
pW3rD35wkNxymvHNW8fdiY6vMHD44xYtJoelzdF5J6a0RTCgTITnBtJo3cE1jSRZ
vLYLazQT8b5e+csP3nxeuunmuwjzCyyWeP/wJmrpmPdvfLu0gr/eCSGejq5tO3kx
ouyPuDjD
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:22:22 2025 by rpki-client