Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/4nkxi3-lAvnol4KZpv_fbMO-o8Y.roa
File: 4nkxi3-lAvnol4KZpv_fbMO-o8Y.roa (raw, json)
Hash identifier: 7IJ8WtHdrV8cqGqjR8uILsd0Nv/W6isRILc3Ixuy+NU=
Subject key identifier: E2:79:31:8B:7F:A5:02:F9:E8:97:82:99:A6:FF:DF:6C:C3:BE:A3:C6
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 0199A93D2D496073C3E8464EF8D948A30350
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/4nkxi3-lAvnol4KZpv_fbMO-o8Y.roa
Signing time: Fri 03 Oct 2025 08:43:02 +0000
ROA not before: Fri 03 Oct 2025 08:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207147
IP address blocks: 45.11.68.0/22 maxlen: 24
45.88.128.0/22 maxlen: 24
45.143.208.0/24 maxlen: 24
45.143.209.0/24 maxlen: 24
45.143.210.0/24 maxlen: 24
45.143.211.0/24 maxlen: 24
84.247.4.0/22 maxlen: 24
85.204.148.0/22 maxlen: 24
85.204.148.0/24 maxlen: 24
85.204.149.0/24 maxlen: 24
85.204.150.0/24 maxlen: 24
85.204.151.0/24 maxlen: 24
89.37.228.0/22 maxlen: 24
130.0.88.0/22 maxlen: 24
176.223.176.0/22 maxlen: 24
185.164.212.0/22 maxlen: 24
185.178.88.0/22 maxlen: 24
185.178.91.0/24 maxlen: 24
185.194.120.0/22 maxlen: 24
185.237.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:3d:2d:49:60:73:c3:e8:46:4e:f8:d9:48:a3:03:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Oct 3 08:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e279318b7fa502f9e8978299a6ffdf6cc3bea3c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:44:bd:b2:c6:d7:a4:81:8f:44:0c:d9:dd:eb:
2a:18:1d:82:4a:9c:db:62:9c:90:41:83:09:f3:32:
e2:29:bc:32:56:3f:94:e1:f4:b1:4b:2f:9f:c6:97:
df:62:5a:16:25:f8:68:63:cf:eb:ae:a3:01:15:a7:
cd:1c:48:7e:1b:93:6a:62:b3:01:20:aa:92:69:b9:
f7:12:35:44:38:4a:e1:dd:83:9e:8f:6f:4e:d3:bb:
fb:44:65:8f:b7:13:67:e8:0b:de:bf:c6:bb:e6:fe:
2f:8c:3d:1b:4d:98:0f:57:9c:82:e6:ce:3d:f8:14:
1a:e1:fa:da:c6:b7:03:91:e1:66:45:17:04:70:4b:
f2:4a:2f:0a:7a:96:c7:9e:cf:51:79:a0:bb:9f:81:
bd:9d:a2:5a:86:4e:c9:00:89:f1:c1:eb:69:ff:fb:
92:54:58:7f:36:a1:43:f1:1f:bc:22:48:41:f6:96:
09:9a:36:0d:c3:fc:22:86:02:f0:72:8c:0d:fc:e0:
9c:c7:8f:00:8b:ad:e9:2c:4f:21:01:47:34:c9:c2:
51:b1:5d:a0:f2:5b:19:8e:d2:51:47:67:51:1f:a9:
de:0f:4a:90:4c:b3:5f:77:e8:7c:6f:20:77:8f:06:
eb:37:76:3b:ba:7f:5a:70:9a:5d:45:d1:bf:7e:5d:
16:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:79:31:8B:7F:A5:02:F9:E8:97:82:99:A6:FF:DF:6C:C3:BE:A3:C6
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/4nkxi3-lAvnol4KZpv_fbMO-o8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.68.0/22
45.88.128.0/22
45.143.208.0/22
84.247.4.0/22
85.204.148.0/22
89.37.228.0/22
130.0.88.0/22
176.223.176.0/22
185.164.212.0/22
185.178.88.0/22
185.194.120.0/22
185.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
47:78:dc:1d:f0:f1:45:c7:7d:52:63:d6:a0:bf:d0:ae:d6:19:
5d:c4:24:8b:4a:dc:4a:01:94:d2:da:c2:90:74:50:ec:16:c1:
cc:89:ca:ca:62:85:f7:1b:9b:ad:34:36:bb:14:1a:66:c6:ce:
72:71:a6:33:87:42:f2:b8:bc:ab:ea:e3:56:78:dd:85:ca:9f:
a2:d1:b2:62:f4:08:c2:3d:76:6d:8b:6e:47:ba:c9:85:c5:07:
ef:c0:07:45:4d:d5:ab:81:4f:22:da:b1:29:58:09:06:81:ab:
9b:22:2b:b4:29:58:8d:4e:1e:ba:ac:ca:38:38:5f:33:f5:0e:
21:0e:29:cc:76:63:8b:81:ba:9e:69:ba:a0:9d:1d:bb:e5:a0:
6a:6e:48:bd:88:2c:be:85:e1:00:2e:b0:7e:db:3b:55:a4:3c:
c1:c5:80:0a:ec:c5:a3:c1:d4:b8:1f:7b:e9:02:e8:98:e4:76:
5c:b2:ab:86:3e:13:d2:09:f2:27:bd:bf:f9:9a:de:56:d2:7e:
a7:6a:79:34:49:b8:5f:36:0e:8c:66:fa:03:f0:a2:7f:a0:7b:
d2:29:d7:d8:5b:9b:69:92:a3:18:c8:7c:62:01:22:03:59:26:
98:69:25:fa:85:7d:08:13:c2:2d:bc:69:ce:ee:a5:80:7a:3c:
e8:ab:2d:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZmpPS1JYHPD6EZO+NlIowNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjUxMDAzMDg0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc5MzE4YjdmYTUwMmY5ZTg5NzgyOTlhNmZmZGY2Y2MzYmVhM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kS9ssbXpIGPRAzZ3esqGB2CSpzb
YpyQQYMJ8zLiKbwyVj+U4fSxSy+fxpffYloWJfhoY8/rrqMBFafNHEh+G5NqYrMB
IKqSabn3EjVEOErh3YOej29O07v7RGWPtxNn6Avev8a75v4vjD0bTZgPV5yC5s49
+BQa4fraxrcDkeFmRRcEcEvySi8KepbHns9ReaC7n4G9naJahk7JAInxwetp//uS
VFh/NqFD8R+8IkhB9pYJmjYNw/wihgLwcowN/OCcx48Ai63pLE8hAUc0ycJRsV2g
8lsZjtJRR2dRH6neD0qQTLNfd+h8byB3jwbrN3Y7un9acJpdRdG/fl0WGwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOJ5MYt/pQL56JeCmab/32zDvqPGMB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEvNG5reGkzLWxBdm5vbDRLWnB2X2ZiTU8tbzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLQtEAwQC
LViAAwQCLY/QAwQCVPcEAwQCVcyUAwQCWSXkAwQCggBYAwQCsN+wAwQCuaTUAwQC
ubJYAwQCucJ4AwQCue0oMA0GCSqGSIb3DQEBCwUAA4IBAQBHeNwd8PFFx31SY9ag
v9Cu1hldxCSLStxKAZTS2sKQdFDsFsHMicrKYoX3G5utNDa7FBpmxs5ycaYzh0Ly
uLyr6uNWeN2Fyp+i0bJi9AjCPXZti25HusmFxQfvwAdFTdWrgU8i2rEpWAkGgaub
Iiu0KViNTh66rMo4OF8z9Q4hDinMdmOLgbqeabqgnR275aBqbki9iCy+heEALrB+
2ztVpDzBxYAK7MWjwdS4H3vpAuiY5HZcsquGPhPSCfInvb/5mt5W0n6nank0Sbhf
Ng6MZvoD8KJ/oHvSKdfYW5tpkqMYyHxiASIDWSaYaSX6hX0IE8ItvGnO7qWAejzo
qy0i
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:22:04 2025 by rpki-client