Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/u1-qZRpyHBzPIqnj2aBIyztznf4.roa
File: u1-qZRpyHBzPIqnj2aBIyztznf4.roa (raw, json)
Hash identifier: nGzZ2EMlcssZII4nWCfOjaFqb562AeCP+DfoESx10B8=
Subject key identifier: BB:5F:AA:65:1A:72:1C:1C:CF:22:A9:E3:D9:A0:48:CB:3B:73:9D:FE
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0198BC0D9884ECE19C96955D41206C4C10A7
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/u1-qZRpyHBzPIqnj2aBIyztznf4.roa
Signing time: Mon 18 Aug 2025 07:21:04 +0000
ROA not before: Mon 18 Aug 2025 07:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.207.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.202.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:0d:98:84:ec:e1:9c:96:95:5d:41:20:6c:4c:10:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Aug 18 07:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb5faa651a721c1ccf22a9e3d9a048cb3b739dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6d:d0:5b:cc:86:66:53:a5:34:84:b0:42:53:
4a:02:0d:25:90:27:35:42:52:9d:66:ea:e3:a0:5f:
fa:f5:8c:18:78:89:9a:8d:02:91:3f:e3:6a:c1:cb:
61:a2:36:c5:07:79:d8:83:81:fc:25:ed:c7:9e:85:
99:42:22:21:07:27:2f:50:2b:36:3f:d7:e2:ca:04:
5d:9a:04:8d:41:5d:82:8e:7b:d5:97:d2:eb:07:9f:
19:9d:3e:e7:0f:00:5a:ed:7a:6a:f6:96:e1:ad:0b:
78:7b:db:c6:31:35:f9:ad:41:29:10:c6:91:95:7a:
e4:15:3f:c6:15:b1:30:19:a5:62:d8:7a:14:1a:09:
bc:4a:56:d7:0d:d2:ea:c9:44:8c:83:05:e5:f5:24:
73:35:91:6a:93:50:1f:c3:b6:b3:f2:50:c3:94:bc:
40:82:31:91:1c:5d:3a:6d:01:f2:ac:9c:0e:f8:14:
95:9c:ba:90:0a:31:22:b7:5c:b4:7b:c9:a0:4a:a1:
99:28:ed:d3:f8:84:fc:37:41:d6:42:f1:2e:e1:76:
bc:01:4e:1a:99:27:5e:c0:4d:96:cf:12:73:4c:c6:
1e:6c:b0:08:78:1b:84:55:50:92:92:53:c2:9d:22:
ec:75:96:2f:27:b9:f4:a1:dd:61:04:43:61:92:06:
7e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5F:AA:65:1A:72:1C:1C:CF:22:A9:E3:D9:A0:48:CB:3B:73:9D:FE
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/u1-qZRpyHBzPIqnj2aBIyztznf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0-195.114.198.255
195.114.202.0/24
213.220.2.0/24
213.220.4.0/23
213.220.9.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:97:bc:40:7c:5f:c8:96:62:33:77:6a:20:fd:41:85:c8:3f:
2d:82:51:25:9a:97:cf:97:c2:28:12:a0:47:b3:73:db:dc:30:
08:8a:2f:96:07:6b:36:da:7c:1d:9e:91:c5:3b:89:76:08:ea:
ec:e3:1e:4b:c0:e9:d5:34:c3:ec:14:0d:d0:2e:3d:e5:ef:1f:
d1:34:79:a8:46:a1:5d:e4:0a:09:ef:9f:90:93:d5:6a:b7:7e:
5c:8b:ab:96:dc:47:f2:76:25:bc:3a:47:c6:3a:c5:17:2a:3c:
75:23:30:80:ef:09:af:f9:b9:80:e8:6a:48:eb:e6:b7:16:4e:
f4:60:f1:9b:af:9a:69:ce:7d:c9:fd:14:0b:6f:63:8b:33:99:
fb:bf:ca:a2:11:8e:3c:a6:c7:20:7f:7d:7a:64:9f:52:c7:63:
d1:cc:c3:72:6a:4a:75:d6:f1:4d:5b:f0:a6:77:a0:a3:d4:3e:
04:bc:7b:05:40:36:32:b2:f4:ff:1d:c7:bc:39:38:c5:c3:90:
b6:58:39:ed:68:6f:a5:4e:09:72:0d:97:f1:88:e0:d3:4c:18:
30:9a:f6:04:a6:03:64:03:ac:0a:7b:6c:e4:25:f9:85:9a:77:
72:e2:f4:2e:82:b7:de:fe:02:47:e9:d7:42:3e:a9:08:b4:3f:
08:d7:64:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZi8DZiE7OGclpVdQSBsTBCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwODE4MDcyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjVmYWE2NTFhNzIxYzFjY2YyMmE5ZTNkOWEwNDhjYjNiNzM5ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G3QW8yGZlOlNISwQlNKAg0lkCc1
QlKdZurjoF/69YwYeImajQKRP+NqwcthojbFB3nYg4H8Je3HnoWZQiIhBycvUCs2
P9fiygRdmgSNQV2CjnvVl9LrB58ZnT7nDwBa7Xpq9pbhrQt4e9vGMTX5rUEpEMaR
lXrkFT/GFbEwGaVi2HoUGgm8SlbXDdLqyUSMgwXl9SRzNZFqk1Afw7az8lDDlLxA
gjGRHF06bQHyrJwO+BSVnLqQCjEit1y0e8mgSqGZKO3T+IT8N0HWQvEu4Xa8AU4a
mSdewE2WzxJzTMYebLAIeBuEVVCSklPCnSLsdZYvJ7n0od1hBENhkgZ+DwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFLtfqmUachwczyKp49mgSMs7c53+MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvdTEtcVpScHlIQnpQSXFuajJhQkl5enR6bmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8ADBADCj90DBADDcsAwDAMEAMNywwMEAMNyxgMEAMNy
ygMEANXcAgMEAdXcBAMEANXcCQMEANXcFAMEANXcPjANBgkqhkiG9w0BAQsFAAOC
AQEApJe8QHxfyJZiM3dqIP1Bhcg/LYJRJZqXz5fCKBKgR7Nz29wwCIovlgdrNtp8
HZ6RxTuJdgjq7OMeS8Dp1TTD7BQN0C495e8f0TR5qEahXeQKCe+fkJPVard+XIur
ltxH8nYlvDpHxjrFFyo8dSMwgO8Jr/m5gOhqSOvmtxZO9GDxm6+aac59yf0UC29j
izOZ+7/KohGOPKbHIH99emSfUsdj0czDcmpKddbxTVvwpnego9Q+BLx7BUA2MrL0
/x3HvDk4xcOQtlg57WhvpU4Jcg2X8Yjg00wYMJr2BKYDZAOsCnts5CX5hZp3cuL0
LoK33v4CR+nXQj6pCLQ/CNdkLg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:37:16 2025 by rpki-client