
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/PYtBwXCIX2JfibgH-eH6y28_VrI.roa
File: PYtBwXCIX2JfibgH-eH6y28_VrI.roa (raw, json)
Hash identifier: HiHxBEZ/k5oJMJ4flD5NHFntvssSaUpL19eBPcUrz0Y=
Subject key identifier: 3D:8B:41:C1:70:88:5F:62:5F:89:B8:07:F9:E1:FA:CB:6F:3F:56:B2
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0198CBEA0E7011528030E1302918BDFD7004
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/PYtBwXCIX2JfibgH-eH6y28_VrI.roa
Signing time: Thu 21 Aug 2025 09:16:10 +0000
ROA not before: Thu 21 Aug 2025 09:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 93.94.51.0/24 maxlen: 24
93.94.52.0/24 maxlen: 24
178.17.53.0/24 maxlen: 24
178.17.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:ea:0e:70:11:52:80:30:e1:30:29:18:bd:fd:70:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Aug 21 09:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8b41c170885f625f89b807f9e1facb6f3f56b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:26:88:55:0a:25:71:30:40:c7:ea:f8:71:46:
5e:3f:63:79:89:a3:38:d5:e8:2d:51:59:d6:17:86:
95:b0:67:14:7a:31:4c:d3:87:57:4d:c4:f5:d4:01:
56:1a:85:f3:5b:2a:b7:88:86:a3:53:18:7f:39:d8:
a9:88:e1:e4:f7:11:aa:df:24:dd:3d:f4:80:dd:42:
ac:cf:7c:4d:10:94:af:ba:05:78:c6:07:2d:94:62:
53:74:c0:a9:ed:5c:97:c5:2b:04:a0:42:20:4c:24:
d6:9b:af:9a:eb:5a:67:9a:7e:dd:69:4d:2c:18:75:
1b:01:58:ec:5a:fe:a3:ac:a0:91:45:80:1b:9b:cc:
52:1d:c8:f0:e0:2b:60:1f:e1:bb:92:9f:34:9d:4a:
5d:26:c8:bf:0f:29:8d:95:62:6a:72:53:37:20:29:
1b:9b:b4:7d:3b:9f:bf:49:bb:8e:94:f5:a4:3a:5e:
f8:67:08:b3:42:ad:72:58:96:68:7b:5b:b9:01:3f:
fa:ca:75:b4:a7:eb:0e:f5:56:8f:07:fb:36:65:85:
7e:a4:5c:b3:09:db:c2:a6:cf:c2:0a:ac:a4:70:60:
12:0f:0c:17:c6:9a:16:93:04:7f:4f:5c:8b:47:16:
67:d0:3d:e5:78:f0:dc:82:b5:3f:f5:33:d2:d0:94:
46:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8B:41:C1:70:88:5F:62:5F:89:B8:07:F9:E1:FA:CB:6F:3F:56:B2
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/PYtBwXCIX2JfibgH-eH6y28_VrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.51.0-93.94.52.255
178.17.53.0/24
178.17.58.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:31:72:ee:54:1a:80:40:11:bd:0f:da:dd:56:57:c9:70:70:
67:6c:c1:1d:79:0d:0e:57:8c:85:26:7c:c9:4f:a3:94:d4:f9:
44:39:46:9d:a0:cf:ee:b3:19:03:ac:5d:ff:d6:50:ff:2b:61:
63:ca:bc:2e:1a:af:57:39:d9:f9:3a:7c:e4:92:0d:d4:12:c0:
d3:08:f8:43:4d:d6:61:e9:39:8f:7f:58:38:55:1d:70:43:95:
eb:a7:1c:6d:36:f6:98:fa:dc:e6:89:39:79:f4:47:83:93:10:
27:15:ea:10:f4:d2:0a:68:dc:b7:96:13:a1:c9:dc:d7:c5:3d:
44:e6:4d:03:39:33:97:7a:38:4d:d5:bd:2b:b0:8f:3d:e6:ac:
82:68:2f:28:dd:0e:73:6d:c2:e7:0c:ab:95:e6:51:94:8d:b3:
e6:d4:c2:46:5e:1e:f7:3b:23:cf:11:2f:ca:b0:c0:67:ea:e4:
17:5f:88:4c:9c:60:b6:72:62:69:54:d8:f3:0a:75:26:63:f4:
15:5e:1c:26:c4:b0:ab:a2:0e:ad:b5:84:c3:a4:dc:e6:50:a1:
0c:d6:2d:80:e8:19:9a:66:fa:a5:fe:6b:e6:11:f3:23:7a:c3:
6a:e3:6c:d0:b0:a5:05:28:6d:67:88:04:d4:8b:88:29:e3:e5:
3e:df:b1:9b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZjL6g5wEVKAMOEwKRi9/XAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwODIxMDkxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhiNDFjMTcwODg1ZjYyNWY4OWI4MDdmOWUxZmFjYjZmM2Y1NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiaIVQolcTBAx+r4cUZeP2N5iaM4
1egtUVnWF4aVsGcUejFM04dXTcT11AFWGoXzWyq3iIajUxh/OdipiOHk9xGq3yTd
PfSA3UKsz3xNEJSvugV4xgctlGJTdMCp7VyXxSsEoEIgTCTWm6+a61pnmn7daU0s
GHUbAVjsWv6jrKCRRYAbm8xSHcjw4CtgH+G7kp80nUpdJsi/DymNlWJqclM3ICkb
m7R9O5+/SbuOlPWkOl74ZwizQq1yWJZoe1u5AT/6ynW0p+sO9VaPB/s2ZYV+pFyz
CdvCps/CCqykcGASDwwXxpoWkwR/T1yLRxZn0D3lePDcgrU/9TPS0JRGOwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD2LQcFwiF9iX4m4B/nh+stvP1ayMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvUFl0QndYQ0lYMkpmaWJnSC1lSDZ5MjhfVnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABdXjMD
BABdXjQDBACyETUDBACyETowDQYJKoZIhvcNAQELBQADggEBAB4xcu5UGoBAEb0P
2t1WV8lwcGdswR15DQ5XjIUmfMlPo5TU+UQ5Rp2gz+6zGQOsXf/WUP8rYWPKvC4a
r1c52fk6fOSSDdQSwNMI+ENN1mHpOY9/WDhVHXBDleunHG029pj63OaJOXn0R4OT
ECcV6hD00gpo3LeWE6HJ3NfFPUTmTQM5M5d6OE3VvSuwjz3mrIJoLyjdDnNtwucM
q5XmUZSNs+bUwkZeHvc7I88RL8qwwGfq5BdfiEycYLZyYmlU2PMKdSZj9BVeHCbE
sKuiDq21hMOk3OZQoQzWLYDoGZpm+qX+a+YR8yN6w2rjbNCwpQUobWeIBNSLiCnj
5T7fsZs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:49:53 2025 by rpki-client