Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4h6absYAiPsG0J40W2uzNiAQhgA.roa
File: 4h6absYAiPsG0J40W2uzNiAQhgA.roa (raw, json)
Hash identifier: E2ubw8eCgRSEOdzjW9WhX5Of3RKTeNKXE5572xvYBTE=
Subject key identifier: E2:1E:9A:6E:C6:00:88:FB:06:D0:9E:34:5B:6B:B3:36:20:10:86:00
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0197B004521E5729C631411608FC1ED76741
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4h6absYAiPsG0J40W2uzNiAQhgA.roa
Signing time: Fri 27 Jun 2025 06:12:42 +0000
ROA not before: Fri 27 Jun 2025 06:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.66.0/24 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:04:52:1e:57:29:c6:31:41:16:08:fc:1e:d7:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 27 06:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e21e9a6ec60088fb06d09e345b6bb33620108600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:f8:57:f3:83:80:e7:e8:ad:32:b8:8b:b0:
84:0a:c1:20:e0:73:66:e1:e3:94:91:a8:72:50:01:
e8:87:2d:ef:3c:d6:e9:6a:ee:f9:d8:de:ca:0d:ff:
f3:12:2f:42:4a:c5:71:78:da:9c:22:7c:98:23:4b:
db:e6:99:f4:95:12:d2:39:b7:5e:ed:9f:7a:30:7a:
e9:aa:d3:b4:ec:49:0a:63:8f:da:81:f8:74:63:4a:
24:7a:58:bd:25:b3:c6:f4:97:bc:73:93:9b:d9:cc:
0c:52:00:0b:94:a7:a2:80:39:f2:e5:dd:02:a8:91:
1e:17:cf:b4:b7:a3:bb:2a:58:5b:a3:d1:f8:a8:1f:
48:30:01:b2:5a:36:97:53:76:cd:fc:24:b2:25:1c:
8d:4d:cb:80:30:9b:a6:a3:73:87:3c:d4:28:e2:5b:
b9:e9:01:7f:e4:3d:e3:0c:ee:46:94:c5:ef:0b:4d:
42:32:9d:a7:72:55:ae:52:a0:79:96:a7:31:d1:e7:
90:70:e0:8b:e1:23:7e:30:03:55:25:fc:fa:76:c7:
cd:f1:2e:25:ff:81:d3:1a:f5:c4:60:6d:10:29:48:
ca:a0:1e:87:58:a6:8f:d5:69:0b:3b:0b:fd:30:85:
1f:27:81:aa:a2:38:3b:22:64:9c:d0:de:c1:8b:af:
f3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1E:9A:6E:C6:00:88:FB:06:D0:9E:34:5B:6B:B3:36:20:10:86:00
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4h6absYAiPsG0J40W2uzNiAQhgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.66.0/24
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
a4:3c:e4:93:c0:c7:63:d9:a9:84:f6:f5:7f:a7:16:45:46:02:
e3:e2:d4:6a:3f:4c:c2:c0:07:68:1f:8d:80:5d:b9:67:36:c9:
3a:7a:c3:75:f7:23:2a:38:a3:f4:a9:1c:8a:0b:f8:2b:ca:38:
d9:80:28:fe:10:b0:0b:32:3b:0d:8a:ba:95:43:2e:1e:36:ed:
3c:77:40:43:ac:02:ed:be:04:e0:fe:27:fb:4a:15:b6:b4:32:
24:13:22:0f:e4:f6:0f:19:af:c3:19:02:56:ca:37:ba:e4:41:
a3:02:ad:49:8c:4a:80:d5:5f:b8:1c:c7:7b:1e:cd:99:fa:32:
6a:8a:a8:2b:05:b0:0c:54:5a:ba:a8:ac:e8:29:83:42:a3:72:
b7:bf:35:e2:13:e3:64:9f:99:29:b0:cf:57:c8:af:2b:b9:ed:
83:fc:bb:9e:c9:6c:d4:e2:98:11:00:1e:e7:e4:97:47:3f:33:
30:5a:5b:c0:b0:fd:bf:e1:49:9b:ca:dd:fb:2a:93:48:ed:f5:
a8:d0:ab:37:ab:b1:fe:7e:82:52:a1:1b:ac:ab:f9:bf:a9:db:
12:a3:a2:9d:7a:a6:d9:86:a8:56:2f:9f:55:c4:32:4f:83:7d:
2c:76:59:45:9c:65:71:4b:7d:cc:9e:a5:20:33:9d:89:2c:75:
43:98:a4:d9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZewBFIeVynGMUEWCPwe12dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNjI3MDYxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFlOWE2ZWM2MDA4OGZiMDZkMDllMzQ1YjZiYjMzNjIwMTA4NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsev4V/ODgOforTK4i7CECsEg4HNm
4eOUkahyUAHohy3vPNbpau752N7KDf/zEi9CSsVxeNqcInyYI0vb5pn0lRLSObde
7Z96MHrpqtO07EkKY4/agfh0Y0okeli9JbPG9Je8c5Ob2cwMUgALlKeigDny5d0C
qJEeF8+0t6O7Klhbo9H4qB9IMAGyWjaXU3bN/CSyJRyNTcuAMJumo3OHPNQo4lu5
6QF/5D3jDO5GlMXvC01CMp2nclWuUqB5lqcx0eeQcOCL4SN+MANVJfz6dsfN8S4l
/4HTGvXEYG0QKUjKoB6HWKaP1WkLOwv9MIUfJ4Gqojg7ImSc0N7Bi6/z+QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOIemm7GAIj7BtCeNFtrszYgEIYAMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvNGg2YWJzWUFpUHNHMEo0MFcydXpOaUFRaGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVXPQAwQA
1ZFCMAwDBALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOC
AQEApDzkk8DHY9mphPb1f6cWRUYC4+LUaj9MwsAHaB+NgF25ZzbJOnrDdfcjKjij
9Kkcigv4K8o42YAo/hCwCzI7DYq6lUMuHjbtPHdAQ6wC7b4E4P4n+0oVtrQyJBMi
D+T2DxmvwxkCVso3uuRBowKtSYxKgNVfuBzHex7NmfoyaoqoKwWwDFRauqis6CmD
QqNyt7814hPjZJ+ZKbDPV8ivK7ntg/y7nsls1OKYEQAe5+SXRz8zMFpbwLD9v+FJ
m8rd+yqTSO31qNCrN6ux/n6CUqEbrKv5v6nbEqOinXqm2YaoVi+fVcQyT4N9LHZZ
RZxlcUt9zJ6lIDOdiSx1Q5ik2Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:52:59 2025 by rpki-client