Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/w4RpAhXHQv7paVDaR7QTwx3l9rU.roa
File: w4RpAhXHQv7paVDaR7QTwx3l9rU.roa (raw, json)
Hash identifier: cSr60LWlE9V7I+1ZUVP1rmOC1RqMw9hreE8YRG544p8=
Subject key identifier: C3:84:69:02:15:C7:42:FE:E9:69:50:DA:47:B4:13:C3:1D:E5:F6:B5
Certificate issuer: /CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Certificate serial: 01995688E30BA36F7E19369B0E805CBB0199
Authority key identifier: 46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/w4RpAhXHQv7paVDaR7QTwx3l9rU.roa
Signing time: Wed 17 Sep 2025 07:17:15 +0000
ROA not before: Wed 17 Sep 2025 07:17:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9044
IP address blocks: 82.220.0.0/16 maxlen: 24
185.252.240.0/22 maxlen: 23
194.124.208.0/24 maxlen: 24
212.41.64.0/18 maxlen: 19
212.101.0.0/19 maxlen: 20
2001:1680::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 22:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:88:e3:0b:a3:6f:7e:19:36:9b:0e:80:5c:bb:01:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Validity
Not Before: Sep 17 07:17:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c384690215c742fee96950da47b413c31de5f6b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:0c:bb:9a:32:ab:f8:f9:8f:f3:2b:7a:e4:
c3:65:a6:22:e9:eb:e1:8f:f8:74:13:10:eb:f1:a5:
ae:a9:df:96:be:16:bb:55:a6:4d:3c:fb:23:30:b3:
a5:3b:99:c8:c7:a4:7a:49:15:d7:91:07:15:6a:3c:
49:d2:f6:91:52:c3:4a:75:f8:1b:13:65:e6:08:15:
ef:24:3a:63:50:a7:85:3d:71:61:58:d1:40:bc:91:
5b:05:b4:2c:db:c2:49:e2:b4:4d:c7:eb:aa:dc:eb:
f9:98:50:0e:41:f7:3e:9c:6a:66:2b:d5:95:c1:7a:
8b:5e:ce:ee:55:8f:17:83:e4:68:13:5d:96:d6:02:
f3:59:c3:c3:a9:c3:ba:7d:77:3b:cc:8e:77:30:ae:
a2:0c:59:83:bc:98:ca:11:f3:a1:7a:e7:2d:b3:b3:
ae:a0:2c:3e:ba:82:47:93:00:95:1b:4b:d2:07:40:
82:cc:84:86:19:6f:ff:15:8f:6a:88:e3:de:ac:29:
a6:ac:fd:35:95:6c:e4:84:0f:d2:40:35:9a:9c:ca:
8d:ff:73:4a:b0:2b:64:31:4e:69:c8:23:0c:2e:b5:
6b:ad:32:57:f0:8f:f6:b1:de:87:ac:ff:12:48:7b:
60:14:9a:a8:00:68:86:b3:61:59:50:b4:0f:48:2b:
cf:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:84:69:02:15:C7:42:FE:E9:69:50:DA:47:B4:13:C3:1D:E5:F6:B5
X509v3 Authority Key Identifier:
keyid:46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/w4RpAhXHQv7paVDaR7QTwx3l9rU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.220.0.0/16
185.252.240.0/22
194.124.208.0/24
212.41.64.0/18
212.101.0.0/19
IPv6:
2001:1680::/29
Signature Algorithm: sha256WithRSAEncryption
97:f6:f5:87:03:c4:a6:bf:41:13:73:33:87:83:5c:a1:99:f1:
05:0c:98:a3:3a:64:29:ba:38:89:51:36:b4:92:b2:54:7b:fc:
eb:4a:52:9e:4b:38:be:c2:48:a7:8e:93:a0:28:a9:c5:f0:71:
9b:56:13:e3:e2:51:93:93:aa:c6:a6:4d:91:c2:59:41:c2:49:
b3:8c:ad:3e:37:8c:23:0b:54:3f:d0:86:b8:32:74:c3:8c:6d:
23:fd:65:50:c3:29:92:20:9e:c4:57:34:1f:7f:8e:c0:1a:8c:
85:2f:a9:c3:09:e3:bc:75:ab:e6:fe:93:19:58:d4:8f:e7:41:
be:2c:21:47:bc:4c:11:4a:33:a3:75:16:87:34:a2:00:b2:18:
f7:40:4f:e4:27:f3:2b:1b:cb:b2:cf:b4:b9:8b:43:f7:96:60:
31:96:d1:c8:16:e3:3b:31:89:b0:4b:88:7b:19:0c:26:9a:64:
36:3e:5f:e1:99:45:90:ca:d6:61:2e:b0:85:6e:8c:91:b2:39:
ae:ef:0f:d9:81:22:e7:49:aa:eb:16:2b:41:8e:11:9e:b1:a1:
8a:ef:30:c2:50:08:13:a6:7b:f5:71:9d:e5:bd:bf:18:cd:45:
ab:e0:99:11:12:2e:21:19:12:a9:8c:bc:be:47:aa:aa:0a:e4:
f8:0b:1f:1a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZlWiOMLo29+GTabDoBcuwGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2ZjNDFhNDE5YTdiYmQ2ZDhlOGM0ZWU2ODU1OTViNmE0
MGI5ZjEwHhcNMjUwOTE3MDcxNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzg0NjkwMjE1Yzc0MmZlZTk2OTUwZGE0N2I0MTNjMzFkZTVmNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qUMu5oyq/j5j/MreuTDZaYi6evh
j/h0ExDr8aWuqd+Wvha7VaZNPPsjMLOlO5nIx6R6SRXXkQcVajxJ0vaRUsNKdfgb
E2XmCBXvJDpjUKeFPXFhWNFAvJFbBbQs28JJ4rRNx+uq3Ov5mFAOQfc+nGpmK9WV
wXqLXs7uVY8Xg+RoE12W1gLzWcPDqcO6fXc7zI53MK6iDFmDvJjKEfOheucts7Ou
oCw+uoJHkwCVG0vSB0CCzISGGW//FY9qiOPerCmmrP01lWzkhA/SQDWanMqN/3NK
sCtkMU5pyCMMLrVrrTJX8I/2sd6HrP8SSHtgFJqoAGiGs2FZULQPSCvPxwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMOEaQIVx0L+6WlQ2ke0E8Md5fa1MB8GA1UdIwQY
MBaAFEbPxBpBmnu9bY6MTuaFWVtqQLnxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEt
Y2MzMzc2ZWY3MzAwLzEvdzRScEFoWEhRdjdwYVZEYVI3UVR3eDNsOXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEtY2MzMzc2ZWY3MzAw
LzEvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAUtwDBAK5
/PADBADCfNADBAbUKUADBAXUZQAwDQQCAAIwBwMFAyABFoAwDQYJKoZIhvcNAQEL
BQADggEBAJf29YcDxKa/QRNzM4eDXKGZ8QUMmKM6ZCm6OIlRNrSSslR7/OtKUp5L
OL7CSKeOk6AoqcXwcZtWE+PiUZOTqsamTZHCWUHCSbOMrT43jCMLVD/QhrgydMOM
bSP9ZVDDKZIgnsRXNB9/jsAajIUvqcMJ47x1q+b+kxlY1I/nQb4sIUe8TBFKM6N1
Foc0ogCyGPdAT+Qn8ysby7LPtLmLQ/eWYDGW0cgW4zsxibBLiHsZDCaaZDY+X+GZ
RZDK1mEusIVujJGyOa7vD9mBIudJqusWK0GOEZ6xoYrvMMJQCBOme/VxneW9vxjN
RavgmRESLiEZEqmMvL5HqqoK5PgLHxo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:28:40 2025 by rpki-client