Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-s2VStckgyyDAih4AaIvdaqwYgU.roa
File: 1-s2VStckgyyDAih4AaIvdaqwYgU.roa (raw, json)
Hash identifier: EEIjJg0nH05CIAAlZjbl4eV3W+5/nIl8+FkFbImZuwE=
Subject key identifier: FA:CD:95:4A:D7:24:83:2C:83:02:28:78:01:A2:2F:75:AA:B0:62:05
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01997AB0145C64E5B07D80AF698B7F2BE01E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-s2VStckgyyDAih4AaIvdaqwYgU.roa
Signing time: Wed 24 Sep 2025 07:46:23 +0000
ROA not before: Wed 24 Sep 2025 07:46:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135392
IP address blocks: 178.215.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:b0:14:5c:64:e5:b0:7d:80:af:69:8b:7f:2b:e0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 24 07:46:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=facd954ad724832c8302287801a22f75aab06205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:46:b1:c7:37:25:63:60:cb:99:3e:1f:6d:ee:
d2:d8:b2:01:30:06:a2:b2:38:89:51:0e:32:3e:9f:
b5:cb:3e:3a:2d:f7:da:93:31:90:d7:23:32:6c:eb:
d5:a0:89:c6:4a:71:f5:96:4a:34:6f:96:dd:de:8c:
af:08:c5:4d:4f:0a:b4:41:40:62:54:5c:1b:94:95:
55:8b:0a:c3:a8:d1:ae:7b:d0:65:0f:d2:a9:96:35:
8c:1b:c4:26:3d:09:4e:da:70:1e:c4:64:2c:13:67:
be:59:1f:80:64:54:06:1a:1b:48:b8:be:7e:15:49:
47:c7:3d:ca:ba:02:89:4e:c0:17:ab:21:2e:10:77:
d1:58:45:05:be:40:f3:23:2e:ec:2e:5a:76:b8:30:
48:4f:ca:51:e6:cc:97:ea:aa:98:08:db:65:67:3d:
c8:dd:9d:ee:f3:9f:ed:15:eb:18:58:fa:d4:de:be:
87:3a:e1:43:cb:75:27:bb:af:49:81:e8:fc:02:8f:
a2:37:3f:3a:89:01:5e:06:d6:b9:25:9b:92:8a:4e:
45:4f:49:22:94:23:83:82:47:85:b6:72:43:06:63:
da:f1:f9:65:18:b4:7e:70:ac:1e:6b:8e:f5:79:47:
2f:b1:9f:38:25:e9:fd:06:f0:8c:55:bf:3f:ff:c4:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CD:95:4A:D7:24:83:2C:83:02:28:78:01:A2:2F:75:AA:B0:62:05
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-s2VStckgyyDAih4AaIvdaqwYgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.227.0/24
Signature Algorithm: sha256WithRSAEncryption
44:00:d7:b6:b1:42:49:e5:2e:ed:dc:22:23:b9:68:4f:c8:4f:
8d:45:40:3c:39:16:38:34:5c:a3:f2:f7:2e:f0:0c:c3:7e:83:
32:15:dd:65:a1:82:5d:4c:5d:f2:a5:4f:99:34:f3:74:a8:f4:
76:80:f3:29:a7:d4:a3:4f:63:8f:8e:07:10:81:fe:32:ee:e3:
3e:b5:50:eb:77:46:f4:2d:93:2d:c1:a0:34:0e:16:6b:84:e2:
70:09:41:39:89:7f:d5:bd:16:4d:80:df:cd:94:85:c4:30:e0:
a4:ad:f2:1b:f5:6f:ef:bf:25:73:33:2d:48:35:4b:4e:d4:fb:
9f:e8:93:c7:dd:f6:94:6e:88:be:c8:f2:b0:79:44:b6:fa:f0:
33:fc:59:ed:af:f3:eb:3e:bb:16:e6:8a:b2:91:d3:df:f4:56:
13:91:33:8a:b9:cd:e5:6d:eb:18:58:eb:40:0d:a8:a7:c3:bd:
d0:3e:ad:11:75:98:a9:c0:89:96:6b:79:e0:ae:0e:d8:f2:bf:
19:f2:12:ce:ea:8b:87:c4:03:f4:e4:c6:05:d6:86:c6:1f:d5:
ba:2a:cc:23:c7:30:14:c1:de:75:19:3a:4e:a6:b2:51:48:3b:
a9:19:ee:82:38:7d:3a:cd:13:4d:42:84:8d:8a:94:02:6d:1b:
84:93:44:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZl6sBRcZOWwfYCvaYt/K+AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTI0MDc0NjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWNkOTU0YWQ3MjQ4MzJjODMwMjI4NzgwMWEyMmY3NWFhYjA2MjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0axxzclY2DLmT4fbe7S2LIBMAai
sjiJUQ4yPp+1yz46LffakzGQ1yMybOvVoInGSnH1lko0b5bd3oyvCMVNTwq0QUBi
VFwblJVViwrDqNGue9BlD9KpljWMG8QmPQlO2nAexGQsE2e+WR+AZFQGGhtIuL5+
FUlHxz3KugKJTsAXqyEuEHfRWEUFvkDzIy7sLlp2uDBIT8pR5syX6qqYCNtlZz3I
3Z3u85/tFesYWPrU3r6HOuFDy3Unu69Jgej8Ao+iNz86iQFeBta5JZuSik5FT0ki
lCODgkeFtnJDBmPa8fllGLR+cKwea471eUcvsZ84Jen9BvCMVb8//8TtjQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrNlUrXJIMsgwIoeAGiL3WqsGIFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1zMlZTdGNrZ3l5REFpaDRBYUl2ZGFxd1lnVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLX4zAN
BgkqhkiG9w0BAQsFAAOCAQEARADXtrFCSeUu7dwiI7loT8hPjUVAPDkWODRco/L3
LvAMw36DMhXdZaGCXUxd8qVPmTTzdKj0doDzKafUo09jj44HEIH+Mu7jPrVQ63dG
9C2TLcGgNA4Wa4TicAlBOYl/1b0WTYDfzZSFxDDgpK3yG/Vv778lczMtSDVLTtT7
n+iTx932lG6IvsjysHlEtvrwM/xZ7a/z6z67FuaKspHT3/RWE5EzirnN5W3rGFjr
QA2op8O90D6tEXWYqcCJlmt54K4O2PK/GfISzuqLh8QD9OTGBdaGxh/VuirMI8cw
FMHedRk6TqayUUg7qRnugjh9Os0TTUKEjYqUAm0bhJNE1A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:38 2025 by rpki-client