Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/pgTDkA03VW0zDxlnTBVHz55HqJY.roa
File: pgTDkA03VW0zDxlnTBVHz55HqJY.roa (raw, json)
Hash identifier: rBFxYtlNHOxBeylPNnZjz2J7DVtg6cM4mYoztB0MlM0=
Subject key identifier: A6:04:C3:90:0D:37:55:6D:33:0F:19:67:4C:15:47:CF:9E:47:A8:96
Certificate issuer: /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial: 0199950C8C0D4A5706DBB8201AE3522F4F2F
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/pgTDkA03VW0zDxlnTBVHz55HqJY.roa
Signing time: Mon 29 Sep 2025 10:37:31 +0000
ROA not before: Mon 29 Sep 2025 10:37:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39308
IP address blocks: 89.144.128.0/18 maxlen: 24
89.144.130.0/24 maxlen: 24
109.109.32.0/19 maxlen: 19
109.109.48.0/24 maxlen: 24
159.20.96.0/20 maxlen: 20
185.56.96.0/22 maxlen: 24
2a00:1570::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:0c:8c:0d:4a:57:06:db:b8:20:1a:e3:52:2f:4f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
Validity
Not Before: Sep 29 10:37:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a604c3900d37556d330f19674c1547cf9e47a896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:0e:19:f5:67:d3:6c:7b:ac:10:5b:1f:ec:
b0:9f:e5:aa:0a:b5:a9:60:d9:f7:e7:68:ed:7d:3e:
18:3e:82:16:1b:d0:fe:d7:ce:17:2d:67:9d:5a:92:
45:de:b1:07:df:6d:78:f7:fd:1d:a6:54:2c:40:b9:
d1:03:2c:e8:28:cd:51:7d:54:b6:09:4a:32:9f:34:
fb:99:df:f6:93:12:c4:3b:b3:48:6d:2f:12:2c:03:
bf:91:20:ad:83:62:b7:b2:25:53:e0:d1:47:b3:cc:
74:9d:96:cd:d6:3c:c1:45:2f:03:21:c4:2d:01:97:
c6:b4:56:87:8c:66:b4:97:c9:5e:a3:a7:20:e1:9f:
36:a7:96:bb:a5:66:39:68:c4:5e:31:b6:e2:45:28:
63:5e:99:22:94:27:d2:70:9c:d6:bc:22:51:6d:04:
08:91:cd:07:a7:9c:55:a6:39:41:af:83:bd:57:4f:
db:36:24:0e:92:47:f9:cd:6b:94:03:36:75:0d:65:
57:bd:ba:98:b2:3d:74:f8:69:e7:57:c0:33:26:85:
25:b4:d7:66:37:63:74:f5:58:04:d1:45:18:88:f5:
af:4f:44:67:f3:75:0f:00:74:3e:cc:1a:a8:b9:e3:
fa:49:42:19:54:7e:e6:3c:5b:05:c4:56:c1:39:81:
fb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:04:C3:90:0D:37:55:6D:33:0F:19:67:4C:15:47:CF:9E:47:A8:96
X509v3 Authority Key Identifier:
keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/pgTDkA03VW0zDxlnTBVHz55HqJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.128.0/18
109.109.32.0/19
159.20.96.0/20
185.56.96.0/22
IPv6:
2a00:1570::/32
Signature Algorithm: sha256WithRSAEncryption
03:ea:f3:52:e8:c7:9b:8c:52:4e:7e:5d:96:c7:a8:42:c2:5f:
f4:36:5b:dd:ec:25:09:22:2e:48:be:88:15:64:9f:ea:28:0f:
82:c9:22:ff:79:96:ea:65:12:2c:7d:80:f9:82:3e:6f:56:24:
e8:04:77:54:42:8e:f8:4a:0a:76:7f:4b:c7:51:93:5e:2f:6d:
50:c7:08:59:68:2e:77:22:81:e2:33:e9:a8:4e:4b:50:9d:62:
52:35:cc:b8:d9:ad:12:4d:6c:ae:6f:a4:ce:44:f6:fc:87:fa:
39:9a:a4:cd:cd:04:7a:3f:04:8b:4f:86:2b:8f:84:dc:11:8f:
88:eb:8e:87:27:1f:6a:44:1c:c1:5b:c2:7a:cc:af:34:c1:4e:
7f:14:ac:20:93:a1:47:6d:66:b2:c3:96:bf:7d:88:ae:2f:ab:
d5:7c:21:53:3b:83:bc:66:ab:1e:39:dc:00:0d:4a:f8:b8:a2:
74:fb:5b:56:3f:33:f2:73:0b:b0:b3:79:7d:9f:85:c8:9c:29:
6f:f0:55:ee:13:3e:63:28:8d:6c:13:45:7d:9a:3e:29:97:b2:
32:ec:09:6e:9a:ad:78:b6:58:6c:47:cc:d4:30:c4:00:0f:c3:
ea:d5:af:3f:8d:c6:45:64:18:7b:fd:e0:81:cd:f3:b8:06:4d:
7a:d1:78:cf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZmVDIwNSlcG27ggGuNSL08vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMTEwMjIxODdlMzM5NWExNTI0ZmExYTc1NDFlYTc5MzI4
NWFmYzIwHhcNMjUwOTI5MTAzNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA0YzM5MDBkMzc1NTZkMzMwZjE5Njc0YzE1NDdjZjllNDdhODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2EOGfVn02x7rBBbH+ywn+WqCrWp
YNn352jtfT4YPoIWG9D+184XLWedWpJF3rEH32149/0dplQsQLnRAyzoKM1RfVS2
CUoynzT7md/2kxLEO7NIbS8SLAO/kSCtg2K3siVT4NFHs8x0nZbN1jzBRS8DIcQt
AZfGtFaHjGa0l8leo6cg4Z82p5a7pWY5aMReMbbiRShjXpkilCfScJzWvCJRbQQI
kc0Hp5xVpjlBr4O9V0/bNiQOkkf5zWuUAzZ1DWVXvbqYsj10+GnnV8AzJoUltNdm
N2N09VgE0UUYiPWvT0Rn83UPAHQ+zBqoueP6SUIZVH7mPFsFxFbBOYH7swIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKYEw5ANN1VtMw8ZZ0wVR8+eR6iWMB8GA1UdIwQY
MBaAFLARAiGH4zlaFST6GnVB6nkyha/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAt
NTMzNGU2YjhjNWZlLzEvcGdURGtBMDNWVzB6RHhsblRCVkh6NTVIcUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAtNTMzNGU2YjhjNWZl
LzEvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGWZCAAwQF
bW0gAwQEnxRgAwQCuThgMA0EAgACMAcDBQAqABVwMA0GCSqGSIb3DQEBCwUAA4IB
AQAD6vNS6MebjFJOfl2Wx6hCwl/0Nlvd7CUJIi5IvogVZJ/qKA+CySL/eZbqZRIs
fYD5gj5vViToBHdUQo74Sgp2f0vHUZNeL21QxwhZaC53IoHiM+moTktQnWJSNcy4
2a0STWyub6TORPb8h/o5mqTNzQR6PwSLT4Yrj4TcEY+I646HJx9qRBzBW8J6zK80
wU5/FKwgk6FHbWayw5a/fYiuL6vVfCFTO4O8ZqseOdwADUr4uKJ0+1tWPzPycwuw
s3l9n4XInClv8FXuEz5jKI1sE0V9mj4pl7Iy7Alumq14tlhsR8zUMMQAD8Pq1a8/
jcZFZBh7/eCBzfO4Bk160XjP
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:07 2025 by rpki-client