Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/g2292tg5HkQKxN5v3A20HQE7HPE.roa
File: g2292tg5HkQKxN5v3A20HQE7HPE.roa (raw, json)
Hash identifier: 8kwF0PMfxaM4q7cGmN1tVvvHsfTo4uOxn6Qw92CswWg=
Subject key identifier: 83:6D:BD:DA:D8:39:1E:44:0A:C4:DE:6F:DC:0D:B4:1D:01:3B:1C:F1
Certificate issuer: /CN=459b2fd0053bdd7e7775398db163bee8772478a5
Certificate serial: 0199C82DF11E7D349CE01AC2AD92FD145B89
Authority key identifier: 45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/g2292tg5HkQKxN5v3A20HQE7HPE.roa
Signing time: Thu 09 Oct 2025 08:54:38 +0000
ROA not before: Thu 09 Oct 2025 08:54:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19624
IP address blocks: 31.14.40.0/23 maxlen: 23
89.39.149.0/24 maxlen: 24
185.105.4.0/23 maxlen: 23
185.105.6.0/24 maxlen: 24
2a01:4ce0:61::/48 maxlen: 48
2a01:4ce0:161::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/RZsv0AU73X53dTmNsWO-6HckeKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/RZsv0AU73X53dTmNsWO-6HckeKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:2d:f1:1e:7d:34:9c:e0:1a:c2:ad:92:fd:14:5b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=459b2fd0053bdd7e7775398db163bee8772478a5
Validity
Not Before: Oct 9 08:54:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=836dbddad8391e440ac4de6fdc0db41d013b1cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cc:2a:47:0b:3b:db:fc:c0:0c:ba:fd:b9:54:
35:46:78:cd:c1:f5:18:f9:f4:bf:7e:f9:ac:2f:9b:
df:bd:11:4f:1f:38:12:01:80:08:ba:c9:86:97:64:
f1:c4:8d:f7:d1:4d:3f:1f:b6:f1:37:ae:2e:45:3b:
23:68:4c:e4:53:62:bc:26:a5:fb:09:2d:c5:d2:81:
7c:ac:03:73:fc:c0:b1:e6:08:31:ff:d9:eb:3b:36:
6e:cf:fe:9f:53:9f:6b:10:79:01:a5:02:b7:5e:68:
1f:c8:f7:d0:35:f6:2d:a8:20:64:73:48:50:1d:8e:
f0:38:18:e2:12:ea:a0:ac:89:a6:b4:7d:98:75:8c:
26:55:e7:dd:81:ac:25:26:a1:70:78:29:3e:b6:fc:
63:c8:e0:9c:5d:68:5a:93:4b:5a:42:ea:52:6b:92:
d3:dd:2e:4d:01:85:68:fb:9c:cb:d8:3e:55:37:16:
7e:0c:27:0d:b6:6c:7d:37:3b:27:4b:4c:ae:bf:97:
31:57:8f:9c:e0:3c:dd:fc:af:e4:be:0e:7e:50:1d:
44:b9:b8:f4:94:5e:63:7e:17:a7:ff:ca:f1:40:8f:
0a:d7:b7:0c:3f:9f:97:a1:2e:e0:c2:23:1b:ad:a3:
7d:11:93:55:5c:c8:e6:9e:a8:cd:be:c9:0e:78:70:
0f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6D:BD:DA:D8:39:1E:44:0A:C4:DE:6F:DC:0D:B4:1D:01:3B:1C:F1
X509v3 Authority Key Identifier:
keyid:45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/g2292tg5HkQKxN5v3A20HQE7HPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/RZsv0AU73X53dTmNsWO-6HckeKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.40.0/23
89.39.149.0/24
185.105.4.0-185.105.6.255
IPv6:
2a01:4ce0:61::/48
2a01:4ce0:161::/48
Signature Algorithm: sha256WithRSAEncryption
49:d5:f1:15:06:d3:15:c3:a6:89:38:9c:5f:59:ea:0b:f7:7b:
84:09:2f:d0:53:1b:85:95:78:49:ed:f0:d8:c2:20:56:c4:2d:
bf:38:ba:59:7a:b4:63:f9:b2:ed:47:52:0f:62:43:04:50:8d:
6f:48:06:b2:8d:b0:3e:b9:29:cd:44:7b:a7:ea:93:6e:55:ad:
61:9f:94:fa:54:c9:30:87:c6:98:d9:0f:dc:04:cb:41:0c:54:
3f:48:2a:97:9d:45:9b:59:aa:ca:e0:46:ff:a4:78:bc:77:46:
7c:92:13:45:74:7b:58:39:3d:d0:a4:78:33:71:ff:af:14:b0:
7f:ac:f8:07:d0:2b:e0:08:98:44:15:70:bb:77:1a:fa:91:f3:
f1:09:dc:b0:26:6e:24:b9:9b:dd:f1:e5:e2:dd:60:a6:f0:bb:
e4:c8:5f:c8:39:83:c3:ec:8b:60:89:5f:20:bf:d7:b9:d6:29:
89:d7:fa:c5:8e:0f:63:51:a2:85:c2:46:f6:37:2a:fa:b1:d7:
19:4f:26:7e:74:cf:18:7d:c1:b7:bf:d3:f3:f8:65:63:a1:83:
ca:8c:41:9c:e6:8d:96:c4:57:0e:45:63:d4:c7:a4:71:0b:ea:
c5:8d:dc:42:10:31:1b:8b:34:f3:26:a8:48:1c:2b:7d:d0:b3:
32:0b:ca:ac
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZnILfEefTSc4BrCrZL9FFuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWIyZmQwMDUzYmRkN2U3Nzc1Mzk4ZGIxNjNiZWU4Nzcy
NDc4YTUwHhcNMjUxMDA5MDg1NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZkYmRkYWQ4MzkxZTQ0MGFjNGRlNmZkYzBkYjQxZDAxM2IxY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08wqRws72/zADLr9uVQ1RnjNwfUY
+fS/fvmsL5vfvRFPHzgSAYAIusmGl2TxxI330U0/H7bxN64uRTsjaEzkU2K8JqX7
CS3F0oF8rANz/MCx5ggx/9nrOzZuz/6fU59rEHkBpQK3XmgfyPfQNfYtqCBkc0hQ
HY7wOBjiEuqgrImmtH2YdYwmVefdgawlJqFweCk+tvxjyOCcXWhak0taQupSa5LT
3S5NAYVo+5zL2D5VNxZ+DCcNtmx9NzsnS0yuv5cxV4+c4Dzd/K/kvg5+UB1Eubj0
lF5jfhen/8rxQI8K17cMP5+XoS7gwiMbraN9EZNVXMjmnqjNvskOeHAPXQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFINtvdrYOR5ECsTeb9wNtB0BOxzxMB8GA1UdIwQY
MBaAFEWbL9AFO91+d3U5jbFjvuh3JHilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYt
YWI4ZTk3ZDg1NWNjLzEvZzIyOTJ0ZzVIa1FLeE41djNBMjBIUUU3SFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYtYWI4ZTk3ZDg1NWNj
LzEvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQBHw4oAwQA
WSeVMAwDBAK5aQQDBAC5aQYwGAQCAAIwEgMHACoBTOAAYQMHACoBTOABYTANBgkq
hkiG9w0BAQsFAAOCAQEASdXxFQbTFcOmiTicX1nqC/d7hAkv0FMbhZV4Se3w2MIg
VsQtvzi6WXq0Y/my7UdSD2JDBFCNb0gGso2wPrkpzUR7p+qTblWtYZ+U+lTJMIfG
mNkP3ATLQQxUP0gql51Fm1mqyuBG/6R4vHdGfJITRXR7WDk90KR4M3H/rxSwf6z4
B9Ar4AiYRBVwu3ca+pHz8QncsCZuJLmb3fHl4t1gpvC75MhfyDmDw+yLYIlfIL/X
udYpidf6xY4PY1GihcJG9jcq+rHXGU8mfnTPGH3Bt7/T8/hlY6GDyoxBnOaNlsRX
DkVj1MekcQvqxY3cQhAxG4s08yaoSBwrfdCzMgvKrA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:30 2025 by rpki-client