Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/Rlb2tOHsLeLyjP1RSURryd9jvec.roa
File: Rlb2tOHsLeLyjP1RSURryd9jvec.roa (raw, json)
Hash identifier: jecxIoKlBvw6gWyoJ8u8/wuvD6cFE1AGV7OziEZZTXs=
Subject key identifier: 46:56:F6:B4:E1:EC:2D:E2:F2:8C:FD:51:49:44:6B:C9:DF:63:BD:E7
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 0199BE5AFCE1636284C93AB8AFC94AE148B7
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/Rlb2tOHsLeLyjP1RSURryd9jvec.roa
Signing time: Tue 07 Oct 2025 11:07:37 +0000
ROA not before: Tue 07 Oct 2025 11:07:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6740
IP address blocks: 82.202.0.0/18 maxlen: 18
185.193.128.0/22 maxlen: 22
212.90.224.0/19 maxlen: 19
213.235.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:5a:fc:e1:63:62:84:c9:3a:b8:af:c9:4a:e1:48:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Oct 7 11:07:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4656f6b4e1ec2de2f28cfd5149446bc9df63bde7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:a6:28:e3:bc:73:91:59:6f:f7:0a:6c:00:
7c:53:f8:a3:fe:ee:37:82:65:17:7f:08:08:cc:80:
41:e5:f4:ed:e6:99:89:1e:7b:ad:8a:1b:ec:0e:3f:
58:6f:55:3c:04:ff:36:5e:94:1c:9e:db:3c:9e:64:
ca:ef:f7:e1:fe:56:29:f4:16:f9:92:ee:fa:0a:1f:
1e:bf:b6:07:27:48:b7:f8:ed:0e:e1:45:5d:04:5b:
b2:0b:d6:ac:c5:e9:e8:1a:3d:92:1b:d6:14:0f:4a:
81:d9:ad:3d:76:c8:a6:f9:4b:0b:e8:01:d4:cd:c2:
c5:fe:9a:48:1f:b1:f6:94:b5:f1:73:cb:f8:26:f9:
86:33:ec:41:c9:88:22:89:c0:41:a7:23:60:5f:84:
d8:2e:25:cd:b4:7a:10:6d:80:59:33:6e:01:3a:93:
1a:60:72:6f:96:09:26:e0:43:fa:51:ef:1d:2a:93:
d6:17:e1:24:09:64:50:ef:12:8c:fa:27:0d:dc:7a:
80:8a:f4:a8:97:a4:29:bb:95:fb:aa:bc:7e:8d:47:
58:7d:bb:ff:44:8c:a8:4b:f8:ea:57:00:59:fd:34:
be:e4:34:ce:2c:99:80:86:d9:c3:3b:79:c2:45:0c:
4b:b8:7c:1d:ce:3d:9a:26:18:4c:2a:36:bb:9d:f1:
e4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:56:F6:B4:E1:EC:2D:E2:F2:8C:FD:51:49:44:6B:C9:DF:63:BD:E7
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/Rlb2tOHsLeLyjP1RSURryd9jvec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.202.0.0/18
185.193.128.0/22
212.90.224.0/19
213.235.64.0/18
Signature Algorithm: sha256WithRSAEncryption
70:a0:7b:0f:a0:88:5c:dd:0b:e5:9a:27:a6:d0:50:09:19:1c:
90:42:e0:6f:14:7d:42:50:c7:79:de:7a:dd:b5:2e:b4:9c:9d:
8b:29:27:28:99:ef:9c:34:0c:85:07:70:60:85:42:f2:74:7a:
03:99:9c:88:dd:04:5f:06:87:cc:b0:1d:bd:ca:4d:49:60:ae:
29:5e:77:5a:e9:d1:2e:d8:1e:ee:38:92:5c:a9:61:33:7c:d2:
0d:80:33:bf:c0:03:c5:10:b2:32:09:e6:51:b0:27:40:ce:4e:
28:df:42:1d:82:00:e5:55:d2:8f:5f:18:ea:a3:91:ce:7e:20:
b0:fc:9d:ad:b7:05:1f:05:ba:c3:ba:fe:ef:af:4f:70:66:b5:
90:8b:5e:e7:f1:d0:ce:d5:28:a5:32:c8:09:f2:ff:9f:71:15:
05:86:6d:5a:86:22:d6:85:a9:f9:42:4f:81:05:29:6a:7c:8d:
ae:a5:74:ae:e6:1f:7f:c6:03:aa:87:82:e4:d8:c0:20:75:a2:
9e:ef:ed:ad:6d:cf:09:41:c0:6c:b0:d6:87:f5:7e:26:02:a3:
d2:a2:6e:03:03:2e:bd:06:73:7e:69:1d:15:8a:ad:d0:93:e9:
ee:dc:19:45:54:70:93:7e:2e:5a:cb:c5:55:89:2e:f3:b4:bb:
be:af:7a:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZm+WvzhY2KEyTq4r8lK4Ui3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUxMDA3MTEwNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjU2ZjZiNGUxZWMyZGUyZjI4Y2ZkNTE0OTQ0NmJjOWRmNjNiZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2CmKOO8c5FZb/cKbAB8U/ij/u43
gmUXfwgIzIBB5fTt5pmJHnutihvsDj9Yb1U8BP82XpQcnts8nmTK7/fh/lYp9Bb5
ku76Ch8ev7YHJ0i3+O0O4UVdBFuyC9asxenoGj2SG9YUD0qB2a09dsim+UsL6AHU
zcLF/ppIH7H2lLXxc8v4JvmGM+xByYgiicBBpyNgX4TYLiXNtHoQbYBZM24BOpMa
YHJvlgkm4EP6Ue8dKpPWF+EkCWRQ7xKM+icN3HqAivSol6Qpu5X7qrx+jUdYfbv/
RIyoS/jqVwBZ/TS+5DTOLJmAhtnDO3nCRQxLuHwdzj2aJhhMKja7nfHk7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEZW9rTh7C3i8oz9UUlEa8nfY73nMB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvUmxiMnRPSHNMZUx5alAxUlNVUnJ5ZDlqdmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGUsoAAwQC
ucGAAwQF1FrgAwQG1etAMA0GCSqGSIb3DQEBCwUAA4IBAQBwoHsPoIhc3Qvlmiem
0FAJGRyQQuBvFH1CUMd53nrdtS60nJ2LKScome+cNAyFB3BghULydHoDmZyI3QRf
BofMsB29yk1JYK4pXnda6dEu2B7uOJJcqWEzfNINgDO/wAPFELIyCeZRsCdAzk4o
30IdggDlVdKPXxjqo5HOfiCw/J2ttwUfBbrDuv7vr09wZrWQi17n8dDO1SilMsgJ
8v+fcRUFhm1ahiLWhan5Qk+BBSlqfI2upXSu5h9/xgOqh4Lk2MAgdaKe7+2tbc8J
QcBssNaH9X4mAqPSom4DAy69BnN+aR0Viq3Qk+nu3BlFVHCTfi5ay8VViS7ztLu+
r3rf
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:59 2025 by rpki-client