Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/l4a3XbHOtKFp0184MdRIDU-jOxk.roa
File: l4a3XbHOtKFp0184MdRIDU-jOxk.roa (raw, json)
Hash identifier: q5kFgaOF3Cv5yGAbLEZMIoShfmz2+xh9WCr6tx/KZ50=
Subject key identifier: 97:86:B7:5D:B1:CE:B4:A1:69:D3:5F:38:31:D4:48:0D:4F:A3:3B:19
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 0199774793A3391AC5A98E1BF7DCB404F003
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/l4a3XbHOtKFp0184MdRIDU-jOxk.roa
Signing time: Tue 23 Sep 2025 15:53:23 +0000
ROA not before: Tue 23 Sep 2025 15:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.96.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.108.0/22 maxlen: 22
213.248.196.0/23 maxlen: 23
213.248.198.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.230.0/23 maxlen: 23
213.248.232.0/21 maxlen: 21
213.248.240.0/21 maxlen: 21
213.248.249.0/24 maxlen: 24
213.248.252.0/23 maxlen: 23
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1a00::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2a00::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:f001::/48 maxlen: 48
2a01:61c:f002::/48 maxlen: 48
2a01:61c:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:77:47:93:a3:39:1a:c5:a9:8e:1b:f7:dc:b4:04:f0:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 23 15:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9786b75db1ceb4a169d35f3831d4480d4fa33b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b6:ee:18:e6:cb:ce:af:2b:52:73:d6:7e:c1:
08:2f:c0:94:10:8d:5e:ac:fb:8d:50:5a:56:c6:2b:
42:d9:61:66:b9:67:df:96:0c:bc:50:55:ec:33:63:
18:ca:64:ea:f5:8e:d8:a7:b9:fb:79:11:58:b0:ab:
9a:c0:4d:22:37:b8:d1:2b:6b:92:8e:47:7f:35:d6:
68:83:b7:c8:35:e0:93:d8:23:eb:89:b8:db:d7:77:
f1:06:02:50:3b:23:7a:6b:26:4c:f9:b8:f8:2f:6e:
0b:d2:13:d9:a8:96:54:08:5c:48:d9:39:33:7d:96:
d8:1d:d2:d4:e0:b8:aa:c9:03:5f:0c:1c:49:72:25:
e1:ff:9c:e2:75:fb:84:93:fd:00:ca:b2:ab:59:86:
66:0c:10:b3:c1:15:dd:26:83:9e:05:35:9b:bd:be:
77:66:67:13:cc:50:82:ab:4f:48:e3:c6:09:13:b5:
c2:a1:6c:44:a5:1f:99:c0:f4:73:13:2e:bb:d1:55:
32:bd:9d:08:08:b0:d6:87:21:fa:9e:41:eb:8b:21:
e9:78:a4:b6:27:73:b8:af:65:41:45:51:04:99:b6:
b1:22:dc:4c:86:d3:95:1c:c4:5e:83:4f:07:44:b1:
de:2d:65:02:14:9a:23:0b:c9:a1:e3:89:33:42:f0:
9a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:86:B7:5D:B1:CE:B4:A1:69:D3:5F:38:31:D4:48:0D:4F:A3:3B:19
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/l4a3XbHOtKFp0184MdRIDU-jOxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
213.248.249.0/24
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::-2a01:61c:1aff:ffff:ffff:ffff:ffff:ffff
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2a00::/40
2a01:61c:2f00::/40
2a01:61c:f001::-2a01:61c:f002:ffff:ffff:ffff:ffff:ffff
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
51:99:53:f1:c8:1b:5a:08:26:80:a0:90:26:81:a4:aa:76:40:
0f:1c:a6:de:df:4d:d4:7d:8d:11:ae:6d:0f:ac:5c:b7:1e:8b:
e3:df:b2:64:17:b1:2f:db:9e:44:95:95:54:e1:14:b1:6a:2b:
16:21:b6:da:d1:7f:20:c2:6d:63:1d:ff:d0:f4:3e:b6:ca:dd:
19:ac:d7:85:7a:96:1f:0f:38:81:89:c4:8a:39:b0:24:d6:d2:
4d:51:a4:32:27:5d:5d:40:7b:95:2f:58:9c:32:e2:f7:49:a4:
b7:21:a7:d3:55:bd:21:90:9d:30:2c:dc:56:1a:6e:f8:9f:bb:
46:eb:09:b4:d2:1b:09:c2:10:6b:d0:e3:2e:7f:dc:63:b9:45:
17:67:24:b9:3f:29:6b:d8:75:55:11:4f:e2:85:d2:8b:8a:4c:
94:76:08:6d:1b:56:90:6b:65:9f:9b:74:9e:ea:dd:c6:d4:cb:
aa:4c:0b:e9:a0:c1:7a:5b:5b:c1:3e:dd:03:d7:29:1f:49:be:
57:f7:ca:36:f2:e0:db:d7:0d:62:ea:fc:ce:47:7e:e2:7f:b9:
1f:c1:6e:30:78:2b:b9:59:ac:da:23:3e:3f:84:20:98:65:5e:
6b:99:1c:67:65:0c:8d:b6:30:a9:a3:74:2c:e1:b6:e9:94:19:
aa:cc:fb:93
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZl3R5OjORrFqY4b99y0BPADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjUwOTIzMTU1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg2Yjc1ZGIxY2ViNGExNjlkMzVmMzgzMWQ0NDgwZDRmYTMzYjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLbuGObLzq8rUnPWfsEIL8CUEI1e
rPuNUFpWxitC2WFmuWfflgy8UFXsM2MYymTq9Y7Yp7n7eRFYsKuawE0iN7jRK2uS
jkd/NdZog7fINeCT2CPribjb13fxBgJQOyN6ayZM+bj4L24L0hPZqJZUCFxI2Tkz
fZbYHdLU4LiqyQNfDBxJciXh/5zidfuEk/0AyrKrWYZmDBCzwRXdJoOeBTWbvb53
ZmcTzFCCq09I48YJE7XCoWxEpR+ZwPRzEy670VUyvZ0ICLDWhyH6nkHriyHpeKS2
J3O4r2VBRVEEmbaxItxMhtOVHMReg08HRLHeLWUCFJojC8mh44kzQvCaOQIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFJeGt12xzrShadNfODHUSA1PozsZMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvbDRhM1hiSE90S0ZwMDE4NE1kUklEVS1qT3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzAsBAIAATAmAwQElRRg
AwQC1fjEMAwDBALV+OQDBAPV+PADBADV+PkDBAHV+PwwbwQCAAIwaQMGByoBBhiA
AwYBKgEGHBAwEAMGACoBBhwZAwYAKgEGHBoDBgAqAQYcHTAQAwYAKgEGHB8DBgEq
AQYcIAMGACoBBhwqAwYAKgEGHC8wEgMHACoBBhzwAQMHACoBBhzwAgMHACoBBhz/
/zANBgkqhkiG9w0BAQsFAAOCAQEAUZlT8cgbWggmgKCQJoGkqnZADxym3t9N1H2N
Ea5tD6xctx6L49+yZBexL9ueRJWVVOEUsWorFiG22tF/IMJtYx3/0PQ+tsrdGazX
hXqWHw84gYnEijmwJNbSTVGkMiddXUB7lS9YnDLi90mktyGn01W9IZCdMCzcVhpu
+J+7RusJtNIbCcIQa9DjLn/cY7lFF2ckuT8pa9h1VRFP4oXSi4pMlHYIbRtWkGtl
n5t0nurdxtTLqkwL6aDBeltbwT7dA9cpH0m+V/fKNvLg29cNYur8zkd+4n+5H8Fu
MHgruVms2iM+P4QgmGVea5kcZ2UMjbYwqaN0LOG26ZQZqsz7kw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:15:04 2025 by rpki-client