Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/JksIp8plt8XHk157IJ1eE1-tvto.roa
File: JksIp8plt8XHk157IJ1eE1-tvto.roa (raw, json)
Hash identifier: wgY/0YYKwrZFlsYl68IwR2OteHvDDcA3JQTOM7ecfhk=
Subject key identifier: 26:4B:08:A7:CA:65:B7:C5:C7:93:5E:7B:20:9D:5E:13:5F:AD:BE:DA
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 0199C2E12141277F594BAC5B6839B4B0DB53
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/JksIp8plt8XHk157IJ1eE1-tvto.roa
Signing time: Wed 08 Oct 2025 08:12:37 +0000
ROA not before: Wed 08 Oct 2025 08:12:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34766
IP address blocks: 95.142.110.0/24 maxlen: 24
185.138.56.0/22 maxlen: 22
185.138.56.0/24 maxlen: 24
185.138.57.0/24 maxlen: 24
193.202.88.0/24 maxlen: 24
2a07:a80::/29 maxlen: 29
2a07:a80::/40 maxlen: 40
2a07:a80:100::/40 maxlen: 40
2a07:a80:200::/40 maxlen: 40
2a07:a80:300::/40 maxlen: 40
2a07:a80:b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:e1:21:41:27:7f:59:4b:ac:5b:68:39:b4:b0:db:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Oct 8 08:12:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=264b08a7ca65b7c5c7935e7b209d5e135fadbeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5a:9c:58:64:dd:55:4c:aa:45:28:03:0e:ba:
7e:ac:1b:99:ed:ce:d9:6b:fc:74:8d:a7:4b:8a:24:
19:61:4c:b9:18:a0:f4:ea:44:2e:f5:22:2b:ea:ba:
69:fb:5e:e4:33:19:9f:5e:08:c0:0d:bc:d9:d7:d1:
8f:e6:83:27:d2:2d:31:54:eb:48:52:af:93:90:8f:
f8:79:de:f1:c2:b3:4a:2d:d0:60:64:52:13:c6:29:
a5:88:8a:cf:0c:14:d3:ef:ee:82:92:de:4d:7d:62:
a7:ba:fc:dc:d4:fb:9c:33:ff:39:a0:9f:8b:93:36:
26:a4:19:4f:36:50:9a:01:3e:9b:81:f5:b8:84:1a:
43:43:b8:59:3a:4c:fe:51:c8:18:cd:15:54:cd:a0:
e4:2c:5b:30:df:f1:6c:9a:79:c0:e6:79:a5:52:43:
dc:5e:80:56:7b:7f:4f:c3:fc:32:1a:b9:78:ef:6c:
56:10:16:03:81:99:7e:89:65:ab:2b:55:54:65:7c:
23:10:8d:0a:52:7e:87:35:b8:fa:04:00:94:d6:63:
08:36:88:41:31:13:f1:d3:2a:df:ba:da:a4:89:41:
ce:da:32:1d:b4:3a:9f:b3:52:f7:60:6c:91:4b:73:
d9:bf:7e:ed:4e:a9:a5:ba:f8:a4:ed:0c:82:b4:34:
36:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4B:08:A7:CA:65:B7:C5:C7:93:5E:7B:20:9D:5E:13:5F:AD:BE:DA
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/JksIp8plt8XHk157IJ1eE1-tvto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.110.0/24
185.138.56.0/22
193.202.88.0/24
IPv6:
2a07:a80::/29
Signature Algorithm: sha256WithRSAEncryption
4c:6c:22:fe:04:70:2b:06:d1:12:c8:e9:75:ec:8e:f4:08:c0:
ae:ff:20:e7:04:ee:6b:de:28:fa:1a:f9:cb:26:6f:2e:da:08:
1c:b8:49:31:c6:96:72:44:84:f1:e2:95:c4:a5:d0:4d:08:61:
1f:2f:4a:fd:22:1b:ea:73:22:f9:64:c0:0f:9b:bd:fa:c6:0a:
b8:ac:f8:98:04:eb:63:58:1a:2e:51:b4:32:e7:9f:17:58:f3:
fd:3c:47:58:ee:c3:ef:b5:6a:41:6c:e9:46:e0:76:83:d5:4e:
66:b6:88:49:bc:e8:bc:fb:db:27:82:78:88:27:e1:f1:e8:f3:
c2:30:4b:fd:ee:14:0c:47:21:ea:12:14:07:84:14:88:01:98:
3c:71:28:9a:b8:0b:36:9a:43:cf:fd:7e:4e:08:9c:97:79:75:
d3:8c:61:a9:5a:6a:2d:76:69:f3:38:bd:7c:8c:b1:a8:24:19:
08:81:0c:cc:b7:f2:3e:42:40:51:32:2a:74:a3:a5:f9:23:d5:
d6:e4:dd:5f:78:6f:56:11:ab:50:d6:c2:64:73:58:b4:a1:5a:
54:68:70:28:18:69:c5:5c:0a:f8:e4:dc:35:ef:d2:c8:6e:d4:
91:98:9f:36:52:10:da:8b:86:48:4c:9d:e6:0b:50:79:27:2f:
55:91:15:1d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZnC4SFBJ39ZS6xbaDm0sNtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjUxMDA4MDgxMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRiMDhhN2NhNjViN2M1Yzc5MzVlN2IyMDlkNWUxMzVmYWRiZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlqcWGTdVUyqRSgDDrp+rBuZ7c7Z
a/x0jadLiiQZYUy5GKD06kQu9SIr6rpp+17kMxmfXgjADbzZ19GP5oMn0i0xVOtI
Uq+TkI/4ed7xwrNKLdBgZFITximliIrPDBTT7+6Ckt5NfWKnuvzc1PucM/85oJ+L
kzYmpBlPNlCaAT6bgfW4hBpDQ7hZOkz+UcgYzRVUzaDkLFsw3/FsmnnA5nmlUkPc
XoBWe39Pw/wyGrl472xWEBYDgZl+iWWrK1VUZXwjEI0KUn6HNbj6BACU1mMINohB
MRPx0yrfutqkiUHO2jIdtDqfs1L3YGyRS3PZv37tTqmluvik7QyCtDQ2WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCZLCKfKZbfFx5NeeyCdXhNfrb7aMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvSmtzSXA4cGx0OFhIazE1N0lKMWVFMS10dnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAX45uAwQC
uYo4AwQAwcpYMA0EAgACMAcDBQMqBwqAMA0GCSqGSIb3DQEBCwUAA4IBAQBMbCL+
BHArBtESyOl17I70CMCu/yDnBO5r3ij6GvnLJm8u2ggcuEkxxpZyRITx4pXEpdBN
CGEfL0r9IhvqcyL5ZMAPm736xgq4rPiYBOtjWBouUbQy558XWPP9PEdY7sPvtWpB
bOlG4HaD1U5mtohJvOi8+9sngniIJ+Hx6PPCMEv97hQMRyHqEhQHhBSIAZg8cSia
uAs2mkPP/X5OCJyXeXXTjGGpWmotdmnzOL18jLGoJBkIgQzMt/I+QkBRMip0o6X5
I9XW5N1feG9WEatQ1sJkc1i0oVpUaHAoGGnFXAr45Nw179LIbtSRmJ82UhDai4ZI
TJ3mC1B5Jy9VkRUd
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:58 2025 by rpki-client