Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/erLKl2-7SPNGcOtJ86A0RSv3cdw.roa
File: erLKl2-7SPNGcOtJ86A0RSv3cdw.roa (raw, json)
Hash identifier: 1hNGg1BiH4BJWJitgxTwu0nBQpz2c5fg0q3Qy8a1iuo=
Subject key identifier: 7A:B2:CA:97:6F:BB:48:F3:46:70:EB:49:F3:A0:34:45:2B:F7:71:DC
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 0199B997D9AB9719D9F0ED726BECA432BA68
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/erLKl2-7SPNGcOtJ86A0RSv3cdw.roa
Signing time: Mon 06 Oct 2025 12:56:00 +0000
ROA not before: Mon 06 Oct 2025 12:56:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2586
IP address blocks: 109.163.248.0/21 maxlen: 21
192.175.45.0/24 maxlen: 24
2001:671::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:97:d9:ab:97:19:d9:f0:ed:72:6b:ec:a4:32:ba:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Oct 6 12:56:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ab2ca976fbb48f34670eb49f3a034452bf771dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:39:e0:18:35:12:72:46:5e:59:31:06:96:
fa:ec:59:91:08:cb:71:46:d1:ee:e8:ce:fd:a1:38:
6a:b0:99:16:f0:38:bc:15:62:ef:98:79:cf:05:b4:
38:d5:21:7c:96:68:ea:ab:40:5f:15:09:c7:d3:87:
4c:a9:04:b8:2f:47:b6:36:a3:a8:4d:41:08:9e:53:
d0:0c:9d:3d:81:a2:f1:fa:f4:4c:ac:75:7b:d4:9c:
64:04:ea:98:cd:43:94:91:83:8d:e1:7d:06:dd:a5:
9a:ff:7d:ee:9a:bf:ab:56:2c:56:18:83:f5:3a:9b:
b1:1c:4c:6f:b0:dd:23:b7:61:9f:86:37:02:7a:f6:
92:2c:e7:bf:0e:7e:82:5c:20:03:13:6a:d8:2d:c5:
4f:ae:04:4f:69:31:90:43:c4:79:25:6c:15:38:6a:
bb:dd:c5:e8:61:9a:f4:0c:9c:30:a4:1e:ab:72:ed:
63:55:f1:31:61:2b:e4:24:59:6d:cc:8d:67:49:0b:
28:46:91:bd:f8:78:37:e8:28:87:79:76:7f:eb:66:
75:ae:e5:e7:e1:0f:8e:66:77:af:97:e7:8d:fe:89:
39:ef:94:58:14:cf:09:ac:fb:c0:28:c9:df:bf:82:
50:a6:5d:ed:47:c9:36:8d:a9:fb:42:70:63:74:80:
d1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B2:CA:97:6F:BB:48:F3:46:70:EB:49:F3:A0:34:45:2B:F7:71:DC
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/erLKl2-7SPNGcOtJ86A0RSv3cdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.163.248.0/21
192.175.45.0/24
IPv6:
2001:671::/48
Signature Algorithm: sha256WithRSAEncryption
34:ed:be:da:f2:00:27:00:92:ba:db:69:54:0f:76:7f:f2:1d:
1f:26:fb:e4:4d:bc:6f:b1:62:ac:d4:d5:ff:96:e4:ea:5d:88:
2d:e5:66:7f:e7:1b:2e:b1:90:d0:fc:7d:ad:9d:08:af:d2:1d:
d9:1e:2e:da:e8:ab:0c:e2:a7:4a:8e:e1:c6:ea:27:89:82:fa:
a2:94:2f:71:61:79:b0:0e:5f:18:76:ae:e9:d6:f1:78:e3:78:
96:97:cb:93:9a:c9:36:67:31:01:cb:25:e0:2c:fd:60:40:ed:
b4:04:56:35:b7:5d:2a:67:db:45:1e:d5:cc:29:ab:11:83:e8:
34:f2:56:8a:ad:bf:f4:5f:f0:99:07:80:50:ff:42:e9:dc:18:
34:54:ee:65:59:10:53:57:8c:7e:fc:6f:17:95:92:09:b5:36:
e8:4b:41:d4:50:97:f3:6a:e3:bb:d2:16:f2:cd:31:e3:8a:31:
68:53:64:a5:ef:a4:9e:d8:57:85:16:53:a2:52:c4:8f:5a:86:
06:68:03:51:20:91:68:1d:14:a1:da:d5:39:5c:6b:c3:f9:70:
ac:30:3e:4b:16:67:29:48:1c:7f:8f:c1:06:44:07:fd:56:e4:
2d:79:93:9a:9a:12:35:dc:39:3e:07:1c:64:20:bc:bc:53:15:
e7:30:68:9b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZm5l9mrlxnZ8O1ya+ykMrpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUxMDA2MTI1NjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIyY2E5NzZmYmI0OGYzNDY3MGViNDlmM2EwMzQ0NTJiZjc3MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucI54Bg1EnJGXlkxBpb67FmRCMtx
RtHu6M79oThqsJkW8Di8FWLvmHnPBbQ41SF8lmjqq0BfFQnH04dMqQS4L0e2NqOo
TUEInlPQDJ09gaLx+vRMrHV71JxkBOqYzUOUkYON4X0G3aWa/33umr+rVixWGIP1
OpuxHExvsN0jt2GfhjcCevaSLOe/Dn6CXCADE2rYLcVPrgRPaTGQQ8R5JWwVOGq7
3cXoYZr0DJwwpB6rcu1jVfExYSvkJFltzI1nSQsoRpG9+Hg36CiHeXZ/62Z1ruXn
4Q+OZnevl+eN/ok575RYFM8JrPvAKMnfv4JQpl3tR8k2jan7QnBjdIDRcwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHqyypdvu0jzRnDrSfOgNEUr93HcMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvZXJMS2wyLTdTUE5HY090Sjg2QTBSU3YzY2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDbaP4AwQA
wK8tMA8EAgACMAkDBwAgAQZxAAAwDQYJKoZIhvcNAQELBQADggEBADTtvtryACcA
krrbaVQPdn/yHR8m++RNvG+xYqzU1f+W5OpdiC3lZn/nGy6xkND8fa2dCK/SHdke
Ltroqwzip0qO4cbqJ4mC+qKUL3FhebAOXxh2runW8XjjeJaXy5OayTZnMQHLJeAs
/WBA7bQEVjW3XSpn20Ue1cwpqxGD6DTyVoqtv/Rf8JkHgFD/QuncGDRU7mVZEFNX
jH78bxeVkgm1NuhLQdRQl/Nq47vSFvLNMeOKMWhTZKXvpJ7YV4UWU6JSxI9ahgZo
A1EgkWgdFKHa1Tlca8P5cKwwPksWZylIHH+PwQZEB/1W5C15k5qaEjXcOT4HHGQg
vLxTFecwaJs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:33:18 2025 by rpki-client