Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/iFK3PZcyL8eq5SahbGomeL22hrs.roa
File: iFK3PZcyL8eq5SahbGomeL22hrs.roa (raw, json)
Hash identifier: CXjz76TU8XcVBUWRlpbUujE0N/rqiaENpZ9bODRitAA=
Subject key identifier: 88:52:B7:3D:97:32:2F:C7:AA:E5:26:A1:6C:6A:26:78:BD:B6:86:BB
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01993D066E75138684FF6C8EB59B398F798F
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/iFK3PZcyL8eq5SahbGomeL22hrs.roa
Signing time: Fri 12 Sep 2025 08:24:15 +0000
ROA not before: Fri 12 Sep 2025 08:24:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203061
IP address blocks: 135.196.218.0/24 maxlen: 24
135.196.227.0/24 maxlen: 24
213.201.132.0/24 maxlen: 24
213.201.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:06:6e:75:13:86:84:ff:6c:8e:b5:9b:39:8f:79:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Sep 12 08:24:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8852b73d97322fc7aae526a16c6a2678bdb686bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d5:a5:d0:ca:6d:b7:3e:60:80:af:a2:0f:48:
d9:ea:03:db:dc:11:b6:f5:1e:10:38:55:c5:4f:2a:
16:70:bc:14:ab:3a:b0:ff:bb:8c:cc:80:d5:a4:df:
c0:13:2f:30:49:ad:21:67:65:9a:15:de:93:4f:36:
21:3c:5c:55:6d:96:71:2a:e4:c6:76:19:ab:e5:85:
d6:c5:59:78:fc:03:c8:52:98:48:74:cd:4b:07:b4:
3b:b6:c5:2b:28:22:1d:05:a9:45:ae:e5:da:09:b2:
d5:72:9e:58:ec:f5:05:83:50:ae:2a:30:0c:f8:02:
0a:89:63:11:ca:47:ea:d6:24:43:72:83:5f:0c:e6:
46:2c:11:61:53:b1:aa:73:88:0b:7a:90:e6:3f:10:
f0:9f:f8:dd:b9:f7:72:ad:5f:9f:85:b9:7e:cb:62:
a5:f4:e1:4f:9a:8d:05:18:57:a6:97:a7:09:da:c7:
cc:f4:0e:f2:f9:65:84:c6:0e:ee:05:db:3b:2d:44:
6b:cb:50:18:66:52:ae:f2:29:e5:91:f4:a0:fa:58:
50:6b:c3:02:49:41:72:80:38:45:f6:59:5c:1f:5e:
c3:28:6c:7a:eb:e4:f3:1a:3c:a7:78:27:b7:be:91:
d9:1f:9a:5a:b6:2c:b1:de:17:78:21:a4:2e:13:10:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:52:B7:3D:97:32:2F:C7:AA:E5:26:A1:6C:6A:26:78:BD:B6:86:BB
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/iFK3PZcyL8eq5SahbGomeL22hrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.196.218.0/24
135.196.227.0/24
213.201.132.0/24
213.201.139.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:cf:93:16:e7:17:87:5f:b2:7a:76:fa:f6:b4:65:ab:be:e1:
b0:84:e4:80:96:cb:f0:b5:6e:a1:97:9e:2d:01:1e:af:9d:4d:
87:85:4f:16:92:bb:f1:39:85:84:04:b8:16:ac:71:39:e5:ab:
02:b5:59:21:1e:8a:7e:da:98:e9:a6:14:cf:87:5b:a9:b8:c1:
05:ae:b0:78:f8:78:24:a3:94:73:9f:8a:e6:7b:e4:2b:b0:87:
87:b0:d6:11:f7:5d:42:f8:f5:a8:2a:44:12:5c:2e:98:95:11:
4b:ac:b9:45:ac:ba:2d:9f:69:c0:7f:cc:b3:de:d1:6e:6b:3f:
74:49:c1:0e:84:0e:20:67:0d:95:8d:bf:aa:13:6f:a9:f9:f6:
c7:5e:2b:13:31:d3:33:82:3c:4d:cc:78:67:1c:00:85:69:ac:
ef:8e:ab:45:62:98:ff:18:2e:bf:f1:1a:66:4e:bc:67:db:0e:
e4:c7:d1:40:db:ed:48:6b:52:6d:a4:e5:af:fa:d4:35:62:df:
36:bf:36:85:61:ca:71:07:3d:10:d6:a9:76:16:d5:ad:d7:ad:
9e:d5:d2:05:be:3b:3e:76:a2:ba:43:e0:ff:63:60:9e:75:c0:
28:24:55:63:02:25:ff:4f:ac:3b:73:d5:0f:6b:21:d2:d3:d2:
76:00:cf:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZk9Bm51E4aE/2yOtZs5j3mPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwOTEyMDgyNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUyYjczZDk3MzIyZmM3YWFlNTI2YTE2YzZhMjY3OGJkYjY4NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29Wl0Mpttz5ggK+iD0jZ6gPb3BG2
9R4QOFXFTyoWcLwUqzqw/7uMzIDVpN/AEy8wSa0hZ2WaFd6TTzYhPFxVbZZxKuTG
dhmr5YXWxVl4/APIUphIdM1LB7Q7tsUrKCIdBalFruXaCbLVcp5Y7PUFg1CuKjAM
+AIKiWMRykfq1iRDcoNfDOZGLBFhU7Gqc4gLepDmPxDwn/jdufdyrV+fhbl+y2Kl
9OFPmo0FGFeml6cJ2sfM9A7y+WWExg7uBds7LURry1AYZlKu8inlkfSg+lhQa8MC
SUFygDhF9llcH17DKGx66+TzGjyneCe3vpHZH5patiyx3hd4IaQuExCkjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIhStz2XMi/HquUmoWxqJni9toa7MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvaUZLM1BaY3lMOGVxNVNhaGJHb21lTDIyaHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAh8TaAwQA
h8TjAwQA1cmEAwQA1cmLMA0GCSqGSIb3DQEBCwUAA4IBAQCNz5MW5xeHX7J6dvr2
tGWrvuGwhOSAlsvwtW6hl54tAR6vnU2HhU8WkrvxOYWEBLgWrHE55asCtVkhHop+
2pjpphTPh1upuMEFrrB4+Hgko5Rzn4rme+QrsIeHsNYR911C+PWoKkQSXC6YlRFL
rLlFrLotn2nAf8yz3tFuaz90ScEOhA4gZw2Vjb+qE2+p+fbHXisTMdMzgjxNzHhn
HACFaazvjqtFYpj/GC6/8RpmTrxn2w7kx9FA2+1Ia1JtpOWv+tQ1Yt82vzaFYcpx
Bz0Q1ql2FtWt162e1dIFvjs+dqK6Q+D/Y2CedcAoJFVjAiX/T6w7c9UPayHS09J2
AM/Z
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:47 2025 by rpki-client