Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/4BCZvoVhaJr1ZyKd0QAJsPGeSeQ.roa
File: 4BCZvoVhaJr1ZyKd0QAJsPGeSeQ.roa (raw, json)
Hash identifier: l61Gi2tTBfrkMToy5beNk27kWvFtKFI5DT4lk7tvlJ8=
Subject key identifier: E0:10:99:BE:85:61:68:9A:F5:67:22:9D:D1:00:09:B0:F1:9E:49:E4
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 0199DE14A2934FAB6409CBB4373C9B78B2FA
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/4BCZvoVhaJr1ZyKd0QAJsPGeSeQ.roa
Signing time: Mon 13 Oct 2025 14:58:38 +0000
ROA not before: Mon 13 Oct 2025 14:58:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212904
IP address blocks: 185.100.230.0/24 maxlen: 24
185.192.100.0/24 maxlen: 24
185.192.101.0/24 maxlen: 24
185.192.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:de:14:a2:93:4f:ab:64:09:cb:b4:37:3c:9b:78:b2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Oct 13 14:58:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e01099be8561689af567229dd10009b0f19e49e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1e:f8:65:e3:f0:87:24:4c:2d:96:65:e7:22:
75:02:e0:63:b8:8e:1b:aa:22:f2:4f:e7:8a:90:90:
22:16:c3:18:01:15:b3:70:ca:bf:bd:e7:53:77:a4:
d5:bd:be:9d:7e:70:23:58:37:8b:6b:59:18:f5:2e:
3a:d5:ce:1b:37:18:c8:12:47:3b:3e:5a:12:84:21:
b4:95:ee:14:b3:f5:64:97:27:ce:f8:cc:5c:16:cf:
64:48:f3:c3:b6:95:5d:79:7b:c3:98:06:27:99:a2:
5e:bf:f2:cd:14:26:7a:35:6f:0b:e7:3a:78:59:de:
56:5a:76:73:6d:7f:5c:d3:b9:a2:bd:d4:2c:75:1e:
db:37:14:98:bd:ab:ee:52:82:40:4f:b2:01:cb:33:
8a:7b:ce:1e:94:ef:20:87:1f:d2:6c:e0:1c:5e:a0:
b3:ef:e9:bc:09:3e:c8:70:c2:65:e1:4a:2c:be:66:
3b:03:bf:ca:f1:df:f0:8f:73:e1:d3:cd:52:2f:33:
07:ac:7a:05:73:13:6d:84:e6:4d:69:cf:71:a2:00:
2a:77:e5:1a:aa:bf:42:36:8b:7c:4e:60:3d:f1:26:
67:c2:54:c0:5a:c5:4c:1e:2d:c8:72:4d:39:ef:bc:
7f:46:10:29:b3:f7:d7:36:d4:1b:32:ce:23:96:c7:
f5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:10:99:BE:85:61:68:9A:F5:67:22:9D:D1:00:09:B0:F1:9E:49:E4
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/4BCZvoVhaJr1ZyKd0QAJsPGeSeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.230.0/24
185.192.100.0/23
185.192.103.0/24
Signature Algorithm: sha256WithRSAEncryption
af:08:7d:6f:91:2a:5c:18:24:4f:5d:ab:fe:2e:b9:11:5e:79:
12:c4:91:72:70:f1:8e:6a:b1:3b:2a:1d:d6:d3:87:c2:85:4f:
4e:8c:c4:3d:15:e6:7b:75:85:3b:7a:66:c0:58:10:4a:ce:bc:
20:85:16:44:ed:19:d9:31:1d:e4:60:10:14:d1:05:f2:87:5a:
01:62:2d:d7:65:3b:77:e1:64:a6:02:73:2d:7c:93:90:dd:fb:
e7:76:d4:f9:bb:49:55:e1:4b:63:1a:99:d8:7e:87:29:6d:d1:
da:a5:0c:af:0f:ca:b0:84:43:c5:25:06:4f:1e:2d:87:39:50:
03:09:50:2b:f0:a2:67:49:63:1d:e4:f8:4a:52:59:42:3e:09:
e6:12:24:0e:c5:b5:45:ee:0a:01:6a:3b:44:4a:81:58:65:eb:
33:25:34:32:29:80:4d:ae:d1:d5:ce:73:3e:eb:9a:3c:59:2e:
0f:f5:e1:7d:5f:d9:64:06:e3:07:fe:2a:e5:43:54:a0:2a:e4:
16:f9:1a:21:ec:36:35:b3:d0:11:5b:4c:82:ae:18:6d:01:60:
75:1f:a3:77:47:2e:48:df:eb:16:58:21:b3:60:13:6a:97:1c:
d9:ca:c4:e0:1a:24:32:c2:04:a2:d6:df:a8:55:b2:ef:7a:ae:
28:46:31:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZneFKKTT6tkCcu0NzybeLL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjUxMDEzMTQ1ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEwOTliZTg1NjE2ODlhZjU2NzIyOWRkMTAwMDliMGYxOWU0OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B74ZePwhyRMLZZl5yJ1AuBjuI4b
qiLyT+eKkJAiFsMYARWzcMq/vedTd6TVvb6dfnAjWDeLa1kY9S461c4bNxjIEkc7
PloShCG0le4Us/VklyfO+MxcFs9kSPPDtpVdeXvDmAYnmaJev/LNFCZ6NW8L5zp4
Wd5WWnZzbX9c07mivdQsdR7bNxSYvavuUoJAT7IByzOKe84elO8ghx/SbOAcXqCz
7+m8CT7IcMJl4UosvmY7A7/K8d/wj3Ph081SLzMHrHoFcxNthOZNac9xogAqd+Ua
qr9CNot8TmA98SZnwlTAWsVMHi3Ick0577x/RhAps/fXNtQbMs4jlsf1GQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOAQmb6FYWia9WcindEACbDxnknkMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvNEJDWnZvVmhhSnIxWnlLZDBRQUpzUEdlU2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWTmAwQB
ucBkAwQAucBnMA0GCSqGSIb3DQEBCwUAA4IBAQCvCH1vkSpcGCRPXav+LrkRXnkS
xJFycPGOarE7Kh3W04fChU9OjMQ9FeZ7dYU7embAWBBKzrwghRZE7RnZMR3kYBAU
0QXyh1oBYi3XZTt34WSmAnMtfJOQ3fvndtT5u0lV4UtjGpnYfocpbdHapQyvD8qw
hEPFJQZPHi2HOVADCVAr8KJnSWMd5PhKUllCPgnmEiQOxbVF7goBajtESoFYZesz
JTQyKYBNrtHVznM+65o8WS4P9eF9X9lkBuMH/irlQ1SgKuQW+Roh7DY1s9ARW0yC
rhhtAWB1H6N3Ry5I3+sWWCGzYBNqlxzZysTgGiQywgSi1t+oVbLveq4oRjFX
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:41 2025 by rpki-client