Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/_4Y--84lEsBn20PgX6M05x1F5_A.roa
File: _4Y--84lEsBn20PgX6M05x1F5_A.roa (raw, json)
Hash identifier: q0rbhIJFPrPOpvAXOzX/aS9tNPbzDnyOozHI6yKGmWc=
Subject key identifier: FF:86:3E:FB:CE:25:12:C0:67:DB:43:E0:5F:A3:34:E7:1D:45:E7:F0
Certificate issuer: /CN=e6beb677145f64cafbcd7136e81f35a274ae8e8c
Certificate serial: 0199B98BF2A13B2B5989070AA9109D37DA14
Authority key identifier: E6:BE:B6:77:14:5F:64:CA:FB:CD:71:36:E8:1F:35:A2:74:AE:8E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5r62dxRfZMr7zXE26B81onSujow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/_4Y--84lEsBn20PgX6M05x1F5_A.roa
Signing time: Mon 06 Oct 2025 12:43:00 +0000
ROA not before: Mon 06 Oct 2025 12:43:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16006
IP address blocks: 95.170.224.0/19 maxlen: 24
141.136.48.0/21 maxlen: 24
185.18.64.0/22 maxlen: 24
2a01:9f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/5r62dxRfZMr7zXE26B81onSujow.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/5r62dxRfZMr7zXE26B81onSujow.mft
rsync://rpki.ripe.net/repository/DEFAULT/5r62dxRfZMr7zXE26B81onSujow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:8b:f2:a1:3b:2b:59:89:07:0a:a9:10:9d:37:da:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6beb677145f64cafbcd7136e81f35a274ae8e8c
Validity
Not Before: Oct 6 12:43:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff863efbce2512c067db43e05fa334e71d45e7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:37:16:d9:80:02:ff:a6:10:9b:2a:da:ef:de:
c3:af:ba:c8:1b:fa:f4:01:7a:59:53:4f:c7:5f:02:
be:82:40:8a:ba:1d:2f:1e:23:ef:9a:17:b9:19:87:
44:25:e8:65:4e:64:a5:c5:41:02:1a:e7:c2:20:83:
c6:6c:89:f3:89:e8:38:5e:db:da:d1:cd:10:82:3d:
ad:ab:b7:62:a5:f1:08:88:4a:07:40:4b:3e:b0:39:
58:6a:82:b5:ac:b4:47:97:17:c7:50:43:78:98:37:
f5:ae:e3:78:36:d0:20:7d:2a:7c:6d:5c:9c:e8:0b:
7a:a1:d8:df:35:bb:59:01:ac:75:64:20:08:32:db:
23:22:40:61:98:81:0d:34:76:1d:47:25:c2:38:0c:
ee:3b:05:11:0b:aa:f2:0b:0b:05:d1:ff:10:02:8e:
bd:8a:5b:a3:94:91:01:c1:9e:bd:8e:f3:4a:06:62:
42:45:a0:93:9b:23:02:fa:d4:ef:9a:a4:67:81:2a:
3d:a0:28:05:ca:aa:05:f5:e7:52:a7:dd:3c:c4:86:
07:5c:80:24:7f:d4:1b:da:f2:76:c0:ef:35:69:d7:
af:ca:02:62:90:70:ef:c1:4b:8b:12:d0:68:c5:0f:
d3:9c:42:7e:ee:13:89:e6:dd:57:c9:bc:30:c4:6c:
35:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:86:3E:FB:CE:25:12:C0:67:DB:43:E0:5F:A3:34:E7:1D:45:E7:F0
X509v3 Authority Key Identifier:
keyid:E6:BE:B6:77:14:5F:64:CA:FB:CD:71:36:E8:1F:35:A2:74:AE:8E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5r62dxRfZMr7zXE26B81onSujow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/_4Y--84lEsBn20PgX6M05x1F5_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b264d-1d0c-44c5-aee7-f132aea6f7a2/1/5r62dxRfZMr7zXE26B81onSujow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.224.0/19
141.136.48.0/21
185.18.64.0/22
IPv6:
2a01:9f80::/32
Signature Algorithm: sha256WithRSAEncryption
2d:37:fb:16:dc:2f:48:2e:c2:21:ce:c3:e3:c7:5a:8a:92:39:
27:27:ed:96:f9:63:9a:45:dc:4e:00:7c:b7:16:b3:2c:6c:79:
92:3b:78:30:aa:93:28:d2:04:cd:e1:83:90:4f:3b:d8:67:d2:
35:6e:90:3a:ef:4b:69:62:b7:76:7e:f8:84:b8:4d:ce:8e:ff:
ad:26:e5:d7:3e:f5:0e:bc:a8:11:3e:f0:ef:68:cc:31:5c:dd:
61:dd:89:2a:f3:cc:df:4d:0e:43:93:0c:c7:7a:5a:da:db:52:
0a:8d:f4:ef:60:3b:f3:71:44:9d:6d:0d:6a:12:de:7c:45:cb:
e1:44:cb:2c:a8:62:5d:ad:1c:d0:b5:86:6a:8a:15:0e:98:f2:
2e:89:5b:af:74:a3:d3:d5:fb:f4:42:92:e5:1e:29:16:b2:6a:
f9:f6:17:77:ae:b6:80:42:43:40:ae:d1:23:48:74:e8:a7:e4:
bc:d5:4e:85:c6:3d:ff:53:e6:a0:9a:22:69:17:9f:7c:5f:e2:
29:bc:16:b2:13:9b:9c:b5:34:c5:f0:41:ee:71:c2:19:17:87:
ff:a6:2a:14:16:d4:39:f7:39:3c:62:d8:15:1a:b2:f6:90:fd:
d0:3b:42:11:83:f1:56:00:94:85:a0:ba:7d:e8:4e:20:a1:c1:
39:40:15:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZm5i/KhOytZiQcKqRCdN9oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YmViNjc3MTQ1ZjY0Y2FmYmNkNzEzNmU4MWYzNWEyNzRh
ZThlOGMwHhcNMjUxMDA2MTI0MzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg2M2VmYmNlMjUxMmMwNjdkYjQzZTA1ZmEzMzRlNzFkNDVlN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjcW2YAC/6YQmyra797Dr7rIG/r0
AXpZU0/HXwK+gkCKuh0vHiPvmhe5GYdEJehlTmSlxUECGufCIIPGbInzieg4Xtva
0c0Qgj2tq7dipfEIiEoHQEs+sDlYaoK1rLRHlxfHUEN4mDf1ruN4NtAgfSp8bVyc
6At6odjfNbtZAax1ZCAIMtsjIkBhmIENNHYdRyXCOAzuOwURC6ryCwsF0f8QAo69
ilujlJEBwZ69jvNKBmJCRaCTmyMC+tTvmqRngSo9oCgFyqoF9edSp908xIYHXIAk
f9Qb2vJ2wO81adevygJikHDvwUuLEtBoxQ/TnEJ+7hOJ5t1XybwwxGw1CQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP+GPvvOJRLAZ9tD4F+jNOcdRefwMB8GA1UdIwQY
MBaAFOa+tncUX2TK+81xNugfNaJ0ro6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXI2MmR4UmZaTXI3elhFMjZCODFvblN1am93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYjI2NGQtMWQwYy00NGM1LWFlZTct
ZjEzMmFlYTZmN2EyLzEvXzRZLS04NGxFc0JuMjBQZ1g2TTA1eDFGNV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYjI2NGQtMWQwYy00NGM1LWFlZTctZjEzMmFlYTZmN2Ey
LzEvNXI2MmR4UmZaTXI3elhFMjZCODFvblN1am93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFX6rgAwQD
jYgwAwQCuRJAMA0EAgACMAcDBQAqAZ+AMA0GCSqGSIb3DQEBCwUAA4IBAQAtN/sW
3C9ILsIhzsPjx1qKkjknJ+2W+WOaRdxOAHy3FrMsbHmSO3gwqpMo0gTN4YOQTzvY
Z9I1bpA670tpYrd2fviEuE3Ojv+tJuXXPvUOvKgRPvDvaMwxXN1h3Ykq88zfTQ5D
kwzHelra21IKjfTvYDvzcUSdbQ1qEt58RcvhRMssqGJdrRzQtYZqihUOmPIuiVuv
dKPT1fv0QpLlHikWsmr59hd3rraAQkNArtEjSHTop+S81U6Fxj3/U+agmiJpF598
X+IpvBayE5uctTTF8EHuccIZF4f/pioUFtQ59zk8YtgVGrL2kP3QO0IRg/FWAJSF
oLp96E4gocE5QBVk
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:34 2025 by rpki-client