Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/9lTlIJVzjlfPnvZCoUdbSEtQwhw.roa
File: 9lTlIJVzjlfPnvZCoUdbSEtQwhw.roa (raw, json)
Hash identifier: 7dGAL4VELHTj+w0KDl5p2Kj2u6qzyQX4PVV9HVfH5AM=
Subject key identifier: F6:54:E5:20:95:73:8E:57:CF:9E:F6:42:A1:47:5B:48:4B:50:C2:1C
Certificate issuer: /CN=248719434b6e3b607f647bb0d58a81dc1ebfdd4d
Certificate serial: 0199C8077DF185A4EF6F388D094B42282200
Authority key identifier: 24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/9lTlIJVzjlfPnvZCoUdbSEtQwhw.roa
Signing time: Thu 09 Oct 2025 08:12:38 +0000
ROA not before: Thu 09 Oct 2025 08:12:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60388
IP address blocks: 185.31.108.0/22 maxlen: 22
212.73.96.0/23 maxlen: 23
212.73.98.0/24 maxlen: 24
212.73.99.0/24 maxlen: 24
212.73.100.0/23 maxlen: 23
212.73.102.0/24 maxlen: 24
212.73.104.0/21 maxlen: 21
212.73.105.0/24 maxlen: 24
2a00:b4a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:07:7d:f1:85:a4:ef:6f:38:8d:09:4b:42:28:22:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=248719434b6e3b607f647bb0d58a81dc1ebfdd4d
Validity
Not Before: Oct 9 08:12:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f654e52095738e57cf9ef642a1475b484b50c21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6e:3b:8c:35:50:72:97:79:07:1b:b6:24:90:
46:4e:f8:d2:74:0c:f0:58:b8:d8:3e:5d:b8:45:93:
46:ff:ea:21:8b:ee:bf:e2:ce:3d:29:d5:52:8e:87:
20:32:46:2b:15:3d:f8:31:f8:4c:32:f1:a0:29:2f:
65:fd:1f:ed:26:67:cc:55:bd:a7:ac:8c:a4:ce:a3:
a0:e1:2b:29:84:c8:b6:fd:67:4d:ec:91:8f:e2:6f:
d1:98:d5:dd:31:1d:49:62:7c:8b:bc:7d:1d:89:77:
51:b4:1b:73:88:a9:4c:11:1b:57:ac:4f:2c:2d:68:
c1:83:f9:2b:51:fa:eb:87:15:c4:cf:82:79:9b:c8:
64:0f:aa:20:f0:0d:cb:95:d3:e3:99:d0:eb:6c:f8:
5a:45:7b:02:f3:14:77:68:2f:4a:cc:10:7b:a7:70:
83:84:e0:d8:bd:af:91:c5:a6:d8:e8:f6:71:c9:53:
bd:3d:e9:39:d5:2a:67:28:70:53:b1:d5:06:c9:3c:
78:a6:3b:8a:89:ac:fb:28:0c:79:93:4b:ed:de:24:
43:40:a6:98:52:23:21:98:77:88:1a:75:0d:22:75:
66:0d:8b:1b:a6:60:70:75:4a:ee:3b:dc:dc:7d:3a:
d6:e9:b2:73:0c:89:3e:b9:5a:7a:d6:85:33:ba:02:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:54:E5:20:95:73:8E:57:CF:9E:F6:42:A1:47:5B:48:4B:50:C2:1C
X509v3 Authority Key Identifier:
keyid:24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/9lTlIJVzjlfPnvZCoUdbSEtQwhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.108.0/22
212.73.96.0-212.73.102.255
212.73.104.0/21
IPv6:
2a00:b4a0::/32
Signature Algorithm: sha256WithRSAEncryption
66:07:18:1d:97:4b:f1:ec:54:e8:c8:e3:14:1a:c0:d7:86:8f:
63:04:b8:39:74:2e:aa:e0:d4:26:13:4b:77:f4:57:0b:d7:01:
67:f2:47:49:56:3c:18:34:08:b8:7b:24:96:46:29:33:eb:45:
ee:a2:60:6c:f7:f0:7a:8f:0c:fb:b8:8b:f1:66:a9:57:76:a4:
ca:fd:5b:05:fc:cc:1a:22:95:61:dd:d2:6a:cd:23:d1:54:9e:
c3:fe:c2:35:78:a2:56:cd:59:21:bb:53:e3:16:39:db:8f:09:
e8:d5:7c:84:be:11:84:3d:43:2b:a1:a7:c8:10:fc:42:b0:3c:
2d:45:36:cc:9a:ad:8c:43:02:aa:9a:0a:4e:3d:51:79:f9:de:
b7:2e:7f:68:b2:14:c0:b3:db:d5:f4:82:36:80:e9:6f:ef:97:
77:46:81:ca:d3:06:ac:1d:ed:b5:b6:63:6e:69:b8:39:d3:dc:
2f:c6:60:71:80:71:10:bf:01:4d:42:12:87:66:80:59:dc:c4:
f9:ed:11:d5:57:d1:03:cc:63:fb:a6:11:ca:3c:e3:79:47:8c:
52:25:4e:30:8e:6c:28:a6:df:3f:fe:ba:d0:27:25:d2:3c:3e:
ba:fe:37:36:3b:a9:59:85:cc:66:79:50:94:fb:aa:75:f8:af:
64:f5:1c:51
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZnIB33xhaTvbziNCUtCKCIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ODcxOTQzNGI2ZTNiNjA3ZjY0N2JiMGQ1OGE4MWRjMWVi
ZmRkNGQwHhcNMjUxMDA5MDgxMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU0ZTUyMDk1NzM4ZTU3Y2Y5ZWY2NDJhMTQ3NWI0ODRiNTBjMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo247jDVQcpd5Bxu2JJBGTvjSdAzw
WLjYPl24RZNG/+ohi+6/4s49KdVSjocgMkYrFT34MfhMMvGgKS9l/R/tJmfMVb2n
rIykzqOg4SsphMi2/WdN7JGP4m/RmNXdMR1JYnyLvH0diXdRtBtziKlMERtXrE8s
LWjBg/krUfrrhxXEz4J5m8hkD6og8A3LldPjmdDrbPhaRXsC8xR3aC9KzBB7p3CD
hODYva+RxabY6PZxyVO9Pek51SpnKHBTsdUGyTx4pjuKiaz7KAx5k0vt3iRDQKaY
UiMhmHeIGnUNInVmDYsbpmBwdUruO9zcfTrW6bJzDIk+uVp61oUzugIKxwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPZU5SCVc45Xz572QqFHW0hLUMIcMB8GA1UdIwQY
MBaAFCSHGUNLbjtgf2R7sNWKgdwev91NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkljWlEwdHVPMkJfWkh1dzFZcUIzQjZfM1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MGViN2EtMWFlNC00YmJlLThjZTAt
ZjMwMjhhZWE5OTc3LzEvOWxUbElKVnpqbGZQbnZaQ29VZGJTRXRRd2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MGViN2EtMWFlNC00YmJlLThjZTAtZjMwMjhhZWE5OTc3
LzEvSkljWlEwdHVPMkJfWkh1dzFZcUIzQjZfM1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuR9sMAwD
BAXUSWADBADUSWYDBAPUSWgwDQQCAAIwBwMFACoAtKAwDQYJKoZIhvcNAQELBQAD
ggEBAGYHGB2XS/HsVOjI4xQawNeGj2MEuDl0Lqrg1CYTS3f0VwvXAWfyR0lWPBg0
CLh7JJZGKTPrRe6iYGz38HqPDPu4i/FmqVd2pMr9WwX8zBoilWHd0mrNI9FUnsP+
wjV4olbNWSG7U+MWOduPCejVfIS+EYQ9Qyuhp8gQ/EKwPC1FNsyarYxDAqqaCk49
UXn53rcuf2iyFMCz29X0gjaA6W/vl3dGgcrTBqwd7bW2Y25puDnT3C/GYHGAcRC/
AU1CEodmgFncxPntEdVX0QPMY/umEco843lHjFIlTjCObCim3z/+utAnJdI8Prr+
NzY7qVmFzGZ5UJT7qnX4r2T1HFE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:35:42 2025 by rpki-client