Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/kYICD71uUIhZT1NgaYWPu4i9VEs.roa
File: kYICD71uUIhZT1NgaYWPu4i9VEs.roa (raw, json)
Hash identifier: tlKuBt17kCCF6TmwuYmDos64rg+wgJTpFtqRY1+6cVg=
Subject key identifier: 91:82:02:0F:BD:6E:50:88:59:4F:53:60:69:85:8F:BB:88:BD:54:4B
Certificate issuer: /CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Certificate serial: 0199AA2DF54669E71699725BB27D21153D08
Authority key identifier: C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/kYICD71uUIhZT1NgaYWPu4i9VEs.roa
Signing time: Fri 03 Oct 2025 13:06:02 +0000
ROA not before: Fri 03 Oct 2025 13:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211804
IP address blocks: 185.250.240.0/24 maxlen: 24
185.250.242.0/24 maxlen: 24
185.250.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:aa:2d:f5:46:69:e7:16:99:72:5b:b2:7d:21:15:3d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Validity
Not Before: Oct 3 13:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9182020fbd6e5088594f536069858fbb88bd544b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:7e:d9:15:74:8f:c8:e5:88:0e:bb:93:3e:
70:11:41:54:70:bf:54:ca:71:4a:bf:ea:68:97:15:
d0:45:b3:56:7d:b3:2d:71:00:f8:f1:6d:7b:32:d9:
0d:a6:27:b6:55:31:33:7d:52:4b:7a:01:14:76:77:
5d:ff:72:0b:65:90:47:22:08:df:a1:bb:f7:be:f5:
06:e6:9a:9c:ea:14:4d:81:94:80:34:41:bf:12:51:
3a:e5:e8:fd:a1:f3:4b:4b:d5:27:ce:24:73:42:27:
b9:3e:f4:c1:15:0b:33:5b:cc:a9:f7:c5:d2:ed:c7:
98:08:90:30:e5:59:af:34:f3:43:6f:02:f5:75:ed:
c2:8c:35:05:3b:6e:16:ad:1a:1b:fb:7e:36:fd:75:
47:16:78:9b:16:86:d7:bf:0b:9a:21:d3:bf:bb:8f:
98:49:06:ba:dc:d7:a8:3d:45:4e:96:76:4a:a8:53:
ea:f2:78:69:02:ad:10:ef:9f:58:40:67:8a:aa:f8:
b0:32:00:ef:89:28:a4:76:be:52:fd:db:1a:ea:35:
fb:ac:5a:b8:ca:a8:2e:07:df:53:27:49:3e:45:66:
f8:f3:26:80:a9:1a:fe:58:61:0d:a4:bc:33:27:77:
bf:e3:d4:15:05:6c:64:84:db:2d:3d:e4:63:5c:88:
1d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:82:02:0F:BD:6E:50:88:59:4F:53:60:69:85:8F:BB:88:BD:54:4B
X509v3 Authority Key Identifier:
keyid:C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/kYICD71uUIhZT1NgaYWPu4i9VEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.240.0/24
185.250.242.0/23
Signature Algorithm: sha256WithRSAEncryption
20:c2:33:60:e6:ae:ea:77:f6:a4:43:d3:14:27:e2:7c:05:06:
ac:3f:f8:64:78:43:d2:01:fd:34:8f:79:03:73:23:df:59:14:
44:95:ba:24:53:3b:61:07:8e:e0:ba:4e:59:a7:f3:52:65:37:
19:06:b9:1c:dc:a4:26:81:8b:07:91:01:87:04:8c:25:f0:f8:
8f:ae:9d:d2:be:0e:93:c2:67:19:70:32:93:09:19:5a:9e:06:
cc:06:a0:d9:f5:b2:9a:e4:c8:e8:f5:88:bc:47:81:28:ea:c3:
3a:15:5c:09:1e:93:9b:d0:9d:6c:08:93:e5:70:ce:24:fe:37:
44:81:27:07:ef:5d:f6:44:47:95:7a:10:e3:71:51:49:71:26:
39:aa:ab:04:30:66:ff:47:06:7a:05:28:47:ca:82:3c:73:79:
7d:0e:19:bc:c6:01:7d:74:1a:ad:c1:e2:71:45:f5:1a:8f:ab:
32:db:ed:22:93:51:22:d3:8d:65:4f:a4:ed:cd:52:fe:83:cd:
c2:c2:27:90:10:cd:54:08:3e:33:7d:0d:95:1f:9e:bd:aa:c4:
f1:11:52:b6:0c:06:87:16:ae:4f:3e:0c:0d:ad:af:05:ba:c4:
d0:00:0f:a4:e1:fa:4d:b2:8a:c3:86:f3:3d:3d:71:a0:98:c9:
07:d1:5a:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmqLfVGaecWmXJbsn0hFT0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhYzFkN2M5ZWNjZjU2NThiODhmMTZmNjEzZDdiM2U4
ZThjNzIwHhcNMjUxMDAzMTMwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgyMDIwZmJkNmU1MDg4NTk0ZjUzNjA2OTg1OGZiYjg4YmQ1NDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp1+2RV0j8jliA67kz5wEUFUcL9U
ynFKv+polxXQRbNWfbMtcQD48W17MtkNpie2VTEzfVJLegEUdndd/3ILZZBHIgjf
obv3vvUG5pqc6hRNgZSANEG/ElE65ej9ofNLS9UnziRzQie5PvTBFQszW8yp98XS
7ceYCJAw5VmvNPNDbwL1de3CjDUFO24WrRob+342/XVHFnibFobXvwuaIdO/u4+Y
SQa63NeoPUVOlnZKqFPq8nhpAq0Q759YQGeKqviwMgDviSikdr5S/dsa6jX7rFq4
yqguB99TJ0k+RWb48yaAqRr+WGENpLwzJ3e/49QVBWxkhNstPeRjXIgdVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGCAg+9blCIWU9TYGmFj7uIvVRLMB8GA1UdIwQY
MBaAFMLSrB18nsz1ZYuI8W9hPXs+joxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYt
MTk3ZmU4MzY1NjQzLzEva1lJQ0Q3MXVVSWhaVDFOZ2FZV1B1NGk5VkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYtMTk3ZmU4MzY1NjQz
LzEvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufrwAwQB
ufryMA0GCSqGSIb3DQEBCwUAA4IBAQAgwjNg5q7qd/akQ9MUJ+J8BQasP/hkeEPS
Af00j3kDcyPfWRRElbokUzthB47guk5Zp/NSZTcZBrkc3KQmgYsHkQGHBIwl8PiP
rp3Svg6TwmcZcDKTCRlangbMBqDZ9bKa5Mjo9Yi8R4Eo6sM6FVwJHpOb0J1sCJPl
cM4k/jdEgScH7132REeVehDjcVFJcSY5qqsEMGb/RwZ6BShHyoI8c3l9Dhm8xgF9
dBqtweJxRfUaj6sy2+0ik1Ei041lT6TtzVL+g83CwieQEM1UCD4zfQ2VH569qsTx
EVK2DAaHFq5PPgwNra8FusTQAA+k4fpNsorDhvM9PXGgmMkH0Vo8
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:39 2025 by rpki-client