Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/f64HEsfjUTGHiPx41MWM2cHiM2U.roa
File: f64HEsfjUTGHiPx41MWM2cHiM2U.roa (raw, json)
Hash identifier: SKqWEKDgMxXFaDkpMUBUvNz346Wmbv49+UVUYcVNV0E=
Subject key identifier: 7F:AE:07:12:C7:E3:51:31:87:88:FC:78:D4:C5:8C:D9:C1:E2:33:65
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0199CDA79D5FDD2F47E17EA75A895B62A30C
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/f64HEsfjUTGHiPx41MWM2cHiM2U.roa
Signing time: Fri 10 Oct 2025 10:25:38 +0000
ROA not before: Fri 10 Oct 2025 10:25:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 84.232.93.0/24 maxlen: 24
84.236.184.0/24 maxlen: 24
88.148.21.0/24 maxlen: 24
88.148.104.0/24 maxlen: 24
89.32.167.0/24 maxlen: 24
89.43.87.0/24 maxlen: 24
93.115.157.0/24 maxlen: 24
94.76.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:a7:9d:5f:dd:2f:47:e1:7e:a7:5a:89:5b:62:a3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Oct 10 10:25:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fae0712c7e351318788fc78d4c58cd9c1e23365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:cc:8c:1e:d1:32:96:47:12:55:f4:12:de:
31:ac:a2:43:be:8f:be:5a:b7:7f:97:19:7a:04:0d:
04:1d:6c:f0:d7:81:48:4a:6b:04:9d:a9:24:65:08:
81:e0:b6:6e:ad:72:6e:fc:c5:93:a0:e4:e6:4d:15:
92:10:7a:5c:62:30:f5:e9:42:7f:72:94:80:ed:00:
0f:aa:b8:58:da:cc:7c:11:aa:a0:7f:67:73:a1:ba:
9a:dc:60:05:d2:e7:eb:18:ca:df:a4:c8:0e:b6:d0:
50:57:b2:ac:b5:91:28:9b:f1:76:05:3c:d1:98:b2:
27:7b:88:9c:99:81:40:49:19:6a:4c:c3:90:88:c6:
d9:73:a3:7f:f0:49:dd:38:d5:fe:d8:b2:1f:a1:da:
38:46:e8:dd:bc:06:f4:bd:e2:3e:2c:3a:40:4d:0b:
47:2a:9b:89:18:0b:47:7e:46:1c:3c:08:f9:99:56:
7b:03:99:3a:9c:8f:e6:a6:2a:84:9a:a4:60:be:84:
d1:4e:88:46:29:cf:8a:40:2f:2a:65:9e:cd:be:e7:
b5:29:c4:af:7d:6b:0a:ab:a6:30:91:f8:1c:b4:86:
aa:b1:2f:9b:42:49:8f:06:0a:cb:5c:c0:3d:d6:eb:
67:9c:4e:25:8e:17:3a:f2:1a:83:3d:4e:6f:99:14:
49:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AE:07:12:C7:E3:51:31:87:88:FC:78:D4:C5:8C:D9:C1:E2:33:65
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/f64HEsfjUTGHiPx41MWM2cHiM2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.93.0/24
84.236.184.0/24
88.148.21.0/24
88.148.104.0/24
89.32.167.0/24
89.43.87.0/24
93.115.157.0/24
94.76.182.0/24
Signature Algorithm: sha256WithRSAEncryption
67:77:15:86:09:73:d6:30:8a:4e:b5:84:48:40:cd:2e:89:a1:
4f:f0:59:52:eb:73:b1:16:a3:1a:60:21:fe:60:2a:1d:b0:a2:
d2:d1:0b:58:0b:9e:41:c9:e9:d8:db:d8:91:09:51:54:d6:32:
56:ae:dd:a6:4a:c2:0a:6e:df:65:21:6c:c2:41:40:3f:88:1e:
f3:f6:c0:9a:8b:01:33:f6:1d:16:db:1b:61:47:be:7b:af:4f:
22:3b:1a:e7:6e:74:c7:8c:a7:30:7a:45:b7:c2:89:90:f8:b2:
45:8c:00:14:3a:90:57:8f:34:45:15:09:df:ea:c6:a8:47:bc:
1f:8c:ce:79:6c:b7:79:90:c1:ed:69:46:96:0d:b0:54:f2:9f:
8b:d6:3b:ca:73:5a:7c:18:f9:86:67:f3:0a:d7:e0:48:91:cd:
a2:7c:f2:46:c6:57:64:30:29:42:7c:f3:d9:32:84:f3:00:7a:
f9:17:8b:9d:83:84:b4:b1:b8:23:34:f7:eb:e5:e6:24:54:8e:
da:dc:1f:f1:2e:92:49:46:2e:de:b8:01:52:c4:86:d3:ed:a0:
8f:fc:c3:ac:6d:cd:e7:4e:25:f6:4d:1c:4a:4d:ec:19:a3:cb:
04:06:b4:9d:38:92:b0:7b:46:a3:b5:33:12:d1:b9:6d:0b:d9:
c7:28:02:b2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZnNp51f3S9H4X6nWolbYqMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUxMDEwMTAyNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmFlMDcxMmM3ZTM1MTMxODc4OGZjNzhkNGM1OGNkOWMxZTIzMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnPMjB7RMpZHElX0Et4xrKJDvo++
Wrd/lxl6BA0EHWzw14FISmsEnakkZQiB4LZurXJu/MWToOTmTRWSEHpcYjD16UJ/
cpSA7QAPqrhY2sx8Eaqgf2dzobqa3GAF0ufrGMrfpMgOttBQV7KstZEom/F2BTzR
mLIne4icmYFASRlqTMOQiMbZc6N/8EndONX+2LIfodo4RujdvAb0veI+LDpATQtH
KpuJGAtHfkYcPAj5mVZ7A5k6nI/mpiqEmqRgvoTRTohGKc+KQC8qZZ7Nvue1KcSv
fWsKq6YwkfgctIaqsS+bQkmPBgrLXMA91utnnE4ljhc68hqDPU5vmRRJyQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH+uBxLH41Exh4j8eNTFjNnB4jNlMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZjY0SEVzZmpVVEdIaVB4NDFNV00yY0hpTTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVOhdAwQA
VOy4AwQAWJQVAwQAWJRoAwQAWSCnAwQAWStXAwQAXXOdAwQAXky2MA0GCSqGSIb3
DQEBCwUAA4IBAQBndxWGCXPWMIpOtYRIQM0uiaFP8FlS63OxFqMaYCH+YCodsKLS
0QtYC55ByenY29iRCVFU1jJWrt2mSsIKbt9lIWzCQUA/iB7z9sCaiwEz9h0W2xth
R757r08iOxrnbnTHjKcwekW3womQ+LJFjAAUOpBXjzRFFQnf6saoR7wfjM55bLd5
kMHtaUaWDbBU8p+L1jvKc1p8GPmGZ/MK1+BIkc2ifPJGxldkMClCfPPZMoTzAHr5
F4udg4S0sbgjNPfr5eYkVI7a3B/xLpJJRi7euAFSxIbT7aCP/MOsbc3nTiX2TRxK
TewZo8sEBrSdOJKwe0ajtTMS0bltC9nHKAKy
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:20:38 2025 by rpki-client