Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/shnK0LrZ7iC7NYgJCx5-5XvMrYM.roa
File: shnK0LrZ7iC7NYgJCx5-5XvMrYM.roa (raw, json)
Hash identifier: GoQEuKDAB7+ftpHtMw2bSFNDrSCbeA361NyC2I596E4=
Subject key identifier: B2:19:CA:D0:BA:D9:EE:20:BB:35:88:09:0B:1E:7E:E5:7B:CC:AD:83
Certificate issuer: /CN=88fb410a3bfc7340b667b4f221c7cb806267896e
Certificate serial: 0199CAFF6078760BECE01BAEAC60FE5477ED
Authority key identifier: 88:FB:41:0A:3B:FC:73:40:B6:67:B4:F2:21:C7:CB:80:62:67:89:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/shnK0LrZ7iC7NYgJCx5-5XvMrYM.roa
Signing time: Thu 09 Oct 2025 22:02:37 +0000
ROA not before: Thu 09 Oct 2025 22:02:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205399
IP address blocks: 141.98.116.0/24 maxlen: 24
141.98.117.0/24 maxlen: 24
141.98.118.0/24 maxlen: 24
141.98.119.0/24 maxlen: 24
185.229.12.0/24 maxlen: 24
185.229.13.0/24 maxlen: 24
185.229.15.0/24 maxlen: 24
194.26.108.0/24 maxlen: 24
194.26.109.0/24 maxlen: 24
194.26.114.0/24 maxlen: 24
194.26.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:ff:60:78:76:0b:ec:e0:1b:ae:ac:60:fe:54:77:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fb410a3bfc7340b667b4f221c7cb806267896e
Validity
Not Before: Oct 9 22:02:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b219cad0bad9ee20bb3588090b1e7ee57bccad83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:95:6a:74:0b:54:c8:72:45:79:1b:df:4b:ec:
e2:01:e0:86:d7:fd:e7:5c:9a:21:e4:1e:4b:d8:cb:
d1:9a:81:fb:d6:76:29:97:10:33:87:f0:46:34:57:
bf:a8:ca:58:b1:a3:c3:ac:e8:0b:a6:4b:ef:6e:63:
3f:d5:42:65:66:19:a6:9f:94:ab:04:94:14:f5:27:
40:f1:44:85:81:39:02:51:84:62:1f:66:5f:2f:1c:
38:25:68:e9:ed:7e:8d:86:0b:d0:6a:10:2e:07:52:
29:06:09:18:cb:09:fe:ec:78:c7:b5:c9:3b:91:c8:
0d:8e:11:a4:54:88:78:b5:a4:71:61:06:9b:7e:55:
60:a3:98:bb:8d:30:d1:df:68:f4:dd:49:73:2c:d9:
f7:3f:4d:ee:85:e6:52:0f:64:3e:db:7a:f1:74:e7:
c4:be:7c:48:bd:40:2c:36:59:01:aa:7e:78:f5:61:
d0:b8:cb:29:92:aa:54:2a:7f:59:53:4b:04:3f:dd:
84:cf:f1:b8:c1:82:a9:2d:52:73:47:ec:ac:f3:26:
5f:a5:16:09:71:a3:f8:bb:3a:bb:7f:6c:34:97:55:
38:52:c3:28:43:93:6b:a9:17:70:33:22:f8:88:1f:
da:f0:dd:ce:8d:15:6d:57:47:58:2d:94:2d:38:82:
34:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:19:CA:D0:BA:D9:EE:20:BB:35:88:09:0B:1E:7E:E5:7B:CC:AD:83
X509v3 Authority Key Identifier:
keyid:88:FB:41:0A:3B:FC:73:40:B6:67:B4:F2:21:C7:CB:80:62:67:89:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/shnK0LrZ7iC7NYgJCx5-5XvMrYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.116.0/22
185.229.12.0/23
185.229.15.0/24
194.26.108.0/23
194.26.114.0/23
Signature Algorithm: sha256WithRSAEncryption
41:3a:30:c9:1a:f3:4d:d8:21:38:27:86:38:74:53:83:30:b7:
f7:76:bb:66:95:c1:23:77:f1:94:9f:4d:fc:ff:93:61:8a:d6:
de:9d:e1:f5:e4:fc:5a:ae:a8:df:33:4b:87:07:9e:ad:23:2c:
6a:a2:9c:d3:1c:54:45:d8:1d:29:04:41:4f:87:b2:18:38:e0:
72:b0:e7:8b:a0:4f:5c:e8:12:c7:53:62:28:20:dd:91:f8:94:
d8:d0:a1:de:aa:59:82:0e:a2:35:77:ec:1a:cf:4c:b3:c1:c4:
15:f6:a6:11:c0:fd:46:42:eb:a2:b5:65:73:7a:17:41:07:de:
b1:e3:65:11:b7:c2:9a:89:1c:f5:26:60:2b:9d:40:51:f0:66:
47:02:e2:8a:fe:fb:49:25:39:53:3f:5c:03:c4:63:f6:95:f7:
8c:b8:c1:cc:81:d9:be:72:13:fd:0b:07:9d:e2:bf:b2:91:8c:
47:5d:f1:67:29:04:36:1c:02:ca:4b:88:ce:f9:2a:eb:09:6b:
f1:1a:9c:0d:46:d4:50:c2:82:5f:30:55:06:ff:8f:d1:6b:41:
e9:b7:e2:59:42:44:fa:73:9f:cd:e9:46:bf:c4:32:43:33:9c:
f6:66:e9:dc:1c:92:e3:24:4c:1e:63:da:c8:88:b0:97:c6:65:
a1:b5:f4:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnK/2B4dgvs4BuurGD+VHftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmI0MTBhM2JmYzczNDBiNjY3YjRmMjIxYzdjYjgwNjI2
Nzg5NmUwHhcNMjUxMDA5MjIwMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE5Y2FkMGJhZDllZTIwYmIzNTg4MDkwYjFlN2VlNTdiY2NhZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pVqdAtUyHJFeRvfS+ziAeCG1/3n
XJoh5B5L2MvRmoH71nYplxAzh/BGNFe/qMpYsaPDrOgLpkvvbmM/1UJlZhmmn5Sr
BJQU9SdA8USFgTkCUYRiH2ZfLxw4JWjp7X6NhgvQahAuB1IpBgkYywn+7HjHtck7
kcgNjhGkVIh4taRxYQabflVgo5i7jTDR32j03UlzLNn3P03uheZSD2Q+23rxdOfE
vnxIvUAsNlkBqn549WHQuMspkqpUKn9ZU0sEP92Ez/G4wYKpLVJzR+ys8yZfpRYJ
caP4uzq7f2w0l1U4UsMoQ5NrqRdwMyL4iB/a8N3OjRVtV0dYLZQtOII0nwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLIZytC62e4guzWICQsefuV7zK2DMB8GA1UdIwQY
MBaAFIj7QQo7/HNAtme08iHHy4BiZ4luMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVB0QkNqdjhjMEMyWjdUeUljZkxnR0puaVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80NDYyNGYtMjMxZC00NjZjLWJiMDIt
YjM4YzgwOTUxOTgxLzEvc2huSzBMclo3aUM3TllnSkN4NS01WHZNcllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80NDYyNGYtMjMxZC00NjZjLWJiMDItYjM4YzgwOTUxOTgx
LzEvaVB0QkNqdjhjMEMyWjdUeUljZkxnR0puaVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCjWJ0AwQB
ueUMAwQAueUPAwQBwhpsAwQBwhpyMA0GCSqGSIb3DQEBCwUAA4IBAQBBOjDJGvNN
2CE4J4Y4dFODMLf3drtmlcEjd/GUn038/5NhitbeneH15PxarqjfM0uHB56tIyxq
opzTHFRF2B0pBEFPh7IYOOBysOeLoE9c6BLHU2IoIN2R+JTY0KHeqlmCDqI1d+wa
z0yzwcQV9qYRwP1GQuuitWVzehdBB96x42URt8KaiRz1JmArnUBR8GZHAuKK/vtJ
JTlTP1wDxGP2lfeMuMHMgdm+chP9Cwed4r+ykYxHXfFnKQQ2HALKS4jO+SrrCWvx
GpwNRtRQwoJfMFUG/4/Ra0Hpt+JZQkT6c5/N6Ua/xDJDM5z2ZuncHJLjJEweY9rI
iLCXxmWhtfSd
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:37 2025 by rpki-client