Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/ETVPLHc_dvqJDflGIPJgHzJaWt8.roa
File: ETVPLHc_dvqJDflGIPJgHzJaWt8.roa (raw, json)
Hash identifier: Jimm5bhH1qmUZnAAKaN20vij/bbKy4j6GEesqJVn7gk=
Subject key identifier: 11:35:4F:2C:77:3F:76:FA:89:0D:F9:46:20:F2:60:1F:32:5A:5A:DF
Certificate issuer: /CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Certificate serial: 01998483A000AFD8586194B8E2D9A869EB33
Authority key identifier: 87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/ETVPLHc_dvqJDflGIPJgHzJaWt8.roa
Signing time: Fri 26 Sep 2025 05:34:02 +0000
ROA not before: Fri 26 Sep 2025 05:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201395
IP address blocks: 176.105.240.0/22 maxlen: 22
176.105.240.0/24 maxlen: 24
176.105.241.0/24 maxlen: 24
176.105.242.0/24 maxlen: 24
176.105.243.0/24 maxlen: 24
2a0d:cec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:84:83:a0:00:af:d8:58:61:94:b8:e2:d9:a8:69:eb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Validity
Not Before: Sep 26 05:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11354f2c773f76fa890df94620f2601f325a5adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:b0:6f:03:ac:30:83:79:5a:e9:09:5d:d2:
ef:69:87:8a:f2:cc:15:8f:bf:32:87:88:59:95:82:
a1:a0:53:09:99:cb:27:ac:26:7e:69:b9:67:38:c2:
12:e7:85:03:d1:a6:53:b3:76:68:3e:78:a3:b2:c6:
62:6d:3e:73:a5:f4:ee:f2:bb:45:ac:bc:7d:44:e7:
1a:4f:c4:ca:33:85:c8:60:5f:cd:a8:2e:e5:74:4a:
5d:70:05:7e:69:0d:98:b5:35:49:3c:e2:38:ee:ce:
5a:e1:50:ef:bc:7b:74:84:08:c3:52:ac:c9:ac:f6:
c7:17:5d:e5:95:85:1c:08:68:af:f8:fa:73:88:cf:
00:31:48:04:15:e7:ce:5f:c5:b1:93:b0:30:cb:8f:
08:43:23:2d:af:c2:12:ac:47:fc:42:d0:c9:99:cc:
7b:cd:0c:41:8a:8a:4c:5d:c9:4f:5a:8a:97:d3:de:
ab:d1:7d:52:c2:52:de:3a:55:4c:f1:2c:f4:10:9e:
57:8c:b5:fb:6e:ea:b3:89:0d:97:da:f4:2d:a9:e7:
7f:45:f4:27:20:36:43:62:32:4a:b6:84:10:94:10:
23:ce:ee:e8:ad:8e:09:ac:76:77:af:01:7f:2a:2c:
49:1b:5b:9d:6b:3c:83:d4:e3:53:2f:5e:de:14:eb:
0b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:35:4F:2C:77:3F:76:FA:89:0D:F9:46:20:F2:60:1F:32:5A:5A:DF
X509v3 Authority Key Identifier:
keyid:87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/ETVPLHc_dvqJDflGIPJgHzJaWt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.240.0/22
IPv6:
2a0d:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:b8:0b:c3:37:ed:a6:1e:2f:cf:57:db:b9:e1:26:c1:ae:b9:
d1:28:96:00:7d:41:0a:ce:9a:7a:48:7a:25:11:31:05:fc:4a:
65:74:ad:e1:d2:6b:6f:9b:fb:cd:1f:61:65:27:de:68:c9:54:
a1:71:ae:67:df:f0:5e:df:fb:d8:99:e8:27:a3:9e:8b:5b:80:
1e:80:cc:f0:41:7d:49:3b:6b:85:b1:07:83:96:8f:03:9d:19:
58:22:04:cf:e1:ed:c8:88:97:69:4c:b9:b8:ec:11:a4:61:6d:
a7:57:0b:d8:b0:c4:bf:05:96:24:93:f9:9c:98:07:99:56:1f:
5e:6b:86:e6:8f:5b:80:a8:0e:d8:2d:b6:45:3d:e2:30:a8:1f:
63:3b:ac:57:8e:b4:c9:38:60:22:39:7f:96:96:8d:da:5c:7d:
5c:9f:72:f1:72:12:bc:2b:2b:e5:bd:a6:42:99:b2:81:f4:ae:
67:4c:3b:83:4e:a3:fc:5e:d8:aa:9a:ea:7d:76:cf:62:26:53:
4b:60:17:70:46:25:d7:7c:37:d0:34:7b:17:3a:15:f9:70:2c:
08:ae:cc:f1:3e:41:f4:2f:fa:aa:26:fd:77:c6:6a:b2:83:d7:
3f:3c:5d:76:15:c0:0b:17:1e:e9:7f:fb:03:a0:34:ed:3b:7e:
a6:83:f0:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZmEg6AAr9hYYZS44tmoaeszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YjkzMTM3NTNiYzA5MzFhZjQzOTNkYmRhMDA5YjBmZjQ1
ZWM3YzIwHhcNMjUwOTI2MDUzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTM1NGYyYzc3M2Y3NmZhODkwZGY5NDYyMGYyNjAxZjMyNWE1YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP6wbwOsMIN5WukJXdLvaYeK8swV
j78yh4hZlYKhoFMJmcsnrCZ+ablnOMIS54UD0aZTs3ZoPnijssZibT5zpfTu8rtF
rLx9ROcaT8TKM4XIYF/NqC7ldEpdcAV+aQ2YtTVJPOI47s5a4VDvvHt0hAjDUqzJ
rPbHF13llYUcCGiv+PpziM8AMUgEFefOX8Wxk7Awy48IQyMtr8ISrEf8QtDJmcx7
zQxBiopMXclPWoqX096r0X1SwlLeOlVM8Sz0EJ5XjLX7buqziQ2X2vQtqed/RfQn
IDZDYjJKtoQQlBAjzu7orY4JrHZ3rwF/KixJG1udazyD1ONTL17eFOsLCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBE1Tyx3P3b6iQ35RiDyYB8yWlrfMB8GA1UdIwQY
MBaAFIe5MTdTvAkxr0OT29oAmw/0XsfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODIt
N2Q2ODM2NmI1OWI3LzEvRVRWUExIY19kdnFKRGZsR0lQSmdIekphV3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODItN2Q2ODM2NmI1OWI3
LzEvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsGnwMA0E
AgACMAcDBQMqDc7AMA0GCSqGSIb3DQEBCwUAA4IBAQA+uAvDN+2mHi/PV9u54SbB
rrnRKJYAfUEKzpp6SHolETEF/EpldK3h0mtvm/vNH2FlJ95oyVShca5n3/Be3/vY
megno56LW4AegMzwQX1JO2uFsQeDlo8DnRlYIgTP4e3IiJdpTLm47BGkYW2nVwvY
sMS/BZYkk/mcmAeZVh9ea4bmj1uAqA7YLbZFPeIwqB9jO6xXjrTJOGAiOX+Wlo3a
XH1cn3LxchK8KyvlvaZCmbKB9K5nTDuDTqP8Xtiqmup9ds9iJlNLYBdwRiXXfDfQ
NHsXOhX5cCwIrszxPkH0L/qqJv13xmqyg9c/PF12FcALFx7pf/sDoDTtO36mg/Dg
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:01 2025 by rpki-client