
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/L6iR0CMwTlXaB3-hN4yCOodUYRY.roa
File: L6iR0CMwTlXaB3-hN4yCOodUYRY.roa (raw, json)
Hash identifier: eWR/YwFC9Nkq/Z8RvdCdYOBK7oxzXqUpetNS4HVcl8U=
Subject key identifier: 2F:A8:91:D0:23:30:4E:55:DA:07:7F:A1:37:8C:82:3A:87:54:61:16
Certificate issuer: /CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Certificate serial: 019971960F410709A5FDD4A2E4568D1DEF92
Authority key identifier: 47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/L6iR0CMwTlXaB3-hN4yCOodUYRY.roa
Signing time: Mon 22 Sep 2025 13:21:23 +0000
ROA not before: Mon 22 Sep 2025 13:21:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47178
IP address blocks: 93.188.112.0/21 maxlen: 24
185.99.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.mft
rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:71:96:0f:41:07:09:a5:fd:d4:a2:e4:56:8d:1d:ef:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4789c5dc0dd544fc02b7e67e5f1bac456aabfe61
Validity
Not Before: Sep 22 13:21:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fa891d023304e55da077fa1378c823a87546116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:21:12:66:97:b0:45:82:21:20:f8:e0:dd:33:
02:3d:51:b8:70:6a:7f:ef:08:95:58:40:af:be:2f:
d4:e2:0d:28:ef:71:f3:ab:e0:a0:fc:81:00:b5:36:
88:9b:09:f1:ea:69:cd:8d:11:33:a0:50:11:61:bc:
83:05:3a:c8:ad:9b:40:b4:64:85:18:5e:f2:ee:7f:
1c:37:31:54:06:aa:38:75:07:04:b5:02:8b:3c:c4:
1f:76:43:af:3c:ac:9e:69:18:54:fa:3e:c7:9e:32:
24:79:27:91:e6:51:5a:49:41:31:65:e2:48:2c:30:
15:51:26:ab:70:70:8a:d6:74:5a:65:5c:a3:f2:ea:
f0:5b:e3:93:38:6c:a6:06:51:ef:97:82:66:a0:f3:
d4:e5:13:e5:74:3c:60:66:e7:a0:41:dc:63:08:02:
0b:eb:32:dc:c6:28:59:69:8e:0f:85:49:14:94:46:
d5:28:f2:a7:41:69:4e:e0:a5:d9:1b:3d:ec:17:f4:
bd:c5:38:79:fe:02:2b:4b:59:39:81:61:2e:96:2a:
81:5d:33:89:ee:b0:a7:a4:28:89:99:21:d7:7e:a2:
ae:e9:8b:de:e6:10:63:87:b5:a5:c9:d4:a6:49:4b:
18:76:5b:7a:7d:78:b5:99:e5:55:68:e1:33:8e:d3:
81:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A8:91:D0:23:30:4E:55:DA:07:7F:A1:37:8C:82:3A:87:54:61:16
X509v3 Authority Key Identifier:
keyid:47:89:C5:DC:0D:D5:44:FC:02:B7:E6:7E:5F:1B:AC:45:6A:AB:FE:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4nF3A3VRPwCt-Z-XxusRWqr_mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/L6iR0CMwTlXaB3-hN4yCOodUYRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/89542a-587d-4c27-a523-6a1b9c1c6924/1/R4nF3A3VRPwCt-Z-XxusRWqr_mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.112.0/21
185.99.224.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:eb:26:a8:23:fa:b3:ac:3f:f6:7f:5c:6f:7b:8e:bf:46:1e:
ce:13:66:93:0b:67:92:4f:b1:e2:47:90:18:f5:a3:3f:a7:19:
76:29:a0:a8:f2:58:29:35:9e:8c:f9:a1:f2:69:ac:4a:97:a2:
ae:7f:8f:a9:88:79:cf:87:21:ad:ac:0d:04:b4:bd:ab:7a:7f:
1a:0d:c8:50:5b:b6:b5:e1:1d:6e:66:0f:33:47:e4:b4:c5:fb:
41:8c:37:4d:b7:38:59:f6:ac:2d:c4:3f:83:76:a1:98:3e:a5:
b5:e1:19:b5:95:21:8f:79:db:7f:79:de:af:f3:01:b9:66:41:
ba:f2:61:4c:72:a5:8f:91:52:53:96:a6:86:2c:c5:21:06:77:
a5:34:ad:dd:e6:7d:f4:90:83:d0:ec:9e:77:5b:bf:95:e4:1e:
f0:aa:fa:af:4a:8d:d6:26:e2:48:4f:f4:e5:f6:6b:a4:d8:42:
29:b7:4d:8a:69:8a:5e:9d:cf:12:c7:b5:b7:17:4c:b4:9d:8f:
65:3c:ef:d1:8f:56:bf:a4:0f:6e:ad:33:bc:b1:ff:b7:a6:52:
78:2e:32:19:83:78:36:5a:b0:75:81:8a:91:2c:a9:70:95:9e:
a5:8a:f1:66:9a:05:86:6d:ed:71:d1:b7:2b:9e:4a:06:4b:af:
57:5b:c6:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlxlg9BBwml/dSi5FaNHe+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ODljNWRjMGRkNTQ0ZmMwMmI3ZTY3ZTVmMWJhYzQ1NmFh
YmZlNjEwHhcNMjUwOTIyMTMyMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmE4OTFkMDIzMzA0ZTU1ZGEwNzdmYTEzNzhjODIzYTg3NTQ2MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviESZpewRYIhIPjg3TMCPVG4cGp/
7wiVWECvvi/U4g0o73Hzq+Cg/IEAtTaImwnx6mnNjREzoFARYbyDBTrIrZtAtGSF
GF7y7n8cNzFUBqo4dQcEtQKLPMQfdkOvPKyeaRhU+j7HnjIkeSeR5lFaSUExZeJI
LDAVUSarcHCK1nRaZVyj8urwW+OTOGymBlHvl4JmoPPU5RPldDxgZuegQdxjCAIL
6zLcxihZaY4PhUkUlEbVKPKnQWlO4KXZGz3sF/S9xTh5/gIrS1k5gWEuliqBXTOJ
7rCnpCiJmSHXfqKu6Yve5hBjh7WlydSmSUsYdlt6fXi1meVVaOEzjtOBEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC+okdAjME5V2gd/oTeMgjqHVGEWMB8GA1UdIwQY
MBaAFEeJxdwN1UT8Arfmfl8brEVqq/5hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMt
NmExYjljMWM2OTI0LzEvTDZpUjBDTXdUbFhhQjMtaE40eUNPb2RVWVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84OTU0MmEtNTg3ZC00YzI3LWE1MjMtNmExYjljMWM2OTI0
LzEvUjRuRjNBM1ZSUHdDdC1aLVh4dXNSV3FyX21FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXbxwAwQC
uWPgMA0GCSqGSIb3DQEBCwUAA4IBAQCy6yaoI/qzrD/2f1xve46/Rh7OE2aTC2eS
T7HiR5AY9aM/pxl2KaCo8lgpNZ6M+aHyaaxKl6Kuf4+piHnPhyGtrA0EtL2ren8a
DchQW7a14R1uZg8zR+S0xftBjDdNtzhZ9qwtxD+DdqGYPqW14Rm1lSGPedt/ed6v
8wG5ZkG68mFMcqWPkVJTlqaGLMUhBnelNK3d5n30kIPQ7J53W7+V5B7wqvqvSo3W
JuJIT/Tl9muk2EIpt02KaYpenc8Sx7W3F0y0nY9lPO/Rj1a/pA9urTO8sf+3plJ4
LjIZg3g2WrB1gYqRLKlwlZ6livFmmgWGbe1x0bcrnkoGS69XW8bj
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:35 2025 by rpki-client