
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/_kMgSpyN5q2Q58IggLcJE-_-joQ.roa
File: _kMgSpyN5q2Q58IggLcJE-_-joQ.roa (raw, json)
Hash identifier: KrhqWTkgdCwThLvSu378J+us8CTYhNDjQFFUk1+IQp0=
Subject key identifier: FE:43:20:4A:9C:8D:E6:AD:90:E7:C2:20:80:B7:09:13:EF:FE:8E:84
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0199752F15CB71C6D8A18B68E13BD135C924
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/_kMgSpyN5q2Q58IggLcJE-_-joQ.roa
Signing time: Tue 23 Sep 2025 06:07:24 +0000
ROA not before: Tue 23 Sep 2025 06:07:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47169
IP address blocks: 84.21.4.0/24 maxlen: 24
87.229.16.0/22 maxlen: 22
87.229.38.0/24 maxlen: 24
87.229.39.0/24 maxlen: 24
87.229.42.0/23 maxlen: 24
87.229.52.0/24 maxlen: 24
87.229.106.0/24 maxlen: 24
87.229.107.0/24 maxlen: 24
213.181.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:2f:15:cb:71:c6:d8:a1:8b:68:e1:3b:d1:35:c9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Sep 23 06:07:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe43204a9c8de6ad90e7c22080b70913effe8e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1f:8c:ce:4f:b7:3d:03:c5:ef:de:19:fa:44:
f9:cf:9d:c3:b2:cd:0d:f8:b4:46:18:75:5b:9d:bc:
3a:27:ae:5a:e2:ac:ee:fa:c2:d4:e2:f2:e6:50:90:
60:4e:5f:a7:b4:7c:5b:ba:8a:73:b3:d2:86:a1:a6:
7d:2d:72:8c:a2:7a:99:2c:e2:f8:d4:6b:5a:da:bc:
dc:d6:56:27:d2:a8:bb:67:67:4b:ed:1b:15:a6:69:
7c:7b:45:7b:e9:39:0c:73:34:7f:e5:70:00:36:47:
60:81:96:b6:c5:09:da:55:2a:b9:e3:00:c8:32:5d:
d5:65:9a:90:32:b0:ac:34:08:c7:e0:2c:62:d7:ff:
53:4e:0d:4a:b9:c1:c3:33:1e:f8:d6:53:74:66:d8:
4f:af:4d:07:73:95:ff:6a:de:02:6a:d9:1e:be:cb:
6c:60:30:18:ac:a6:bf:2f:ad:98:af:cf:2d:c4:b5:
30:e3:8a:ec:7a:77:ac:1a:15:09:fb:ff:c9:e1:fd:
a3:b0:17:cb:2d:d6:05:28:be:bf:24:98:ee:b8:5f:
6b:2a:b6:b8:22:5b:c0:d4:a9:1e:14:4b:39:62:33:
7a:11:58:c2:bf:b8:6a:2e:82:ce:7c:86:bc:71:c2:
f6:9f:c7:07:1c:c9:96:60:d7:23:ce:ca:b7:20:e7:
a6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:43:20:4A:9C:8D:E6:AD:90:E7:C2:20:80:B7:09:13:EF:FE:8E:84
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/_kMgSpyN5q2Q58IggLcJE-_-joQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.4.0/24
87.229.16.0/22
87.229.38.0/23
87.229.42.0/23
87.229.52.0/24
87.229.106.0/23
213.181.212.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b6:21:ca:d8:0e:73:43:90:fb:1c:ea:0c:b4:f5:04:aa:f9:
3a:42:03:7f:55:35:4f:ec:a1:69:b9:ee:a0:48:ff:e6:e2:69:
35:e4:7e:a6:dc:63:94:3e:25:5e:b3:09:49:06:fa:f8:64:d9:
fc:e5:36:04:b9:7b:cd:17:54:83:cb:7c:30:8a:a7:1d:1a:d6:
f5:37:f9:60:7f:36:45:02:3c:4e:cf:6e:52:87:f9:63:af:8d:
68:cb:5d:7a:a7:87:e1:8e:4d:5d:7a:8a:47:2e:27:ae:f7:93:
25:a3:6a:bc:a0:c3:9d:f1:47:33:25:2d:3e:96:01:9f:40:62:
f0:fa:67:2a:b1:be:b4:18:2f:f4:f3:1a:a9:54:9e:5b:5b:5a:
ea:99:55:98:92:4a:cb:ff:84:1e:b9:a2:a0:e6:73:b4:40:64:
24:da:d2:06:95:20:7b:cd:24:47:be:b1:83:22:7c:29:0f:58:
16:70:85:e1:ed:ac:14:56:83:45:9b:00:ff:dc:00:56:40:d5:
2c:ba:1a:91:12:7a:03:a0:0e:03:04:cd:61:df:4a:98:a0:77:
42:dc:47:85:5c:d6:4c:51:31:9f:7d:a2:68:b9:3a:a6:df:10:
6f:f7:f5:29:09:e8:7c:d3:96:83:7c:de:8b:82:a8:c8:f5:e8:
03:9a:92:51
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZl1LxXLccbYoYto4TvRNckkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwOTIzMDYwNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQzMjA0YTljOGRlNmFkOTBlN2MyMjA4MGI3MDkxM2VmZmU4ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh+Mzk+3PQPF794Z+kT5z53Dss0N
+LRGGHVbnbw6J65a4qzu+sLU4vLmUJBgTl+ntHxbuopzs9KGoaZ9LXKMonqZLOL4
1Gta2rzc1lYn0qi7Z2dL7RsVpml8e0V76TkMczR/5XAANkdggZa2xQnaVSq54wDI
Ml3VZZqQMrCsNAjH4Cxi1/9TTg1KucHDMx741lN0ZthPr00Hc5X/at4Catkevsts
YDAYrKa/L62Yr88txLUw44rsenesGhUJ+//J4f2jsBfLLdYFKL6/JJjuuF9rKra4
IlvA1KkeFEs5YjN6EVjCv7hqLoLOfIa8ccL2n8cHHMmWYNcjzsq3IOemVQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP5DIEqcjeatkOfCIIC3CRPv/o6EMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvX2tNZ1NweU41cTJRNThJZ2dMY0pFLV8tam9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVBUEAwQC
V+UQAwQBV+UmAwQBV+UqAwQAV+U0AwQBV+VqAwQA1bXUMA0GCSqGSIb3DQEBCwUA
A4IBAQB0tiHK2A5zQ5D7HOoMtPUEqvk6QgN/VTVP7KFpue6gSP/m4mk15H6m3GOU
PiVeswlJBvr4ZNn85TYEuXvNF1SDy3wwiqcdGtb1N/lgfzZFAjxOz25Sh/ljr41o
y116p4fhjk1deopHLieu95Mlo2q8oMOd8UczJS0+lgGfQGLw+mcqsb60GC/08xqp
VJ5bW1rqmVWYkkrL/4QeuaKg5nO0QGQk2tIGlSB7zSRHvrGDInwpD1gWcIXh7awU
VoNFmwD/3ABWQNUsuhqREnoDoA4DBM1h30qYoHdC3EeFXNZMUTGffaJouTqm3xBv
9/UpCeh805aDfN6LgqjI9egDmpJR
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:26 2025 by rpki-client