
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/56KKt4BpkIwEHMFmq2QXksA-2io.roa
File: 56KKt4BpkIwEHMFmq2QXksA-2io.roa (raw, json)
Hash identifier: 54GcazY6u68JnZUu56e7FZCBJWXeMImZQ8ihkRRuFTc=
Subject key identifier: E7:A2:8A:B7:80:69:90:8C:04:1C:C1:66:AB:64:17:92:C0:3E:DA:2A
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 01996698A51E3E6EE867CA0AE3D0B27EE8F7
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/56KKt4BpkIwEHMFmq2QXksA-2io.roa
Signing time: Sat 20 Sep 2025 10:08:23 +0000
ROA not before: Sat 20 Sep 2025 10:08:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.3.0/24 maxlen: 24
104.160.4.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:66:98:a5:1e:3e:6e:e8:67:ca:0a:e3:d0:b2:7e:e8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Sep 20 10:08:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7a28ab78069908c041cc166ab641792c03eda2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:84:06:0c:8e:4d:8a:8d:5a:6b:b1:cb:e7:
05:80:cb:b5:b9:69:37:ad:b2:f3:c4:04:bb:4b:e4:
16:86:f0:cc:32:ad:9d:79:9b:e9:cd:1e:5e:4d:4f:
11:6b:b5:e1:87:c6:25:a6:3e:9b:dd:b7:cd:39:12:
02:20:a2:3a:70:a9:dc:a7:06:e6:cb:d4:e9:26:f5:
b5:45:33:cd:45:f3:6d:d7:29:85:cc:3f:95:37:3b:
40:38:e4:b4:92:2e:2d:4f:0b:24:d3:5f:99:1d:2f:
01:5d:ef:be:75:69:2d:ae:7b:db:75:d6:56:60:52:
fa:a1:54:b0:b4:9c:6c:3a:ff:33:7f:98:67:dd:33:
b0:f2:39:08:9e:77:cb:7b:e4:c2:e1:3e:d7:60:76:
21:4a:ec:97:0d:3d:8b:33:43:1f:8a:df:8f:83:af:
af:df:18:12:83:ec:fc:07:a8:73:0d:f5:7e:11:7e:
ac:14:8c:f7:1c:bf:7d:d3:c4:8a:ac:c5:9b:3a:16:
12:de:4e:51:99:e7:93:f0:21:7b:a5:26:51:db:09:
92:b7:22:22:ea:b9:59:ec:12:b3:7f:9a:42:28:e7:
e3:31:17:d2:6b:19:f2:33:cb:28:9c:f1:89:76:7a:
9d:c5:c7:2a:a0:11:fe:2d:8c:ca:8b:17:52:3a:73:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A2:8A:B7:80:69:90:8C:04:1C:C1:66:AB:64:17:92:C0:3E:DA:2A
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/56KKt4BpkIwEHMFmq2QXksA-2io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.3.0-104.160.4.255
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
10:0c:24:ec:e7:4a:b3:2b:e5:0d:16:d8:da:95:58:1c:8d:7a:
da:e2:cd:0f:5f:30:e0:c8:d2:d5:d9:5f:2e:a6:d3:ae:37:2b:
ba:00:f4:e0:f4:03:b9:fd:7d:0d:db:f4:d9:2d:89:11:5c:dc:
98:ed:ca:c7:ed:72:94:b0:87:f8:cb:9a:d4:57:06:89:31:31:
c8:b1:4e:bb:51:a6:72:f1:db:5f:fd:b7:bf:a7:c5:12:16:9c:
c8:3b:02:0b:04:73:8b:b2:65:34:0a:42:07:06:8a:45:a2:89:
08:3e:b5:ba:4a:62:77:b6:90:bd:6c:82:1d:59:b2:1f:d6:75:
f7:ea:62:47:36:71:8b:c3:00:ef:a5:41:6a:eb:97:ac:54:85:
99:57:ae:6f:58:be:33:e2:4a:e3:b1:d5:bd:1f:24:e9:d2:84:
9e:f1:e4:5f:eb:e6:54:d8:60:72:e5:e7:21:50:7a:91:0b:d0:
91:5a:85:9b:10:74:1d:a1:11:f2:ed:97:07:69:b5:20:1a:40:
2f:3c:76:31:83:33:b7:b5:6c:7a:e7:d5:7a:dd:1d:e5:83:a9:
76:bd:5b:c0:0c:65:3c:78:ae:1b:c7:3f:1e:be:47:4a:fc:f6:
8e:28:d7:6a:6a:b4:32:47:96:e8:61:e6:c3:7b:53:b8:89:83:
4f:5f:ad:bd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZlmmKUePm7oZ8oK49Cyfuj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwOTIwMTAwODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2EyOGFiNzgwNjk5MDhjMDQxY2MxNjZhYjY0MTc5MmMwM2VkYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhOEBgyOTYqNWmuxy+cFgMu1uWk3
rbLzxAS7S+QWhvDMMq2deZvpzR5eTU8Ra7Xhh8Ylpj6b3bfNORICIKI6cKncpwbm
y9TpJvW1RTPNRfNt1ymFzD+VNztAOOS0ki4tTwsk01+ZHS8BXe++dWktrnvbddZW
YFL6oVSwtJxsOv8zf5hn3TOw8jkInnfLe+TC4T7XYHYhSuyXDT2LM0Mfit+Pg6+v
3xgSg+z8B6hzDfV+EX6sFIz3HL9908SKrMWbOhYS3k5RmeeT8CF7pSZR2wmStyIi
6rlZ7BKzf5pCKOfjMRfSaxnyM8sonPGJdnqdxccqoBH+LYzKixdSOnMEGQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOeiireAaZCMBBzBZqtkF5LAPtoqMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvNTZLS3Q0QnBrSXdFSE1GbXEyUVhrc0EtMmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABooAMD
BABooAQDBABooAoDBACe3gMDBACe3gUDBACe3gcwDQYJKoZIhvcNAQELBQADggEB
ABAMJOznSrMr5Q0W2NqVWByNetrizQ9fMODI0tXZXy6m0643K7oA9OD0A7n9fQ3b
9NktiRFc3JjtysftcpSwh/jLmtRXBokxMcixTrtRpnLx21/9t7+nxRIWnMg7AgsE
c4uyZTQKQgcGikWiiQg+tbpKYne2kL1sgh1Zsh/WdffqYkc2cYvDAO+lQWrrl6xU
hZlXrm9YvjPiSuOx1b0fJOnShJ7x5F/r5lTYYHLl5yFQepEL0JFahZsQdB2hEfLt
lwdptSAaQC88djGDM7e1bHrn1XrdHeWDqXa9W8AMZTx4rhvHPx6+R0r89o4o12pq
tDJHluhh5sN7U7iJg09frb0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:16 2025 by rpki-client