
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/Sf4JDKtmxmTCB0tTVfdGGPNzKJE.roa
File: Sf4JDKtmxmTCB0tTVfdGGPNzKJE.roa (raw, json)
Hash identifier: TM/ueYP3efRi0gGmWlRzw9T+QccRhYDTBK2qLm6mLxw=
Subject key identifier: 49:FE:09:0C:AB:66:C6:64:C2:07:4B:53:55:F7:46:18:F3:73:28:91
Certificate issuer: /CN=be3364bc38f75b18d6f6eef203209f71c2768d85
Certificate serial: 0198E12DAF2DFBE61AF1300BCBA2A7837CD7
Authority key identifier: BE:33:64:BC:38:F7:5B:18:D6:F6:EE:F2:03:20:9F:71:C2:76:8D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/Sf4JDKtmxmTCB0tTVfdGGPNzKJE.roa
Signing time: Mon 25 Aug 2025 12:22:04 +0000
ROA not before: Mon 25 Aug 2025 12:22:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203203
IP address blocks: 185.179.84.0/22 maxlen: 22
185.179.84.0/24 maxlen: 24
185.179.85.0/24 maxlen: 24
185.179.86.0/24 maxlen: 24
185.179.87.0/24 maxlen: 24
185.232.228.0/22 maxlen: 24
2a0a:7e80::/29 maxlen: 29
2a0a:7e80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:2d:af:2d:fb:e6:1a:f1:30:0b:cb:a2:a7:83:7c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3364bc38f75b18d6f6eef203209f71c2768d85
Validity
Not Before: Aug 25 12:22:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49fe090cab66c664c2074b5355f74618f3732891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b2:a0:54:10:41:0a:51:14:f5:4b:af:f5:3f:
5d:60:c3:a7:64:1d:57:4e:dd:3b:f1:17:0d:9d:b7:
ad:03:bb:d4:a7:52:8e:38:c7:5a:13:ba:7d:da:7d:
d4:78:91:25:ce:a9:2e:b3:f7:1d:1a:b1:ee:f1:a7:
e6:bb:a2:86:bf:40:d3:1e:e3:a2:41:a2:3f:db:c0:
ac:36:7e:95:4c:07:76:ec:38:c9:1e:66:e5:7a:e1:
ae:39:8d:21:32:33:38:09:34:fd:55:4c:f9:71:c1:
e7:20:7d:0b:50:a1:0e:d2:19:f2:a7:ce:a6:06:5d:
5d:9f:2f:b0:2a:92:96:bf:b5:b8:09:a9:86:e1:12:
24:e1:ad:24:71:1a:89:38:67:08:64:19:27:24:a1:
7e:4d:60:4a:4a:11:54:2b:29:ef:9d:33:c1:84:e8:
e3:11:cb:df:65:d2:54:c0:9e:2e:c1:de:01:65:23:
9b:01:62:74:a3:03:f9:1a:93:e8:b0:fc:94:03:13:
b3:f4:70:4a:e3:a3:40:f0:3a:94:70:68:a1:ec:6c:
5d:bd:c3:3e:2d:43:4b:b5:c1:42:99:7b:53:13:e9:
aa:c9:35:48:78:a5:8c:f2:39:05:4b:4a:43:95:47:
c5:a3:c3:ed:43:df:7a:f9:cc:63:e7:c3:8a:48:cb:
72:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FE:09:0C:AB:66:C6:64:C2:07:4B:53:55:F7:46:18:F3:73:28:91
X509v3 Authority Key Identifier:
keyid:BE:33:64:BC:38:F7:5B:18:D6:F6:EE:F2:03:20:9F:71:C2:76:8D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/Sf4JDKtmxmTCB0tTVfdGGPNzKJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.84.0/22
185.232.228.0/22
IPv6:
2a0a:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
05:07:ba:89:93:55:77:4e:50:83:9c:f5:7d:f3:8a:49:00:47:
2a:af:95:69:7a:b9:cc:49:e2:1a:e8:cf:e2:dd:36:d2:7c:f1:
e4:b5:72:5c:06:4f:44:10:25:9a:10:79:28:7e:16:23:95:90:
99:65:97:63:59:36:1a:84:bd:6d:e6:00:e7:e3:6f:4b:f1:d0:
fe:f7:1d:a1:ac:46:36:62:2a:80:06:e4:81:ba:6e:13:02:c8:
2c:0d:8e:1c:a2:f4:a9:5e:c1:c5:b7:dd:0a:51:e7:d9:7a:42:
64:19:0a:3b:90:e6:28:ec:46:9b:da:15:81:78:9d:84:cd:20:
a0:1e:45:6e:fe:da:fb:98:a7:58:e7:4f:8e:de:d3:c5:1e:44:
e3:08:72:45:0b:07:af:24:37:04:38:0e:59:da:1d:91:12:7c:
d0:ad:64:f7:4c:68:65:3c:0d:43:fa:1b:59:26:fb:3d:2e:5b:
de:ce:09:e4:c3:c2:aa:07:48:5d:65:21:a2:c7:9f:fe:d4:53:
b8:5c:21:a5:df:4a:93:b7:3c:c6:9c:58:61:6b:6f:d0:92:14:
a2:e2:5c:cf:ac:ba:b0:1a:63:fe:a8:e6:e7:d2:42:49:1c:a8:
41:af:f0:fd:5d:7e:31:95:bc:92:6e:ba:f4:88:70:15:de:86:
12:64:6f:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZjhLa8t++Ya8TALy6Kng3zXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzM2NGJjMzhmNzViMThkNmY2ZWVmMjAzMjA5ZjcxYzI3
NjhkODUwHhcNMjUwODI1MTIyMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZlMDkwY2FiNjZjNjY0YzIwNzRiNTM1NWY3NDYxOGYzNzMyODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrKgVBBBClEU9Uuv9T9dYMOnZB1X
Tt078RcNnbetA7vUp1KOOMdaE7p92n3UeJElzqkus/cdGrHu8afmu6KGv0DTHuOi
QaI/28CsNn6VTAd27DjJHmbleuGuOY0hMjM4CTT9VUz5ccHnIH0LUKEO0hnyp86m
Bl1dny+wKpKWv7W4CamG4RIk4a0kcRqJOGcIZBknJKF+TWBKShFUKynvnTPBhOjj
EcvfZdJUwJ4uwd4BZSObAWJ0owP5GpPosPyUAxOz9HBK46NA8DqUcGih7GxdvcM+
LUNLtcFCmXtTE+mqyTVIeKWM8jkFS0pDlUfFo8PtQ996+cxj58OKSMty+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEn+CQyrZsZkwgdLU1X3RhjzcyiRMB8GA1UdIwQY
MBaAFL4zZLw491sY1vbu8gMgn3HCdo2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpOa3ZEajNXeGpXOXU3eUF5Q2ZjY0oyallVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85N2JlNTAtMmNlNi00ZTJiLWEzZTct
MWE2YWM5OGFjNmY5LzEvU2Y0SkRLdG14bVRDQjB0VFZmZEdHUE56S0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85N2JlNTAtMmNlNi00ZTJiLWEzZTctMWE2YWM5OGFjNmY5
LzEvdmpOa3ZEajNXeGpXOXU3eUF5Q2ZjY0oyallVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubNUAwQC
uejkMA0EAgACMAcDBQMqCn6AMA0GCSqGSIb3DQEBCwUAA4IBAQAFB7qJk1V3TlCD
nPV984pJAEcqr5VpernMSeIa6M/i3TbSfPHktXJcBk9EECWaEHkofhYjlZCZZZdj
WTYahL1t5gDn429L8dD+9x2hrEY2YiqABuSBum4TAsgsDY4covSpXsHFt90KUefZ
ekJkGQo7kOYo7Eab2hWBeJ2EzSCgHkVu/tr7mKdY50+O3tPFHkTjCHJFCwevJDcE
OA5Z2h2REnzQrWT3TGhlPA1D+htZJvs9Llvezgnkw8KqB0hdZSGix5/+1FO4XCGl
30qTtzzGnFhha2/QkhSi4lzPrLqwGmP+qObn0kJJHKhBr/D9XX4xlbySbrr0iHAV
3oYSZG+w
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:32:35 2025 by rpki-client