Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/tO7VMSGjBmDk8hJ1xmBwdBXl31A.roa
File: tO7VMSGjBmDk8hJ1xmBwdBXl31A.roa (raw, json)
Hash identifier: gnhrOjPPgjYmJ8TeWItEuTYvPoPPGZwGa4Zc7bqd4V8=
Subject key identifier: B4:EE:D5:31:21:A3:06:60:E4:F2:12:75:C6:60:70:74:15:E5:DF:50
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0199CA1C554C50B5D10C5B17860B3575A236
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/tO7VMSGjBmDk8hJ1xmBwdBXl31A.roa
Signing time: Thu 09 Oct 2025 17:54:38 +0000
ROA not before: Thu 09 Oct 2025 17:54:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
45.12.60.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
86.54.30.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e944::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e946::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:1c:55:4c:50:b5:d1:0c:5b:17:86:0b:35:75:a2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Oct 9 17:54:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4eed53121a30660e4f21275c660707415e5df50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:62:27:a0:70:49:2f:4e:99:29:f5:6c:b7:
bf:20:80:c9:fe:6e:a8:f8:a9:26:ba:e5:38:25:e0:
82:fc:e5:59:14:a8:4d:c2:d9:9d:84:a7:3e:18:eb:
d7:68:1f:60:38:6a:1f:5f:58:f5:b7:1e:2f:7b:74:
ae:83:1b:77:f2:e6:c9:bd:79:63:b5:65:e7:1d:63:
8c:f5:a4:7e:54:ea:6d:20:86:96:4f:bd:3e:27:1b:
b7:5b:54:4b:6c:d0:17:1e:70:5f:9f:1a:32:53:b0:
77:bb:4d:93:ec:ff:ec:b4:b8:8d:80:9e:9d:4e:82:
75:c6:cd:0c:56:5c:19:2d:40:3d:4f:95:b8:61:bb:
11:fa:e6:df:a0:41:7c:cf:59:bf:5b:31:76:00:76:
8d:27:bc:f2:c4:1a:1c:b9:09:05:ea:45:bd:93:51:
6e:d4:b7:9d:fc:58:fd:3a:f9:59:4a:df:ef:d0:81:
fa:1e:8a:20:8b:d3:62:e5:6d:ea:1d:42:cc:16:65:
26:5d:6e:a1:81:21:a4:43:9f:e1:39:6d:03:2c:89:
43:f5:70:68:b0:bb:6a:de:3b:ae:38:e6:c0:ed:44:
4d:10:87:7f:45:21:5d:cd:5b:18:83:a3:5d:99:7a:
04:5f:3b:91:3b:42:30:f8:aa:2d:57:8a:51:7d:d8:
38:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EE:D5:31:21:A3:06:60:E4:F2:12:75:C6:60:70:74:15:E5:DF:50
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/tO7VMSGjBmDk8hJ1xmBwdBXl31A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
45.12.60.0/24
86.54.28.0/22
212.104.140.0/23
213.254.179.0/24
IPv6:
2a01:e940::/48
2a01:e944::/48
2a01:e945::/48
2a01:e946::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
69:d0:f0:d3:9d:c4:8a:a9:15:a4:4b:6f:33:be:e3:75:07:37:
22:fb:48:ac:ac:f8:67:e8:75:bd:dd:19:d1:49:d6:59:30:47:
ed:00:73:78:e7:4f:8c:73:06:87:4c:69:93:31:8f:93:a3:e8:
79:58:ee:e6:cd:7d:d3:d0:70:ca:1e:7f:bf:d4:f4:94:00:bc:
4e:14:1b:80:9c:93:23:a2:e5:36:57:d8:b3:bd:33:b1:2e:d7:
b9:16:89:cd:02:bd:b2:21:33:e6:2a:6b:5c:e5:9d:e4:bd:22:
bd:fd:38:e3:34:2a:da:81:fa:9a:e4:2b:e8:bf:6a:2d:bc:8c:
f2:41:68:07:ea:bd:5e:d3:2d:e4:82:a1:e1:76:0f:92:5a:94:
57:87:54:21:8e:61:a3:46:38:fe:c6:94:8b:36:e8:c3:5a:a8:
0e:de:cd:65:ea:44:44:3e:c2:3b:2d:7b:6d:f0:87:a7:da:34:
85:f1:9e:8e:00:a7:3b:d2:b2:60:44:fe:fb:9c:2a:6d:ba:2e:
03:87:36:0c:11:af:24:d6:59:a9:e9:b0:ab:41:d4:c1:c2:18:
f2:e7:04:16:49:81:a1:96:07:29:be:66:36:69:33:07:4e:89:
a1:c8:a2:73:69:d1:42:48:04:0a:2c:16:33:2a:06:f9:0f:a6:
de:5a:0f:c3
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZnKHFVMULXRDFsXhgs1daI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUxMDA5MTc1NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGVlZDUzMTIxYTMwNjYwZTRmMjEyNzVjNjYwNzA3NDE1ZTVkZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiJiJ6BwSS9OmSn1bLe/IIDJ/m6o
+KkmuuU4JeCC/OVZFKhNwtmdhKc+GOvXaB9gOGofX1j1tx4ve3Sugxt38ubJvXlj
tWXnHWOM9aR+VOptIIaWT70+Jxu3W1RLbNAXHnBfnxoyU7B3u02T7P/stLiNgJ6d
ToJ1xs0MVlwZLUA9T5W4YbsR+ubfoEF8z1m/WzF2AHaNJ7zyxBocuQkF6kW9k1Fu
1Led/Fj9OvlZSt/v0IH6Hoogi9Ni5W3qHULMFmUmXW6hgSGkQ5/hOW0DLIlD9XBo
sLtq3juuOObA7URNEId/RSFdzVsYg6NdmXoEXzuRO0Iw+KotV4pRfdg4tQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFLTu1TEhowZg5PISdcZgcHQV5d9QMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvdE83Vk1TR2pCbURrOGhKMXhtQndkQlhsMzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAkBAIAATAeAwQAAjsWAwQA
LQw8AwQCVjYcAwQB1GiMAwQA1f6zMDMEAgACMC0DBwAqAelAAAADBwAqAelEAAAD
BwAqAelFAAADBwAqAelGAAADBwAqAelHAAAwDQYJKoZIhvcNAQELBQADggEBAGnQ
8NOdxIqpFaRLbzO+43UHNyL7SKys+Gfodb3dGdFJ1lkwR+0Ac3jnT4xzBodMaZMx
j5Oj6HlY7ubNfdPQcMoef7/U9JQAvE4UG4CckyOi5TZX2LO9M7Eu17kWic0CvbIh
M+Yqa1zlneS9Ir39OOM0KtqB+prkK+i/ai28jPJBaAfqvV7TLeSCoeF2D5JalFeH
VCGOYaNGOP7GlIs26MNaqA7ezWXqREQ+wjste23wh6faNIXxno4ApzvSsmBE/vuc
Km26LgOHNgwRryTWWanpsKtB1MHCGPLnBBZJgaGWBym+ZjZpMwdOiaHIonNp0UJI
BAosFjMqBvkPpt5aD8M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:47:58 2025 by rpki-client