Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/_aA4Wyjvr1KQI6MZRuulqWfOG_I.roa
File: _aA4Wyjvr1KQI6MZRuulqWfOG_I.roa (raw, json)
Hash identifier: 7oXyPxkh0Mrcry896ICdX0g6fme5Uz30QIaBxhiaDzs=
Subject key identifier: FD:A0:38:5B:28:EF:AF:52:90:23:A3:19:46:EB:A5:A9:67:CE:1B:F2
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0199B5339660CC70DB9D5FC5C776B8932126
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/_aA4Wyjvr1KQI6MZRuulqWfOG_I.roa
Signing time: Sun 05 Oct 2025 16:28:00 +0000
ROA not before: Sun 05 Oct 2025 16:28:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35830
IP address blocks: 130.49.76.0/24 maxlen: 24
130.49.77.0/24 maxlen: 24
130.49.78.0/24 maxlen: 24
130.49.79.0/24 maxlen: 24
130.49.112.0/24 maxlen: 24
130.49.113.0/24 maxlen: 24
130.49.114.0/24 maxlen: 24
130.49.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b5:33:96:60:cc:70:db:9d:5f:c5:c7:76:b8:93:21:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 5 16:28:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda0385b28efaf529023a31946eba5a967ce1bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c0:4e:0b:f1:56:42:eb:45:cc:39:9a:43:40:
51:8e:92:ef:66:2f:09:64:8b:4a:77:f2:cb:57:19:
63:fe:de:96:88:1c:d6:3d:fe:aa:b5:e5:d0:81:fb:
13:b7:68:6d:42:b1:d9:7d:ab:88:08:70:f0:3d:b5:
d2:7b:44:f0:75:7d:1c:42:56:37:55:12:40:26:8f:
cc:bb:be:aa:eb:41:f5:c9:8f:53:a1:e7:71:63:ad:
41:39:06:b6:86:f0:49:d5:01:d4:39:9e:ae:ba:ad:
28:14:ba:a4:d2:2d:e8:ab:61:22:71:37:7a:02:51:
18:10:a0:5a:9c:08:b0:cd:23:90:37:01:50:32:13:
6e:04:43:a9:6d:29:dc:a9:29:ad:01:43:76:19:87:
ef:af:3f:6a:cb:cd:c2:d9:06:a8:79:e7:16:fc:f1:
71:bd:2e:4e:e9:79:0a:94:14:01:c7:e7:3d:8a:4c:
b1:64:77:76:5a:bf:2c:5e:88:e0:7f:f0:ad:4b:55:
2b:e7:56:f5:30:d2:e2:1d:f5:4f:85:66:f5:b7:0b:
74:2f:07:3a:36:84:5a:bd:92:71:30:2d:94:30:37:
6c:b2:b8:c5:98:87:0a:ac:c2:85:6b:67:c4:05:b8:
09:ec:15:9b:89:da:43:fb:2c:c8:e3:f8:9d:89:c4:
52:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A0:38:5B:28:EF:AF:52:90:23:A3:19:46:EB:A5:A9:67:CE:1B:F2
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/_aA4Wyjvr1KQI6MZRuulqWfOG_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.49.76.0/22
130.49.112.0/22
Signature Algorithm: sha256WithRSAEncryption
66:3c:f2:33:15:0c:d6:82:33:11:d8:08:2f:7b:a6:74:55:47:
8d:c8:0a:4b:ef:2e:ed:c6:5b:00:9d:06:83:26:1e:fe:0f:1a:
df:61:46:e7:2b:88:55:a5:59:53:83:bb:2d:bc:bd:72:6d:0d:
57:ed:ec:4c:c4:1d:6b:0c:62:52:25:47:01:fa:e6:78:0f:91:
52:f4:bc:83:59:f9:34:fd:3d:f1:ad:5a:c6:9e:45:07:90:a0:
89:35:1b:dc:e8:83:09:5f:a8:b3:25:32:2f:e0:2f:1d:ad:78:
f1:75:0e:1e:0c:0b:72:00:12:01:a2:a1:4a:4d:87:6b:21:90:
ab:8f:fa:1b:de:be:dd:b0:4d:da:03:e2:c0:49:c1:7b:d7:45:
20:37:05:a7:6c:56:a8:e5:b2:84:a5:b9:a9:d6:a9:d5:d2:b9:
fe:4c:a7:70:64:25:6f:3a:ea:d9:cc:11:89:37:16:3b:70:29:
6d:15:9a:00:be:69:1e:b5:ab:1e:85:dc:f0:c3:98:7d:2d:3f:
6b:5b:0a:d7:7b:e7:88:6a:9b:7d:0b:cc:96:b9:a7:43:28:c6:
0b:da:54:2e:04:52:9c:9a:32:03:db:ca:13:f5:91:8d:99:b8:
a4:57:ec:93:af:0d:1a:bb:4c:9f:06:69:84:23:19:58:99:13:
33:d4:6b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm1M5ZgzHDbnV/Fx3a4kyEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDA1MTYyODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEwMzg1YjI4ZWZhZjUyOTAyM2EzMTk0NmViYTVhOTY3Y2UxYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8BOC/FWQutFzDmaQ0BRjpLvZi8J
ZItKd/LLVxlj/t6WiBzWPf6qteXQgfsTt2htQrHZfauICHDwPbXSe0TwdX0cQlY3
VRJAJo/Mu76q60H1yY9ToedxY61BOQa2hvBJ1QHUOZ6uuq0oFLqk0i3oq2EicTd6
AlEYEKBanAiwzSOQNwFQMhNuBEOpbSncqSmtAUN2GYfvrz9qy83C2QaoeecW/PFx
vS5O6XkKlBQBx+c9ikyxZHd2Wr8sXojgf/CtS1Ur51b1MNLiHfVPhWb1twt0Lwc6
NoRavZJxMC2UMDdssrjFmIcKrMKFa2fEBbgJ7BWbidpD+yzI4/idicRSjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP2gOFso769SkCOjGUbrpalnzhvyMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvX2FBNFd5anZyMUtRSTZNWlJ1dWxxV2ZPR19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCgjFMAwQC
gjFwMA0GCSqGSIb3DQEBCwUAA4IBAQBmPPIzFQzWgjMR2Agve6Z0VUeNyApL7y7t
xlsAnQaDJh7+DxrfYUbnK4hVpVlTg7stvL1ybQ1X7exMxB1rDGJSJUcB+uZ4D5FS
9LyDWfk0/T3xrVrGnkUHkKCJNRvc6IMJX6izJTIv4C8drXjxdQ4eDAtyABIBoqFK
TYdrIZCrj/ob3r7dsE3aA+LAScF710UgNwWnbFao5bKEpbmp1qnV0rn+TKdwZCVv
OurZzBGJNxY7cCltFZoAvmketasehdzww5h9LT9rWwrXe+eIapt9C8yWuadDKMYL
2lQuBFKcmjID28oT9ZGNmbikV+yTrw0au0yfBmmEIxlYmRMz1Gur
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:56:36 2025 by rpki-client