Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ivxyQ0VDy1QRWUlTro9dtAob9bs.roa
File: ivxyQ0VDy1QRWUlTro9dtAob9bs.roa (raw, json)
Hash identifier: uQtt4sSWpP1bdpa6GwajaXb2fLEN/kuqua6WgKuzLvM=
Subject key identifier: 8A:FC:72:43:45:43:CB:54:11:59:49:53:AE:8F:5D:B4:0A:1B:F5:BB
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0199B534805B5A64511679D313240CAF2B7F
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ivxyQ0VDy1QRWUlTro9dtAob9bs.roa
Signing time: Sun 05 Oct 2025 16:29:00 +0000
ROA not before: Sun 05 Oct 2025 16:29:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43444
IP address blocks: 155.212.36.0/24 maxlen: 24
155.212.37.0/24 maxlen: 24
155.212.38.0/24 maxlen: 24
155.212.39.0/24 maxlen: 24
155.212.108.0/24 maxlen: 24
155.212.109.0/24 maxlen: 24
155.212.110.0/24 maxlen: 24
155.212.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b5:34:80:5b:5a:64:51:16:79:d3:13:24:0c:af:2b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 5 16:29:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8afc72434543cb5411594953ae8f5db40a1bf5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8e:6d:31:f3:28:d0:bc:68:02:ad:0b:af:8e:
37:53:46:ff:97:e0:fd:c4:79:21:c9:c7:e2:7a:c0:
53:15:a0:85:e2:87:b4:60:42:52:f3:69:54:14:f2:
f2:69:87:7e:ec:bc:d2:e4:72:ea:2f:8e:ac:04:0d:
4f:ec:8f:08:96:21:c7:4e:bf:75:3e:76:f7:9d:33:
24:d0:07:fd:b0:1b:17:d3:e2:35:bb:f7:bd:ab:1e:
cc:59:37:10:cf:3e:f8:42:98:92:74:75:3c:d1:30:
50:78:31:e5:72:df:e8:c8:88:09:41:74:a7:85:7a:
37:29:1e:65:a7:38:12:80:1b:3a:84:53:a4:3a:11:
69:50:62:6a:d0:87:46:a9:ef:40:b3:45:d8:f4:a5:
8d:14:c0:5f:ec:73:a9:a8:99:82:da:df:50:fd:b1:
af:4c:5b:43:09:62:dc:e8:b1:00:6e:a6:f4:f6:71:
97:1c:81:77:df:49:1a:69:b0:68:06:f7:3d:38:1e:
a7:7a:5a:d6:a1:30:f0:81:1f:ae:61:ae:59:40:a1:
ef:c9:76:e8:11:ad:65:73:da:e7:95:58:43:4d:f0:
79:ed:97:6f:bb:4e:36:c5:28:60:68:33:05:64:f2:
cd:67:aa:61:5b:66:78:ef:5a:61:44:5b:48:bf:21:
8f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FC:72:43:45:43:CB:54:11:59:49:53:AE:8F:5D:B4:0A:1B:F5:BB
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/ivxyQ0VDy1QRWUlTro9dtAob9bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.212.36.0/22
155.212.108.0/22
Signature Algorithm: sha256WithRSAEncryption
33:10:0a:64:63:78:0a:d1:95:a5:65:9f:d9:ca:d6:32:f1:de:
03:3b:34:c6:1e:7c:90:f7:6e:da:b6:a3:5a:d4:cc:b1:c6:a5:
ed:e8:3c:b2:76:47:45:c8:79:f4:13:10:31:4b:73:6e:e2:5d:
c7:53:fb:64:92:a4:dd:9e:99:87:97:44:90:69:5e:24:9e:1e:
21:df:d0:01:51:0c:18:6a:03:e2:88:d6:87:d1:52:10:91:37:
38:60:2b:61:0f:d7:e9:06:76:12:c8:8c:ca:35:e3:09:74:22:
a6:5c:17:69:cb:64:c1:74:b9:01:04:b5:b4:41:a4:94:fb:64:
57:9b:50:6c:05:7f:d6:66:bf:77:8f:d9:72:00:c3:a5:b6:ff:
99:9e:75:28:17:39:fe:d7:f5:19:3a:c6:27:e6:e5:49:bb:1b:
18:0b:ef:60:58:47:5b:37:16:c4:38:a4:e0:9f:67:ae:dc:82:
76:06:1b:95:55:90:89:04:33:ab:9e:10:33:06:0f:c8:6d:fc:
a3:3e:e5:ed:fc:f5:cb:0b:7f:2e:3e:b9:27:af:e6:40:da:66:
53:5c:d6:50:e4:99:97:2e:28:d2:aa:3b:72:b7:f3:45:f3:07:
5f:e9:10:32:7e:c8:6a:47:f3:33:ff:3f:0d:07:e7:dc:ff:fd:
53:8e:07:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm1NIBbWmRRFnnTEyQMryt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDA1MTYyOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWZjNzI0MzQ1NDNjYjU0MTE1OTQ5NTNhZThmNWRiNDBhMWJmNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg45tMfMo0LxoAq0Lr443U0b/l+D9
xHkhycfiesBTFaCF4oe0YEJS82lUFPLyaYd+7LzS5HLqL46sBA1P7I8IliHHTr91
Pnb3nTMk0Af9sBsX0+I1u/e9qx7MWTcQzz74QpiSdHU80TBQeDHlct/oyIgJQXSn
hXo3KR5lpzgSgBs6hFOkOhFpUGJq0IdGqe9As0XY9KWNFMBf7HOpqJmC2t9Q/bGv
TFtDCWLc6LEAbqb09nGXHIF330kaabBoBvc9OB6nelrWoTDwgR+uYa5ZQKHvyXbo
Ea1lc9rnlVhDTfB57Zdvu042xShgaDMFZPLNZ6phW2Z471phRFtIvyGPmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIr8ckNFQ8tUEVlJU66PXbQKG/W7MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvaXZ4eVEwVkR5MVFSV1VsVHJvOWR0QW9iOWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCm9QkAwQC
m9RsMA0GCSqGSIb3DQEBCwUAA4IBAQAzEApkY3gK0ZWlZZ/ZytYy8d4DOzTGHnyQ
927atqNa1MyxxqXt6DyydkdFyHn0ExAxS3Nu4l3HU/tkkqTdnpmHl0SQaV4knh4h
39ABUQwYagPiiNaH0VIQkTc4YCthD9fpBnYSyIzKNeMJdCKmXBdpy2TBdLkBBLW0
QaSU+2RXm1BsBX/WZr93j9lyAMOltv+ZnnUoFzn+1/UZOsYn5uVJuxsYC+9gWEdb
NxbEOKTgn2eu3IJ2BhuVVZCJBDOrnhAzBg/IbfyjPuXt/PXLC38uPrknr+ZA2mZT
XNZQ5JmXLijSqjtyt/NF8wdf6RAyfshqR/Mz/z8NB+fc//1TjgfI
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:12:56 2025 by rpki-client