Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/j3OIPfB0pAJssYLb-gz8FCy3qJs.roa
File: j3OIPfB0pAJssYLb-gz8FCy3qJs.roa (raw, json)
Hash identifier: yvekxPwvl+4RnVp+fG/2+CXACkwJaDkDoiC4fxlKeP8=
Subject key identifier: 8F:73:88:3D:F0:74:A4:02:6C:B1:82:DB:FA:0C:FC:14:2C:B7:A8:9B
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01995D9B2AE8B8A6D58628E2ADF0E609A28C
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/j3OIPfB0pAJssYLb-gz8FCy3qJs.roa
Signing time: Thu 18 Sep 2025 16:14:34 +0000
ROA not before: Thu 18 Sep 2025 16:14:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.243.0/24 maxlen: 24
88.218.250.0/24 maxlen: 24
193.28.183.0/24 maxlen: 24
194.147.88.0/24 maxlen: 24
194.156.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:9b:2a:e8:b8:a6:d5:86:28:e2:ad:f0:e6:09:a2:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Sep 18 16:14:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f73883df074a4026cb182dbfa0cfc142cb7a89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4d:71:1d:09:43:ee:11:d8:14:04:9c:e1:87:
09:d4:d5:66:7d:90:5f:95:f5:9a:3e:65:7e:a4:c4:
d3:0d:bb:5b:81:be:78:12:ef:cd:c4:93:2f:8e:0f:
30:90:22:b9:4f:70:93:c9:3d:3f:79:0a:2e:60:4a:
19:70:7c:de:8a:72:be:9e:6f:a3:2a:75:61:ab:04:
7c:bb:2a:36:ae:91:ee:1d:72:80:ec:76:8d:55:18:
3e:e7:29:39:4c:52:46:b8:e1:39:a3:30:a2:f8:4b:
66:ff:61:b3:0f:fe:48:2b:84:85:4c:db:0e:84:ae:
57:71:f0:c0:69:c3:42:d1:16:01:b1:cb:00:db:90:
dd:26:5d:40:1a:3d:56:68:8d:16:98:7e:af:0f:25:
0b:4b:5a:5c:a0:b9:4d:8f:a7:25:c9:40:c4:62:cf:
7c:4a:b5:96:c1:03:ea:f8:dc:26:a0:f4:52:fb:32:
10:9f:8a:f9:d9:81:4c:84:da:72:32:fb:a5:9a:b7:
a4:99:76:49:8f:00:cb:5f:a7:2a:cf:f6:5c:5c:b1:
1a:17:c1:21:43:62:b4:b2:68:09:b3:40:d2:a0:c5:
94:7a:72:1d:62:9c:e5:4c:59:15:dd:e3:3d:23:2c:
39:30:95:85:bc:93:83:70:ba:dc:6d:9b:a5:54:5a:
5f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:88:3D:F0:74:A4:02:6C:B1:82:DB:FA:0C:FC:14:2C:B7:A8:9B
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/j3OIPfB0pAJssYLb-gz8FCy3qJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.243.0/24
88.218.250.0/24
193.28.183.0/24
194.147.88.0/24
194.156.94.0/24
Signature Algorithm: sha256WithRSAEncryption
32:43:90:7f:d2:e8:5b:7a:3f:18:3b:f0:61:26:e1:7f:55:55:
69:f3:37:0f:26:bd:0c:83:0d:b9:65:d5:3e:de:2b:d5:e5:22:
ff:64:58:7c:18:ec:7d:0b:d1:6a:31:08:fb:16:78:a7:93:16:
f4:c2:cd:35:8f:79:03:6a:e1:a6:9a:98:5f:fc:80:4b:41:ef:
87:ce:7f:79:21:00:d3:f8:aa:ea:17:d6:70:1c:23:1e:8d:ed:
8e:e9:85:2d:da:ab:43:4a:22:d2:b7:8a:66:f1:eb:79:a4:b4:
ac:89:dd:1f:e1:41:03:07:f5:b5:6a:4e:66:44:10:0f:b6:39:
41:a5:9a:13:bf:4e:f5:50:e3:28:34:5b:e6:b6:82:74:04:ef:
b3:26:6e:b6:95:64:70:77:e5:4f:c2:95:76:ac:47:bc:33:88:
f5:76:a2:53:5e:01:65:b9:30:e9:74:56:91:3b:ac:c7:f2:f7:
e0:ac:b9:82:0d:78:23:63:91:c7:e1:6f:7d:41:c0:88:e5:6b:
7f:cd:04:59:1d:97:f6:dd:11:9b:c6:e4:8a:5a:a2:fe:79:1e:
9c:d2:ae:42:6e:38:f1:61:1e:28:90:df:08:e8:c8:e0:65:ed:
b6:1b:7d:27:1c:3e:d5:3f:4e:e4:f1:ab:99:83:67:5a:68:2a:
d4:7a:ae:1d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZldmyrouKbVhijirfDmCaKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwOTE4MTYxNDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjczODgzZGYwNzRhNDAyNmNiMTgyZGJmYTBjZmMxNDJjYjdhODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU1xHQlD7hHYFASc4YcJ1NVmfZBf
lfWaPmV+pMTTDbtbgb54Eu/NxJMvjg8wkCK5T3CTyT0/eQouYEoZcHzeinK+nm+j
KnVhqwR8uyo2rpHuHXKA7HaNVRg+5yk5TFJGuOE5ozCi+Etm/2GzD/5IK4SFTNsO
hK5XcfDAacNC0RYBscsA25DdJl1AGj1WaI0WmH6vDyULS1pcoLlNj6clyUDEYs98
SrWWwQPq+NwmoPRS+zIQn4r52YFMhNpyMvulmrekmXZJjwDLX6cqz/ZcXLEaF8Eh
Q2K0smgJs0DSoMWUenIdYpzlTFkV3eM9Iyw5MJWFvJODcLrcbZulVFpf/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI9ziD3wdKQCbLGC2/oM/BQst6ibMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvajNPSVBmQjBwQUpzc1lMYi1nejhGQ3kzcUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjjzAwQA
WNr6AwQAwRy3AwQAwpNYAwQAwpxeMA0GCSqGSIb3DQEBCwUAA4IBAQAyQ5B/0uhb
ej8YO/BhJuF/VVVp8zcPJr0Mgw25ZdU+3ivV5SL/ZFh8GOx9C9FqMQj7Fninkxb0
ws01j3kDauGmmphf/IBLQe+Hzn95IQDT+KrqF9ZwHCMeje2O6YUt2qtDSiLSt4pm
8et5pLSsid0f4UEDB/W1ak5mRBAPtjlBpZoTv071UOMoNFvmtoJ0BO+zJm62lWRw
d+VPwpV2rEe8M4j1dqJTXgFluTDpdFaRO6zH8vfgrLmCDXgjY5HH4W99QcCI5Wt/
zQRZHZf23RGbxuSKWqL+eR6c0q5CbjjxYR4okN8I6MjgZe22G30nHD7VP07k8auZ
g2daaCrUeq4d
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:51 2025 by rpki-client