Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/jT9M2q3-JmfBGqlkvqfv7X_lK7k.roa
File: jT9M2q3-JmfBGqlkvqfv7X_lK7k.roa (raw, json)
Hash identifier: 2EpzeWTEb3JVIFCKyCL/tj06ZaHz1YBQQFcfRdYnEzo=
Subject key identifier: 8D:3F:4C:DA:AD:FE:26:67:C1:1A:A9:64:BE:A7:EF:ED:7F:E5:2B:B9
Certificate issuer: /CN=cef84e4749cccd583fefc7797c3d67b10898a188
Certificate serial: 0199DBC7F2A946CBF60146BFEEE54D8581FA
Authority key identifier: CE:F8:4E:47:49:CC:CD:58:3F:EF:C7:79:7C:3D:67:B1:08:98:A1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/jT9M2q3-JmfBGqlkvqfv7X_lK7k.roa
Signing time: Mon 13 Oct 2025 04:15:38 +0000
ROA not before: Mon 13 Oct 2025 04:15:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43627
IP address blocks: 46.36.92.0/22 maxlen: 24
185.61.64.0/24 maxlen: 24
185.61.65.0/24 maxlen: 24
185.61.66.0/24 maxlen: 24
185.61.67.0/24 maxlen: 24
213.164.119.0/24 maxlen: 24
213.164.120.0/23 maxlen: 24
213.164.122.0/23 maxlen: 24
213.164.124.0/23 maxlen: 24
213.164.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:db:c7:f2:a9:46:cb:f6:01:46:bf:ee:e5:4d:85:81:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cef84e4749cccd583fefc7797c3d67b10898a188
Validity
Not Before: Oct 13 04:15:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d3f4cdaadfe2667c11aa964bea7efed7fe52bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d9:bb:c6:e7:2b:27:5c:60:c2:e8:c2:83:29:
1e:2c:c6:39:af:bf:cc:b2:af:c8:79:45:12:f0:76:
47:ce:5c:e9:1b:8e:72:50:0e:64:d1:fd:aa:b9:77:
9e:a3:12:2b:5c:d0:30:f1:20:25:c5:fe:06:f1:08:
9d:70:94:e0:a1:5f:1a:45:5e:63:5d:b1:05:15:0a:
cb:a5:7e:98:2e:18:d7:3d:2f:27:9d:6e:e1:a6:2b:
10:a9:bc:91:94:c8:02:30:6f:eb:87:5a:fb:da:d1:
95:7f:90:c3:5e:a8:e8:79:81:80:3c:23:c1:bf:67:
3c:94:a5:a2:5f:7d:98:35:59:62:08:de:6e:e4:b0:
6f:fa:2d:48:f8:b7:d6:6c:66:12:86:79:37:81:bd:
f0:79:41:e0:aa:8f:d9:34:ae:10:50:29:37:c6:75:
22:af:a2:58:32:e7:c0:4c:26:e3:4b:c5:e3:3a:6f:
f1:d8:7d:ae:fe:37:61:25:50:8f:10:d4:af:11:6c:
c2:50:63:af:66:ae:1c:9f:62:df:31:7b:6f:d3:6f:
9a:95:46:0a:68:d7:af:e2:f6:ac:68:41:e0:cc:32:
90:83:72:8e:3a:ae:27:d9:df:ba:c7:3b:23:fd:46:
f5:e6:95:a8:83:e0:f7:df:d4:c5:05:bb:62:4b:8f:
34:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3F:4C:DA:AD:FE:26:67:C1:1A:A9:64:BE:A7:EF:ED:7F:E5:2B:B9
X509v3 Authority Key Identifier:
keyid:CE:F8:4E:47:49:CC:CD:58:3F:EF:C7:79:7C:3D:67:B1:08:98:A1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvhOR0nMzVg_78d5fD1nsQiYoYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/jT9M2q3-JmfBGqlkvqfv7X_lK7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16afe5-a443-4237-ad7d-dab6e2c5fdd9/1/zvhOR0nMzVg_78d5fD1nsQiYoYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.92.0/22
185.61.64.0/22
213.164.119.0-213.164.127.255
Signature Algorithm: sha256WithRSAEncryption
48:2f:18:72:c7:38:d1:e9:3a:44:59:e2:fa:4d:6f:98:b8:e3:
98:11:87:16:c4:c6:f5:01:67:19:af:14:bc:4b:da:3d:9c:67:
a2:31:c9:27:c3:80:ed:82:c2:e6:11:ac:ac:eb:ec:d8:05:24:
f1:d3:2e:7d:3b:1b:a1:db:0b:74:3d:0e:05:77:86:68:8f:1a:
ba:bf:8c:69:2f:f1:f1:0c:1a:69:24:cf:8f:fc:73:74:7c:c8:
72:0c:5e:d4:ed:f1:15:c7:a3:6e:e4:82:09:24:64:8a:a1:93:
37:66:17:cc:0c:86:78:5e:62:25:72:7a:cc:95:c9:17:09:53:
d6:52:75:25:92:21:ed:8f:06:77:13:24:63:7d:0b:25:c3:20:
89:c8:06:bc:3e:02:d5:4b:6b:16:d5:d4:f6:b5:a8:e7:91:73:
af:7f:6a:b4:b0:0c:ee:a2:51:57:75:27:a3:40:c9:a1:90:b2:
02:59:a6:75:02:ba:dd:ba:5c:31:cd:eb:da:e6:10:02:6d:9c:
26:af:5f:df:36:16:12:89:e4:70:18:c5:9c:1d:9a:61:19:bb:
be:cb:18:7f:fb:bd:31:36:06:8a:98:57:ee:05:f9:1e:9b:d9:
28:5b:3a:bc:39:61:b5:1b:87:e3:0c:fe:15:de:b3:42:b7:49:
7f:9c:c3:c9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZnbx/KpRsv2AUa/7uVNhYH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZjg0ZTQ3NDljY2NkNTgzZmVmYzc3OTdjM2Q2N2IxMDg5
OGExODgwHhcNMjUxMDEzMDQxNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNmNGNkYWFkZmUyNjY3YzExYWE5NjRiZWE3ZWZlZDdmZTUyYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntm7xucrJ1xgwujCgykeLMY5r7/M
sq/IeUUS8HZHzlzpG45yUA5k0f2quXeeoxIrXNAw8SAlxf4G8QidcJTgoV8aRV5j
XbEFFQrLpX6YLhjXPS8nnW7hpisQqbyRlMgCMG/rh1r72tGVf5DDXqjoeYGAPCPB
v2c8lKWiX32YNVliCN5u5LBv+i1I+LfWbGYShnk3gb3weUHgqo/ZNK4QUCk3xnUi
r6JYMufATCbjS8XjOm/x2H2u/jdhJVCPENSvEWzCUGOvZq4cn2LfMXtv02+alUYK
aNev4vasaEHgzDKQg3KOOq4n2d+6xzsj/Ub15pWog+D339TFBbtiS480WwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI0/TNqt/iZnwRqpZL6n7+1/5Su5MB8GA1UdIwQY
MBaAFM74TkdJzM1YP+/HeXw9Z7EImKGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenZoT1Iwbk16VmdfNzhkNWZEMW5zUWlZb1lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmFmZTUtYTQ0My00MjM3LWFkN2Qt
ZGFiNmUyYzVmZGQ5LzEvalQ5TTJxMy1KbWZCR3Fsa3ZxZnY3WF9sSzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmFmZTUtYTQ0My00MjM3LWFkN2QtZGFiNmUyYzVmZGQ5
LzEvenZoT1Iwbk16VmdfNzhkNWZEMW5zUWlZb1lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLiRcAwQC
uT1AMAwDBADVpHcDBAfVpAAwDQYJKoZIhvcNAQELBQADggEBAEgvGHLHONHpOkRZ
4vpNb5i445gRhxbExvUBZxmvFLxL2j2cZ6IxySfDgO2CwuYRrKzr7NgFJPHTLn07
G6HbC3Q9DgV3hmiPGrq/jGkv8fEMGmkkz4/8c3R8yHIMXtTt8RXHo27kggkkZIqh
kzdmF8wMhnheYiVyesyVyRcJU9ZSdSWSIe2PBncTJGN9CyXDIInIBrw+AtVLaxbV
1Pa1qOeRc69/arSwDO6iUVd1J6NAyaGQsgJZpnUCut26XDHN69rmEAJtnCavX982
FhKJ5HAYxZwdmmEZu77LGH/7vTE2BoqYV+4F+R6b2ShbOrw5YbUbh+MM/hXes0K3
SX+cw8k=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:25:02 2025 by rpki-client