Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/s1tohRSZu__XAcftU1RiatFR4dQ.roa
File: s1tohRSZu__XAcftU1RiatFR4dQ.roa (raw, json)
Hash identifier: VEmypovoGht5ITUXKfWFpiCHNX0Yi9nhk6KgNzb6xkg=
Subject key identifier: B3:5B:68:85:14:99:BB:FF:D7:01:C7:ED:53:54:62:6A:D1:51:E1:D4
Certificate issuer: /CN=f7e092affaf9b5484e00999aa7f1cef1ac7b4093
Certificate serial: 0199019C2C49D5797294971DBE01D7CE97B1
Authority key identifier: F7:E0:92:AF:FA:F9:B5:48:4E:00:99:9A:A7:F1:CE:F1:AC:7B:40:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-CSr_r5tUhOAJmap_HO8ax7QJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/s1tohRSZu__XAcftU1RiatFR4dQ.roa
Signing time: Sun 31 Aug 2025 19:30:36 +0000
ROA not before: Sun 31 Aug 2025 19:30:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8752
IP address blocks: 46.38.96.0/19 maxlen: 19
95.182.32.0/19 maxlen: 19
185.35.168.0/22 maxlen: 22
212.46.0.0/19 maxlen: 23
212.46.0.0/23 maxlen: 23
212.46.2.0/23 maxlen: 23
212.46.4.0/22 maxlen: 22
212.46.8.0/21 maxlen: 21
212.46.16.0/20 maxlen: 20
2a03:3200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/9-CSr_r5tUhOAJmap_HO8ax7QJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/9-CSr_r5tUhOAJmap_HO8ax7QJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9-CSr_r5tUhOAJmap_HO8ax7QJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:01:9c:2c:49:d5:79:72:94:97:1d:be:01:d7:ce:97:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e092affaf9b5484e00999aa7f1cef1ac7b4093
Validity
Not Before: Aug 31 19:30:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b35b68851499bbffd701c7ed5354626ad151e1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:7d:00:71:0d:cf:eb:48:27:f3:9d:d3:ea:
5d:21:49:12:11:3d:92:48:3c:ec:49:6a:96:eb:e6:
1a:3d:5d:e7:db:2c:7a:6a:ef:06:0f:0d:23:c4:e3:
cc:86:65:95:2a:e0:6b:b6:41:30:e3:b8:8f:dc:fe:
00:5d:19:e8:19:2a:9c:b1:50:aa:0f:a5:48:66:c1:
bc:f1:a8:24:0a:59:68:38:b9:d2:48:cb:a4:a0:2b:
e2:8b:31:63:31:03:15:6b:6f:96:e2:2d:bc:4d:28:
0e:85:3c:cd:ad:c3:71:80:5b:b8:9e:23:2f:5c:6a:
e8:e5:52:39:49:62:ce:15:e1:e0:9a:03:42:2e:fd:
bd:b3:39:84:41:d8:c2:04:ed:a2:79:06:18:e3:90:
0d:31:cb:a5:b6:d4:b2:11:06:da:87:04:d5:b5:76:
77:08:95:05:10:a0:24:bf:e4:ea:3c:01:04:7d:1e:
11:fc:18:95:2f:d7:75:6d:29:20:c6:1b:e4:8a:2e:
bb:d8:29:c7:67:0f:08:1e:14:66:fe:bb:41:cb:7b:
c5:3d:c0:bb:f1:e0:4a:4e:eb:7b:c5:99:41:66:15:
11:cc:da:9b:76:4c:d1:78:2c:36:ae:85:94:85:96:
57:ef:c6:b9:d3:9f:71:07:d6:f2:7b:a7:20:9b:f4:
86:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5B:68:85:14:99:BB:FF:D7:01:C7:ED:53:54:62:6A:D1:51:E1:D4
X509v3 Authority Key Identifier:
keyid:F7:E0:92:AF:FA:F9:B5:48:4E:00:99:9A:A7:F1:CE:F1:AC:7B:40:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-CSr_r5tUhOAJmap_HO8ax7QJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/s1tohRSZu__XAcftU1RiatFR4dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/9-CSr_r5tUhOAJmap_HO8ax7QJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.96.0/19
95.182.32.0/19
185.35.168.0/22
212.46.0.0/19
IPv6:
2a03:3200::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c1:14:69:33:19:59:bf:22:ad:dd:11:d9:21:c7:26:ef:93:
37:d9:c1:ed:8b:59:8d:ad:b7:0d:30:ba:cd:0b:7b:4c:fb:03:
da:92:71:c0:5c:dc:77:e4:1a:2d:ce:80:0f:bb:71:fc:e5:49:
a4:d5:a3:67:e4:4a:4e:c3:9e:be:ea:c5:0f:17:90:7e:19:f4:
7e:ea:fc:02:2e:cb:fd:e0:47:89:95:4d:13:b3:03:aa:a4:b2:
f4:94:81:02:0f:60:d2:9f:63:22:de:13:89:2c:46:6a:35:98:
c2:8a:5d:b7:a9:e3:06:d3:03:3e:37:8c:7e:dd:2e:4c:1e:b8:
a2:36:6e:c5:77:d7:62:f8:85:8e:ad:89:1f:a8:bc:bd:7c:db:
fd:0a:44:11:bb:2f:3c:11:bb:6a:aa:cc:f1:3e:75:25:6e:1a:
44:4d:59:94:fb:18:b9:60:70:5a:e4:01:c9:7e:04:d0:9a:f8:
79:ed:83:40:c5:ae:54:05:80:ef:43:3d:1e:92:f5:e2:06:44:
c9:7a:c7:0f:0f:37:86:56:e4:57:f1:33:e7:3c:20:04:66:60:
91:11:1a:9f:82:24:29:ab:41:f7:e5:2f:33:ee:e9:39:6c:10:
ed:26:ed:b8:26:38:fc:d8:15:2e:cd:4a:d1:29:bd:8d:78:db:
33:b0:2f:d6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZkBnCxJ1XlylJcdvgHXzpexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZTA5MmFmZmFmOWI1NDg0ZTAwOTk5YWE3ZjFjZWYxYWM3
YjQwOTMwHhcNMjUwODMxMTkzMDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzViNjg4NTE0OTliYmZmZDcwMWM3ZWQ1MzU0NjI2YWQxNTFlMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzF9AHENz+tIJ/Od0+pdIUkSET2S
SDzsSWqW6+YaPV3n2yx6au8GDw0jxOPMhmWVKuBrtkEw47iP3P4AXRnoGSqcsVCq
D6VIZsG88agkClloOLnSSMukoCviizFjMQMVa2+W4i28TSgOhTzNrcNxgFu4niMv
XGro5VI5SWLOFeHgmgNCLv29szmEQdjCBO2ieQYY45ANMculttSyEQbahwTVtXZ3
CJUFEKAkv+TqPAEEfR4R/BiVL9d1bSkgxhvkii672CnHZw8IHhRm/rtBy3vFPcC7
8eBKTut7xZlBZhURzNqbdkzReCw2roWUhZZX78a5059xB9bye6cgm/SGAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLNbaIUUmbv/1wHH7VNUYmrRUeHUMB8GA1UdIwQY
MBaAFPfgkq/6+bVITgCZmqfxzvGse0CTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS1DU3JfcjV0VWhPQUptYXBfSE84YXg3UUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lYzkwOTItMWJjMi00YWFkLWFkM2Et
MTBmZjllZTJhOGMyLzEvczF0b2hSU1p1X19YQWNmdFUxUmlhdEZSNGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lYzkwOTItMWJjMi00YWFkLWFkM2EtMTBmZjllZTJhOGMy
LzEvOS1DU3JfcjV0VWhPQUptYXBfSE84YXg3UUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFLiZgAwQF
X7YgAwQCuSOoAwQF1C4AMA0EAgACMAcDBQAqAzIAMA0GCSqGSIb3DQEBCwUAA4IB
AQBswRRpMxlZvyKt3RHZIccm75M32cHti1mNrbcNMLrNC3tM+wPaknHAXNx35Bot
zoAPu3H85Umk1aNn5EpOw56+6sUPF5B+GfR+6vwCLsv94EeJlU0TswOqpLL0lIEC
D2DSn2Mi3hOJLEZqNZjCil23qeMG0wM+N4x+3S5MHriiNm7Fd9di+IWOrYkfqLy9
fNv9CkQRuy88EbtqqszxPnUlbhpETVmU+xi5YHBa5AHJfgTQmvh57YNAxa5UBYDv
Qz0ekvXiBkTJescPDzeGVuRX8TPnPCAEZmCRERqfgiQpq0H35S8z7uk5bBDtJu24
Jjj82BUuzUrRKb2NeNszsC/W
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:35 2025 by rpki-client