
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izCpFo4CWb69uwm1dLOVZkhDEOY.roa
File: izCpFo4CWb69uwm1dLOVZkhDEOY.roa (raw, json)
Hash identifier: CP3hv66fB1ICf0JmvROxHKSLTXS8CrF7FPdoFfZ8Xnk=
Subject key identifier: 8B:30:A9:16:8E:02:59:BE:BD:BB:09:B5:74:B3:95:66:48:43:10:E6
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199C1376A351D27EEB6069F872E5B8A2AC3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izCpFo4CWb69uwm1dLOVZkhDEOY.roa
Signing time: Wed 08 Oct 2025 00:27:38 +0000
ROA not before: Wed 08 Oct 2025 00:27:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62048
IP address blocks: 45.86.87.0/24 maxlen: 24
188.253.1.0/24 maxlen: 24
188.253.2.0/24 maxlen: 24
188.253.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c1:37:6a:35:1d:27:ee:b6:06:9f:87:2e:5b:8a:2a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 8 00:27:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b30a9168e0259bebdbb09b574b39566484310e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:14:8f:c8:16:ca:cf:13:87:1f:fa:8c:35:
21:9f:c8:fe:23:ff:a6:af:73:6e:46:5a:0f:3d:a8:
fc:09:bd:93:95:de:19:bb:56:ec:cc:64:c8:37:e1:
0a:49:25:f4:1a:2c:a5:f4:b3:15:e5:c8:81:b2:af:
3a:b1:11:dc:c6:d2:56:b7:76:39:ad:d7:4a:7f:42:
76:49:dc:1b:e2:83:09:87:76:27:fd:d3:7f:04:51:
da:44:97:11:58:ae:0a:69:e7:4b:87:66:08:8b:5c:
02:fe:76:4d:55:d6:7e:82:9c:f8:91:7d:a2:3a:cf:
76:b5:e2:fe:4e:70:e4:15:62:ed:37:a7:3e:44:a3:
d8:8d:31:eb:1c:b5:5d:53:2a:a1:c3:94:74:a8:87:
d1:1b:ce:c4:4a:a0:d7:c4:a0:dc:18:75:15:71:f4:
71:ad:0b:5d:20:d2:1c:b6:8f:10:02:30:bf:d2:28:
a4:b1:4a:35:23:85:33:a9:79:85:27:28:08:35:4e:
53:da:73:0e:70:e6:5d:19:2f:e4:95:07:52:a1:0b:
aa:65:d0:c9:ba:3d:d4:38:94:b9:ca:c3:56:7f:3f:
52:8e:12:5c:ab:ed:b0:64:9c:6f:24:12:66:9b:6f:
b7:3f:c1:ab:cb:09:64:a2:45:f3:8a:8b:1a:c8:b4:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:30:A9:16:8E:02:59:BE:BD:BB:09:B5:74:B3:95:66:48:43:10:E6
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/izCpFo4CWb69uwm1dLOVZkhDEOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.87.0/24
188.253.1.0-188.253.3.255
Signature Algorithm: sha256WithRSAEncryption
08:d4:89:04:06:df:cc:7a:b2:bf:91:77:48:78:bd:dc:cd:f0:
a6:e5:a2:9e:6f:ff:05:28:73:0b:3d:7a:8e:f9:fa:f0:c0:5a:
df:62:96:fe:42:35:18:92:62:2e:d8:3a:d5:32:b1:58:2f:6f:
01:5a:03:28:44:9d:59:da:6d:7b:53:ce:f4:2b:9a:f7:8b:14:
b6:fb:b7:e2:90:bc:09:4c:18:cd:d8:16:28:99:f2:97:39:b4:
d4:be:e8:a9:b0:6f:59:2e:a1:54:bb:69:e1:7b:d7:67:6f:48:
b9:19:42:0d:73:a5:9e:c1:b4:4d:5e:61:ba:10:28:90:75:4a:
8c:bb:98:6f:d5:00:b8:c9:15:41:1c:f5:85:79:32:38:60:0e:
5b:4f:03:34:1c:4c:a9:07:73:96:df:d1:ae:b8:f5:3e:8c:78:
b3:9c:dd:52:72:e4:f6:30:f8:d8:3e:45:65:e3:e6:b1:84:48:
3d:63:93:15:8a:f3:42:e1:52:c7:de:0d:19:db:80:97:cf:10:
f4:ef:3a:c2:fd:f2:75:ff:ac:de:41:af:a7:c5:c1:6d:bf:a6:
d3:f9:ff:ff:d2:43:16:22:f0:1d:1d:d2:da:f2:3a:a7:dc:79:
e1:a4:28:45:57:d8:13:79:92:07:f8:96:34:f9:86:cf:ea:60:
b7:15:b5:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZnBN2o1HSfutgafhy5biirDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDA4MDAyNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMwYTkxNjhlMDI1OWJlYmRiYjA5YjU3NGIzOTU2NjQ4NDMxMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx0Uj8gWys8Thx/6jDUhn8j+I/+m
r3NuRloPPaj8Cb2Tld4Zu1bszGTIN+EKSSX0Giyl9LMV5ciBsq86sRHcxtJWt3Y5
rddKf0J2Sdwb4oMJh3Yn/dN/BFHaRJcRWK4KaedLh2YIi1wC/nZNVdZ+gpz4kX2i
Os92teL+TnDkFWLtN6c+RKPYjTHrHLVdUyqhw5R0qIfRG87ESqDXxKDcGHUVcfRx
rQtdINIcto8QAjC/0iiksUo1I4UzqXmFJygINU5T2nMOcOZdGS/klQdSoQuqZdDJ
uj3UOJS5ysNWfz9SjhJcq+2wZJxvJBJmm2+3P8GrywlkokXziosayLRePwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIswqRaOAlm+vbsJtXSzlWZIQxDmMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaXpDcEZvNENXYjY5dXdtMWRMT1Zaa2hERU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALVZXMAwD
BAC8/QEDBAK8/QAwDQYJKoZIhvcNAQELBQADggEBAAjUiQQG38x6sr+Rd0h4vdzN
8Kblop5v/wUocws9eo75+vDAWt9ilv5CNRiSYi7YOtUysVgvbwFaAyhEnVnabXtT
zvQrmveLFLb7t+KQvAlMGM3YFiiZ8pc5tNS+6Kmwb1kuoVS7aeF712dvSLkZQg1z
pZ7BtE1eYboQKJB1Soy7mG/VALjJFUEc9YV5MjhgDltPAzQcTKkHc5bf0a649T6M
eLOc3VJy5PYw+Ng+RWXj5rGESD1jkxWK80LhUsfeDRnbgJfPEPTvOsL98nX/rN5B
r6fFwW2/ptP5///SQxYi8B0d0tryOqfceeGkKEVX2BN5kgf4ljT5hs/qYLcVtZY=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:15 2025 by rpki-client