
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/s2kTMiM7Wtdri570-2tJAJRb6o4.roa
File: s2kTMiM7Wtdri570-2tJAJRb6o4.roa (raw, json)
Hash identifier: WVrE6vFh8+7u0CvGZufbBkg3wClpuzVUmqxIsJvNHmo=
Subject key identifier: B3:69:13:32:23:3B:5A:D7:6B:8B:9E:F4:FB:6B:49:00:94:5B:EA:8E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199C2A445F049E4F2BC2F03E4E6EFE2E1CF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/s2kTMiM7Wtdri570-2tJAJRb6o4.roa
Signing time: Wed 08 Oct 2025 07:06:09 +0000
ROA not before: Wed 08 Oct 2025 07:06:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31732
IP address blocks: 188.209.155.0/24 maxlen: 24
212.90.100.0/22 maxlen: 24
2001:16c0::/29 maxlen: 29
2001:16c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:a4:45:f0:49:e4:f2:bc:2f:03:e4:e6:ef:e2:e1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 8 07:06:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3691332233b5ad76b8b9ef4fb6b4900945bea8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:00:20:35:f0:1e:94:ab:2f:98:39:89:58:
6e:06:db:56:3d:46:ae:da:5a:47:11:91:3c:a4:f7:
5b:c6:6a:b0:92:1e:f5:95:ac:a0:00:ec:4d:8a:b6:
29:66:9e:12:21:52:8e:b8:fc:4e:01:f1:a0:d4:3c:
9c:55:38:6b:aa:7b:74:ec:fe:54:0a:56:76:d9:2d:
8f:46:09:f2:e5:7f:85:cf:30:d3:0b:53:53:f3:1c:
24:fd:83:45:2a:f0:bc:58:21:62:a2:09:e5:6e:8c:
32:e9:46:73:19:1e:e6:c9:59:78:4a:96:2a:0f:6e:
7c:94:f7:24:ed:55:3f:b1:82:b9:79:5d:d1:a0:f4:
4b:69:d5:c1:c9:bc:45:8b:e9:0a:ea:97:6c:15:a4:
ff:82:72:97:12:4b:c4:b7:28:cd:00:ce:56:04:fa:
f4:ba:1b:d7:39:a2:e0:eb:63:81:18:90:7e:a0:04:
19:27:a7:4e:3c:95:e5:45:c5:9e:c2:00:b3:8d:19:
6b:ec:92:c5:08:ff:56:37:7c:cd:b2:a2:b1:14:db:
2c:c7:f4:78:45:64:e1:63:a2:42:ee:3d:2c:35:d6:
20:72:9e:d3:ee:b3:c6:ae:88:99:e3:83:c0:63:ed:
19:b3:3a:fe:1d:57:2b:8f:81:b9:df:9a:a3:93:6b:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:69:13:32:23:3B:5A:D7:6B:8B:9E:F4:FB:6B:49:00:94:5B:EA:8E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/s2kTMiM7Wtdri570-2tJAJRb6o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.155.0/24
212.90.100.0/22
IPv6:
2001:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
c8:89:b5:6e:15:83:3a:d7:d8:bd:83:1b:46:ea:ef:af:e3:bb:
d9:07:d6:1c:69:9f:42:08:4d:78:55:7b:66:e6:6b:55:b9:54:
f2:7e:07:af:e3:21:b4:29:2c:14:03:1a:7a:88:8c:fe:eb:92:
c8:15:40:50:43:3f:ea:61:0b:4d:63:5a:1b:67:3a:bb:08:a1:
d9:59:31:ac:4a:6f:60:f8:ca:c6:a2:ce:a9:b9:28:a9:d9:0c:
93:4d:8c:e3:fd:63:8b:37:05:67:9a:c0:1d:37:b7:42:aa:4e:
dc:ba:8e:fd:4f:6e:dd:07:5d:d3:5f:c6:bb:71:29:a8:17:d5:
30:5c:b1:70:99:d4:a9:93:a9:fc:9d:b6:8d:33:78:7e:da:00:
fa:3c:bf:53:75:c0:df:4a:0f:ef:02:0f:11:37:45:51:d5:bf:
ff:d1:f2:45:b4:0b:df:12:e0:b8:59:40:05:26:74:2d:2d:92:
53:6a:27:53:6b:77:6a:99:4d:d2:4c:2f:c6:45:6f:71:be:3c:
66:2a:54:ff:58:ce:d1:5f:fd:d9:23:8d:77:67:62:0d:1f:22:
2c:8a:4a:90:06:7d:3c:d4:28:49:51:50:cc:de:56:68:a7:aa:
0d:66:49:a9:52:68:6f:01:97:64:83:be:18:7c:1f:4e:ce:76:
74:2f:b9:0c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZnCpEXwSeTyvC8D5Obv4uHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDA4MDcwNjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY5MTMzMjIzM2I1YWQ3NmI4YjllZjRmYjZiNDkwMDk0NWJlYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOgAIDXwHpSrL5g5iVhuBttWPUau
2lpHEZE8pPdbxmqwkh71laygAOxNirYpZp4SIVKOuPxOAfGg1DycVThrqnt07P5U
ClZ22S2PRgny5X+FzzDTC1NT8xwk/YNFKvC8WCFiognlbowy6UZzGR7myVl4SpYq
D258lPck7VU/sYK5eV3RoPRLadXBybxFi+kK6pdsFaT/gnKXEkvEtyjNAM5WBPr0
uhvXOaLg62OBGJB+oAQZJ6dOPJXlRcWewgCzjRlr7JLFCP9WN3zNsqKxFNssx/R4
RWThY6JC7j0sNdYgcp7T7rPGroiZ44PAY+0Zszr+HVcrj4G535qjk2vdDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLNpEzIjO1rXa4ue9PtrSQCUW+qOMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvczJrVE1pTTdXdGRyaTU3MC0ydEpBSlJiNm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvNGbAwQC
1FpkMA0EAgACMAcDBQMgARbAMA0GCSqGSIb3DQEBCwUAA4IBAQDIibVuFYM619i9
gxtG6u+v47vZB9YcaZ9CCE14VXtm5mtVuVTyfgev4yG0KSwUAxp6iIz+65LIFUBQ
Qz/qYQtNY1obZzq7CKHZWTGsSm9g+MrGos6puSip2QyTTYzj/WOLNwVnmsAdN7dC
qk7cuo79T27dB13TX8a7cSmoF9UwXLFwmdSpk6n8nbaNM3h+2gD6PL9TdcDfSg/v
Ag8RN0VR1b//0fJFtAvfEuC4WUAFJnQtLZJTaidTa3dqmU3STC/GRW9xvjxmKlT/
WM7RX/3ZI413Z2INHyIsikqQBn081ChJUVDM3lZop6oNZkmpUmhvAZdkg74YfB9O
znZ0L7kM
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:21 2025 by rpki-client