Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/R78hXt59LE7w0KcWm8CyRlL8ojA.roa
File: R78hXt59LE7w0KcWm8CyRlL8ojA.roa (raw, json)
Hash identifier: cdB5HrXSEQbNHbInJcgn28JFjatfOEw4A//fIUnff/A=
Subject key identifier: 47:BF:21:5E:DE:7D:2C:4E:F0:D0:A7:16:9B:C0:B2:46:52:FC:A2:30
Certificate issuer: /CN=0bfa7348d6c1d7186328328720730f684fa20edc
Certificate serial: 0199BE92D62BE496CA211EE366CE365354E5
Authority key identifier: 0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/R78hXt59LE7w0KcWm8CyRlL8ojA.roa
Signing time: Tue 07 Oct 2025 12:08:37 +0000
ROA not before: Tue 07 Oct 2025 12:08:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13208
IP address blocks: 81.20.176.0/20 maxlen: 24
185.57.212.0/22 maxlen: 22
213.133.195.0/24 maxlen: 24
213.133.197.0/24 maxlen: 24
213.133.199.0/24 maxlen: 24
213.133.208.0/22 maxlen: 22
213.133.214.0/24 maxlen: 24
213.133.216.0/24 maxlen: 24
213.133.217.0/24 maxlen: 24
213.133.218.0/24 maxlen: 24
213.133.219.0/24 maxlen: 24
213.133.220.0/24 maxlen: 24
213.133.221.0/24 maxlen: 24
213.133.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.mft
rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:92:d6:2b:e4:96:ca:21:1e:e3:66:ce:36:53:54:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfa7348d6c1d7186328328720730f684fa20edc
Validity
Not Before: Oct 7 12:08:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47bf215ede7d2c4ef0d0a7169bc0b24652fca230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:ee:af:7f:26:ac:5f:5f:7f:d7:f0:bd:b4:
7f:32:0b:2e:9d:c5:91:59:d1:27:7e:70:51:ae:30:
0a:bf:af:11:71:bd:34:b8:33:c6:e4:11:4c:b2:0b:
be:6c:e7:af:3c:9b:c9:64:51:dd:03:85:87:a6:4c:
8f:c1:aa:e0:f8:38:b6:23:36:41:ec:af:fc:c5:ee:
be:98:69:14:58:9a:06:ef:87:c1:3f:cf:bf:a8:a7:
be:d0:de:3e:3e:6a:ed:ed:45:7a:1f:04:6b:71:3a:
15:d2:5f:4f:61:5f:22:f0:96:a7:25:50:52:d5:ad:
1c:2a:f9:24:50:f5:a8:46:c6:1c:28:db:a5:59:c3:
ef:a7:6d:c5:5e:4b:c6:90:9a:77:ad:b1:2b:90:de:
11:e0:bc:4e:f9:de:52:f3:f1:d4:c7:78:b4:91:09:
08:20:72:1d:07:f7:97:68:f8:a9:25:92:b0:2e:56:
16:4e:87:b7:cf:66:fa:20:34:37:0a:14:fb:91:7e:
ed:bf:a1:c0:3b:65:d6:7e:9c:5a:63:7e:6e:61:82:
a8:00:f6:88:58:a4:cb:8b:9f:4b:d5:d1:43:17:05:
a2:45:5e:14:4c:c9:dd:53:b3:9b:ef:60:25:5f:f5:
4e:a9:0f:c6:29:f4:e9:c0:71:4a:e6:97:22:00:4b:
41:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:BF:21:5E:DE:7D:2C:4E:F0:D0:A7:16:9B:C0:B2:46:52:FC:A2:30
X509v3 Authority Key Identifier:
keyid:0B:FA:73:48:D6:C1:D7:18:63:28:32:87:20:73:0F:68:4F:A2:0E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_pzSNbB1xhjKDKHIHMPaE-iDtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/R78hXt59LE7w0KcWm8CyRlL8ojA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1e2a0e-9514-4d70-903d-85706645e734/1/C_pzSNbB1xhjKDKHIHMPaE-iDtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.176.0/20
185.57.212.0/22
213.133.195.0/24
213.133.197.0/24
213.133.199.0/24
213.133.208.0/22
213.133.214.0/24
213.133.216.0-213.133.221.255
213.133.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:6c:aa:03:01:55:9f:39:81:5d:1e:ea:48:5b:08:fa:fc:7c:
ca:a2:5d:04:81:ad:72:1c:bd:ff:de:93:2d:ae:fc:30:6b:00:
99:bd:51:81:b0:9f:82:4f:1f:2e:b2:ab:46:db:88:61:6a:62:
ea:30:6b:ac:95:59:32:22:b0:42:ee:75:1b:ed:f2:85:72:18:
44:39:85:6d:c2:de:bb:2b:dc:75:d6:3c:65:97:a3:85:18:b7:
d8:a8:96:7d:78:d6:c4:70:89:a1:af:b6:f2:2d:4b:55:7d:96:
4f:31:48:9e:80:bb:63:56:d2:eb:48:61:ac:80:0e:69:e9:5e:
3a:9a:ed:ad:4f:77:47:82:1c:57:bd:b9:b4:75:e7:47:d3:cb:
32:5b:1e:0d:e8:2c:d8:92:9d:c1:05:e7:e6:4b:66:79:b3:48:
54:d3:91:dc:bf:55:c8:2c:ec:f2:63:4e:20:c8:e5:e7:59:0c:
b3:3d:98:97:74:a5:d7:86:e8:6d:e7:92:ab:82:21:be:d1:04:
ae:9e:8d:5f:4f:7c:b6:10:26:e8:1a:74:68:72:a1:47:e7:40:
7a:01:96:1f:48:70:8f:bb:fd:b6:de:bd:5d:bb:c7:46:bb:12:
3c:b0:c2:3b:36:3e:bb:96:e7:45:a3:a6:67:f9:9b:a8:2c:4a:
d3:40:3d:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZm+ktYr5JbKIR7jZs42U1TlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmE3MzQ4ZDZjMWQ3MTg2MzI4MzI4NzIwNzMwZjY4NGZh
MjBlZGMwHhcNMjUxMDA3MTIwODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2JmMjE1ZWRlN2QyYzRlZjBkMGE3MTY5YmMwYjI0NjUyZmNhMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEjur38mrF9ff9fwvbR/MgsuncWR
WdEnfnBRrjAKv68Rcb00uDPG5BFMsgu+bOevPJvJZFHdA4WHpkyPwarg+Di2IzZB
7K/8xe6+mGkUWJoG74fBP8+/qKe+0N4+Pmrt7UV6HwRrcToV0l9PYV8i8JanJVBS
1a0cKvkkUPWoRsYcKNulWcPvp23FXkvGkJp3rbErkN4R4LxO+d5S8/HUx3i0kQkI
IHIdB/eXaPipJZKwLlYWToe3z2b6IDQ3ChT7kX7tv6HAO2XWfpxaY35uYYKoAPaI
WKTLi59L1dFDFwWiRV4UTMndU7Ob72AlX/VOqQ/GKfTpwHFK5pciAEtB/QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEe/IV7efSxO8NCnFpvAskZS/KIwMB8GA1UdIwQY
MBaAFAv6c0jWwdcYYygyhyBzD2hPog7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2Qt
ODU3MDY2NDVlNzM0LzEvUjc4aFh0NTlMRTd3MEtjV204Q3lSbEw4b2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xZTJhMGUtOTUxNC00ZDcwLTkwM2QtODU3MDY2NDVlNzM0
LzEvQ19welNOYkIxeGhqS0RLSElITVBhRS1pRHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQEURSwAwQC
uTnUAwQA1YXDAwQA1YXFAwQA1YXHAwQC1YXQAwQA1YXWMAwDBAPVhdgDBAHVhdwD
BADVhd8wDQYJKoZIhvcNAQELBQADggEBAA9sqgMBVZ85gV0e6khbCPr8fMqiXQSB
rXIcvf/eky2u/DBrAJm9UYGwn4JPHy6yq0bbiGFqYuowa6yVWTIisELudRvt8oVy
GEQ5hW3C3rsr3HXWPGWXo4UYt9ioln141sRwiaGvtvItS1V9lk8xSJ6Au2NW0utI
YayADmnpXjqa7a1Pd0eCHFe9ubR150fTyzJbHg3oLNiSncEF5+ZLZnmzSFTTkdy/
Vcgs7PJjTiDI5edZDLM9mJd0pdeG6G3nkquCIb7RBK6ejV9PfLYQJugadGhyoUfn
QHoBlh9IcI+7/bbevV27x0a7Ejywwjs2PruW50Wjpmf5m6gsStNAPYw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:21 2025 by rpki-client