Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/1-l2kYHPzzOgxMyPGeYc0XGNjBT4.roa
File: 1-l2kYHPzzOgxMyPGeYc0XGNjBT4.roa (raw, json)
Hash identifier: LNd5PHqRanBJORsf7oSyFeUFPQrcAuT39Hzl/svHnzg=
Subject key identifier: FA:5D:A4:60:73:F3:CC:E8:31:33:23:C6:79:87:34:5C:63:63:05:3E
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 019972FB1D6D6980332271265155FBE2313E
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/1-l2kYHPzzOgxMyPGeYc0XGNjBT4.roa
Signing time: Mon 22 Sep 2025 19:51:23 +0000
ROA not before: Mon 22 Sep 2025 19:51:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
2a03:efc0:5400::/40 maxlen: 40
2a03:efc0:6600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:72:fb:1d:6d:69:80:33:22:71:26:51:55:fb:e2:31:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Sep 22 19:51:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5da46073f3cce8313323c67987345c6363053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:8b:5d:5e:e0:2e:3c:d5:49:25:71:e0:10:
fa:54:97:0f:27:30:ee:1f:f3:aa:1f:1d:9b:85:6c:
a7:15:01:f5:1f:28:2f:83:8c:1c:83:c0:27:08:1d:
f8:2d:d6:eb:e0:9a:71:05:be:49:25:64:7d:9b:90:
1b:64:7f:4a:83:1a:74:78:0c:09:28:3b:f7:05:14:
0d:99:c9:2b:ab:dd:ee:3a:5e:77:7e:d6:63:e8:71:
4e:1a:64:e7:ed:ad:98:9c:1e:10:06:44:67:46:41:
24:00:16:d9:e2:a4:53:9d:54:e7:68:48:28:34:8e:
69:23:ac:11:57:5f:a2:33:11:26:0e:41:c5:6c:83:
b3:7f:43:f2:bb:0f:8b:12:fd:e8:d7:59:14:cc:cf:
c2:70:d7:9d:5b:1e:84:0b:cc:6e:6f:dd:e9:99:64:
b2:37:eb:37:60:04:70:8b:93:80:9a:c5:cd:96:d9:
ba:5a:72:2f:b8:78:38:dc:bd:23:db:18:ea:a8:8e:
bc:7a:5a:4f:a6:fc:8f:16:fa:0e:57:b2:43:7c:08:
78:01:d5:f1:f3:db:a6:68:9f:30:be:af:54:c3:54:
85:5e:95:d4:8d:3f:15:ca:01:77:2c:e5:6a:3e:7f:
83:db:5d:b7:15:4a:00:6d:6e:ed:91:3b:10:c5:56:
6d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5D:A4:60:73:F3:CC:E8:31:33:23:C6:79:87:34:5C:63:63:05:3E
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/1-l2kYHPzzOgxMyPGeYc0XGNjBT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1100::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
2a03:efc0:5400::/40
2a03:efc0:6600::/40
Signature Algorithm: sha256WithRSAEncryption
7c:9d:f9:8c:87:0f:98:21:cf:96:b3:98:d2:1b:45:7d:dc:d6:
1b:df:9b:a1:cf:43:f3:24:15:aa:93:5c:18:ce:3f:b5:e7:78:
c6:5f:12:84:c7:45:c4:c0:0c:2f:b8:12:bf:70:ac:66:3a:45:
f9:ad:45:82:f5:7f:e1:09:5c:a4:17:96:bc:b9:41:50:92:b3:
ea:50:12:4a:2d:c2:09:9f:4e:bf:f6:78:d3:f8:63:38:e8:d5:
53:52:df:7d:b0:eb:63:64:55:5b:f6:0e:fa:5f:6b:c4:9c:cf:
80:20:e4:a3:88:6b:8c:ea:18:0f:51:ba:8c:61:f9:8a:92:da:
24:11:9e:47:d4:b5:a9:c2:ca:b6:f0:9e:b5:68:cd:55:80:c4:
d0:0e:47:12:fd:ba:2f:6d:3b:9a:26:a2:57:0e:3a:65:74:d8:
d5:6c:f7:ed:ee:a5:14:93:4f:89:a6:a4:e1:39:97:04:17:00:
30:a6:fb:12:d8:6d:be:54:44:2d:3f:5e:45:8c:92:5c:b6:a0:
2f:96:5c:9b:b0:e7:23:c2:1d:29:e1:b1:48:17:fb:fe:11:79:
e6:58:fd:db:f2:55:7a:a7:9a:05:71:7e:d9:69:0e:4e:bc:ac:
86:1d:af:c9:7a:8f:3b:ba:7e:58:eb:f6:6f:f1:48:81:21:3b:
cc:49:bc:62
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZly+x1taYAzInEmUVX74jE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjUwOTIyMTk1MTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVkYTQ2MDczZjNjY2U4MzEzMzIzYzY3OTg3MzQ1YzYzNjMwNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6uLXV7gLjzVSSVx4BD6VJcPJzDu
H/OqHx2bhWynFQH1Hygvg4wcg8AnCB34Ldbr4JpxBb5JJWR9m5AbZH9Kgxp0eAwJ
KDv3BRQNmckrq93uOl53ftZj6HFOGmTn7a2YnB4QBkRnRkEkABbZ4qRTnVTnaEgo
NI5pI6wRV1+iMxEmDkHFbIOzf0Pyuw+LEv3o11kUzM/CcNedWx6EC8xub93pmWSy
N+s3YARwi5OAmsXNltm6WnIvuHg43L0j2xjqqI68elpPpvyPFvoOV7JDfAh4AdXx
89umaJ8wvq9Uw1SFXpXUjT8VygF3LOVqPn+D2123FUoAbW7tkTsQxVZt0QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPpdpGBz88zoMTMjxnmHNFxjYwU+MB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvMS1sMmtZSFB6ek9neE15UEdlWWMwWEdOakJUNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2UvOWRlY2FmLTQ3ZWItNDM0OS05ZTg2LTAxYjhiYjZhZDkw
YS8xL2xRTFl1Q2FjYXdmNEZLend4LTF5bXo5TFdZUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwDAQCAAEwBgMEArmT
1DCBjwQCAAIwgYgDBgAqA+/ABQMGACoD78AHAwYAKgPvwAkDBgAqA+/AEQMGACoD
78AVAwYAKgPvwBcDBgAqA+/AIwMGACoD78AlAwYAKgPvwCcDBgAqA+/AKQMGACoD
78AxAwYAKgPvwDMDBgAqA+/ANQMGACoD78A3AwYAKgPvwEEDBgAqA+/AVAMGACoD
78BmMA0GCSqGSIb3DQEBCwUAA4IBAQB8nfmMhw+YIc+Ws5jSG0V93NYb35uhz0Pz
JBWqk1wYzj+153jGXxKEx0XEwAwvuBK/cKxmOkX5rUWC9X/hCVykF5a8uUFQkrPq
UBJKLcIJn06/9njT+GM46NVTUt99sOtjZFVb9g76X2vEnM+AIOSjiGuM6hgPUbqM
YfmKktokEZ5H1LWpwsq28J61aM1VgMTQDkcS/bovbTuaJqJXDjpldNjVbPft7qUU
k0+JpqThOZcEFwAwpvsS2G2+VEQtP15FjJJctqAvllybsOcjwh0p4bFIF/v+EXnm
WP3b8lV6p5oFcX7ZaQ5OvKyGHa/Jeo87un5Y6/Zv8UiBITvMSbxi
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:13 2025 by rpki-client