Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/2qrxmxFhyT-yCENM1h6TmxhPB8o.roa
File: 2qrxmxFhyT-yCENM1h6TmxhPB8o.roa (raw, json)
Hash identifier: 7dE75s8f6pPL61Y94sO2ElyJScDRYTLZvobRATQ5r8k=
Subject key identifier: DA:AA:F1:9B:11:61:C9:3F:B2:08:43:4C:D6:1E:93:9B:18:4F:07:CA
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 0199529DEE4985249390CBDC722AAC32835C
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/2qrxmxFhyT-yCENM1h6TmxhPB8o.roa
Signing time: Tue 16 Sep 2025 13:01:45 +0000
ROA not before: Tue 16 Sep 2025 13:01:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199152
IP address blocks: 91.239.23.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
2a0a:2e80::/32 maxlen: 32
2a0a:2e82::/36 maxlen: 36
2a0a:2e83::/36 maxlen: 36
2a0a:2e84::/36 maxlen: 36
2a0a:2e85::/36 maxlen: 36
2a0a:2e86::/32 maxlen: 32
2a0a:2e86:1000::/36 maxlen: 36
2a0a:2e86:2000::/36 maxlen: 36
2a0a:2e86:3000::/36 maxlen: 36
2a0a:2e86:4000::/36 maxlen: 36
2a0a:2e86:5000::/36 maxlen: 36
2a0a:2e86:6000::/36 maxlen: 36
2a0a:2e86:7000::/36 maxlen: 36
2a0a:2e86:8000::/36 maxlen: 36
2a0a:2e86:9000::/36 maxlen: 36
2a0a:2e86:a000::/36 maxlen: 36
2a0a:2e86:b000::/36 maxlen: 36
2a0a:2e87::/32 maxlen: 32
2a11:7e41::/48 maxlen: 48
2a11:7e41:1::/48 maxlen: 48
2a11:7e41:2::/48 maxlen: 48
2a11:7e41:3::/48 maxlen: 48
2a11:7e42::/36 maxlen: 36
2a11:7e43::/36 maxlen: 36
2a11:7e44::/32 maxlen: 32
2a11:7e45::/32 maxlen: 32
2a11:8480::/32 maxlen: 32
2a11:8482::/36 maxlen: 36
2a11:8483::/36 maxlen: 36
2a11:8484::/32 maxlen: 32
2a11:df41::/32 maxlen: 32
2a11:df42::/36 maxlen: 36
2a11:df43::/36 maxlen: 36
2a11:df44::/32 maxlen: 32
2a11:df45::/32 maxlen: 32
2a11:df46::/32 maxlen: 32
2a11:df47::/32 maxlen: 32
2a12:6700::/32 maxlen: 32
2a12:6703::/36 maxlen: 36
2a12:6704::/36 maxlen: 36
2a12:6705::/32 maxlen: 32
2a12:6706::/32 maxlen: 32
2a12:6707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:9d:ee:49:85:24:93:90:cb:dc:72:2a:ac:32:83:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Sep 16 13:01:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daaaf19b1161c93fb208434cd61e939b184f07ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:4b:c8:4c:1e:d6:cf:7b:d6:65:9e:4e:b8:
33:9d:af:4b:b7:4e:e6:b6:ef:d8:62:a1:95:4e:d4:
67:3f:c4:2e:07:10:0c:87:6d:e9:e8:a8:b4:c2:74:
02:4e:36:ad:8b:19:54:78:b8:c9:b8:e9:a2:17:f6:
4c:15:59:c5:00:09:69:da:cc:6f:db:59:d7:44:fd:
27:cd:65:45:06:63:47:2f:7a:3a:0c:14:4a:76:ee:
3d:c9:6c:bf:6a:62:8a:7a:82:e3:35:5e:e1:56:3d:
5a:c5:86:ed:32:56:b7:3a:19:d3:6e:67:2d:ba:58:
e3:ee:52:9e:0f:1e:2c:46:c3:f7:e3:86:65:af:cb:
27:be:0a:d3:41:4c:63:f2:a4:4e:a3:80:10:2b:d7:
5e:2a:fb:30:3c:ee:e1:ad:ad:de:0d:cd:71:fc:84:
1b:83:b9:57:fc:11:68:7c:d8:ae:2d:0e:8b:5e:16:
4c:a6:ab:94:db:22:c6:4b:78:a4:2f:3c:4c:28:aa:
dc:97:68:21:8e:8e:3a:eb:9e:56:1a:74:e8:7c:7d:
72:59:a0:9a:bc:00:ae:7b:f4:d3:36:c7:74:49:8e:
1f:b0:60:a3:ea:a6:9c:e2:68:e9:ef:9d:54:61:d7:
9c:5c:95:c0:60:fe:07:4c:83:b0:12:65:34:97:92:
dc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AA:F1:9B:11:61:C9:3F:B2:08:43:4C:D6:1E:93:9B:18:4F:07:CA
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/2qrxmxFhyT-yCENM1h6TmxhPB8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.23.0/24
146.19.84.0/24
IPv6:
2a0a:2e80::/32
2a0a:2e82::/36
2a0a:2e83::/36
2a0a:2e84::/36
2a0a:2e85::/36
2a0a:2e86::/31
2a11:7e41::/46
2a11:7e42::/36
2a11:7e43::/36
2a11:7e44::/31
2a11:8480::/32
2a11:8482::/36
2a11:8483::/36
2a11:8484::/32
2a11:df41::-2a11:df42:fff:ffff:ffff:ffff:ffff:ffff
2a11:df43::/36
2a11:df44::/30
2a12:6700::/32
2a12:6703::/36
2a12:6704::/36
2a12:6705::-2a12:6707:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:ad:c8:3d:b8:7c:95:d7:a9:3d:f7:03:3c:31:40:80:eb:82:
fb:c9:24:4c:37:1a:53:03:3f:18:de:55:63:4b:ed:ab:84:f2:
f5:09:20:e7:54:3c:a4:f8:f9:f8:a5:64:53:94:dc:5a:6d:13:
3b:05:cb:c6:c6:0d:a4:0c:20:14:04:69:15:25:30:50:46:06:
ae:4a:40:ea:f3:98:ce:ae:11:65:80:aa:e0:71:49:3b:e6:cd:
7d:e6:35:b6:80:58:a3:0c:98:a0:b0:74:88:82:f6:b1:4c:29:
ce:72:f5:1a:b0:d8:61:14:21:e5:f5:6a:1b:d7:ad:8d:e2:38:
fd:a1:2c:48:40:21:90:cb:ed:55:fb:44:15:75:01:bf:89:8d:
6d:47:b0:6d:f9:3e:ba:3d:51:97:7c:06:1b:e4:e7:47:73:4a:
39:bc:0b:76:07:4f:8c:e2:24:08:33:b0:56:69:8b:80:65:1d:
15:a4:09:2e:6a:15:64:5d:dc:27:9d:e1:c5:c8:43:ec:62:80:
8b:7e:d5:23:68:55:19:e9:b2:32:64:7c:85:81:c9:c8:a9:c4:
e1:71:9a:aa:00:84:1a:91:b4:19:64:4f:10:62:b3:1c:b6:09:
d0:9a:c6:63:f6:cd:c1:6d:31:9b:9d:30:c6:64:27:86:e1:2a:
33:fe:45:1f
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZlSne5JhSSTkMvcciqsMoNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwOTE2MTMwMTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFhZjE5YjExNjFjOTNmYjIwODQzNGNkNjFlOTM5YjE4NGYwN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMpLyEwe1s971mWeTrgzna9Lt07m
tu/YYqGVTtRnP8QuBxAMh23p6Ki0wnQCTjatixlUeLjJuOmiF/ZMFVnFAAlp2sxv
21nXRP0nzWVFBmNHL3o6DBRKdu49yWy/amKKeoLjNV7hVj1axYbtMla3OhnTbmct
uljj7lKeDx4sRsP344Zlr8snvgrTQUxj8qROo4AQK9deKvswPO7hra3eDc1x/IQb
g7lX/BFofNiuLQ6LXhZMpquU2yLGS3ikLzxMKKrcl2ghjo46655WGnTofH1yWaCa
vACue/TTNsd0SY4fsGCj6qac4mjp751UYdecXJXAYP4HTIOwEmU0l5LcGwIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFNqq8ZsRYck/sghDTNYek5sYTwfKMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvMnFyeG14Rmh5VC15Q0VOTTFoNlRteGhQQjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TASBAIAATAMAwQAW+8X
AwQAkhNUMIG6BAIAAjCBswMFACoKLoADBgQqCi6CAAMGBCoKLoMAAwYEKgouhAAD
BgQqCi6FAAMFASoKLoYDBwIqEX5BAAADBgQqEX5CAAMGBCoRfkMAAwUBKhF+RAMF
ACoRhIADBgQqEYSCAAMGBCoRhIMAAwUAKhGEhDAPAwUAKhHfQQMGBCoR30IAAwYE
KhHfQwADBQIqEd9EAwUAKhJnAAMGBCoSZwMAAwYEKhJnBAAwDgMFACoSZwUDBQMq
EmcAMA0GCSqGSIb3DQEBCwUAA4IBAQB3rcg9uHyV16k99wM8MUCA64L7ySRMNxpT
Az8Y3lVjS+2rhPL1CSDnVDyk+Pn4pWRTlNxabRM7BcvGxg2kDCAUBGkVJTBQRgau
SkDq85jOrhFlgKrgcUk75s195jW2gFijDJigsHSIgvaxTCnOcvUasNhhFCHl9Wob
162N4jj9oSxIQCGQy+1V+0QVdQG/iY1tR7Bt+T66PVGXfAYb5OdHc0o5vAt2B0+M
4iQIM7BWaYuAZR0VpAkuahVkXdwnneHFyEPsYoCLftUjaFUZ6bIyZHyFgcnIqcTh
cZqqAIQakbQZZE8QYrMctgnQmsZj9s3BbTGbnTDGZCeG4Soz/kUf
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:27:12 2025 by rpki-client