Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/R-2EUht1MZT2vSRQIg2K5xtL6XA.roa
File: R-2EUht1MZT2vSRQIg2K5xtL6XA.roa (raw, json)
Hash identifier: MfRYL6Yg+Lw0VNLBgt+qTUomESKAUsKuRF6e7JHJD14=
Subject key identifier: 47:ED:84:52:1B:75:31:94:F6:BD:24:50:22:0D:8A:E7:1B:4B:E9:70
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 019995A99472A0FC70FF6C52CFF26187AABD
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/R-2EUht1MZT2vSRQIg2K5xtL6XA.roa
Signing time: Mon 29 Sep 2025 13:29:02 +0000
ROA not before: Mon 29 Sep 2025 13:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208172
IP address blocks: 81.27.86.0/24 maxlen: 24
159.26.96.0/24 maxlen: 24
159.26.97.0/24 maxlen: 24
159.26.98.0/24 maxlen: 24
159.26.99.0/24 maxlen: 24
159.26.100.0/24 maxlen: 24
159.26.101.0/24 maxlen: 24
159.26.102.0/24 maxlen: 24
159.26.103.0/24 maxlen: 24
159.26.104.0/24 maxlen: 24
159.26.105.0/24 maxlen: 24
159.26.106.0/24 maxlen: 24
159.26.107.0/24 maxlen: 24
159.26.108.0/24 maxlen: 24
159.26.109.0/24 maxlen: 24
159.26.110.0/24 maxlen: 24
159.26.111.0/24 maxlen: 24
159.26.112.0/24 maxlen: 24
159.26.113.0/24 maxlen: 24
159.26.114.0/24 maxlen: 24
159.26.115.0/24 maxlen: 24
159.26.116.0/24 maxlen: 24
159.26.117.0/24 maxlen: 24
159.26.118.0/24 maxlen: 24
159.26.119.0/24 maxlen: 24
159.26.120.0/24 maxlen: 24
159.26.121.0/24 maxlen: 24
159.26.122.0/24 maxlen: 24
159.26.123.0/24 maxlen: 24
159.26.124.0/24 maxlen: 24
159.26.125.0/24 maxlen: 24
159.26.126.0/24 maxlen: 24
159.26.127.0/24 maxlen: 24
205.147.16.0/24 maxlen: 24
205.147.17.0/24 maxlen: 24
205.147.18.0/24 maxlen: 24
205.147.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft
rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:a9:94:72:a0:fc:70:ff:6c:52:cf:f2:61:87:aa:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: Sep 29 13:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47ed84521b753194f6bd2450220d8ae71b4be970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:30:04:06:42:f8:4a:c1:d9:14:db:c1:f4:b1:
48:7d:75:3d:fd:a4:74:59:6f:85:d0:72:6e:35:26:
41:99:9e:6e:fe:67:23:20:dc:11:6d:ce:35:c2:ba:
7f:6d:bf:1f:d8:d5:28:cc:80:94:95:fe:ed:19:6f:
3e:a3:ad:e4:68:e5:92:1c:54:49:35:f4:41:1e:68:
83:3e:02:be:9e:fe:62:ee:f3:6a:24:1f:59:4c:0c:
13:51:53:48:7d:84:a3:1d:78:4a:4e:ef:1d:33:c4:
5b:54:1b:3d:5b:98:1d:24:1e:8a:5b:2f:68:99:13:
0b:fa:be:eb:34:b0:47:f3:5f:ec:c9:e8:7e:63:6d:
bf:42:61:bd:69:cc:43:b2:78:0e:95:bd:26:a7:d5:
90:29:75:76:60:f1:43:ed:76:a9:a3:ab:01:88:c5:
11:43:1d:ac:d7:fa:4d:38:1c:a9:a0:23:88:88:a2:
b7:aa:c1:6b:e0:90:68:c1:4f:b9:ce:6e:21:82:ef:
7a:20:1b:69:76:68:5f:22:28:bf:1f:c5:a0:b7:01:
01:26:f5:e8:42:48:86:60:2e:a3:11:ec:9e:f7:74:
7a:e4:6e:ea:cf:f5:32:1e:08:9a:c0:a1:c3:5d:25:
d7:2e:d0:00:23:a1:74:5b:f2:0c:6e:62:1c:ea:eb:
1b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:ED:84:52:1B:75:31:94:F6:BD:24:50:22:0D:8A:E7:1B:4B:E9:70
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/R-2EUht1MZT2vSRQIg2K5xtL6XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.27.86.0/24
159.26.96.0/19
205.147.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:55:8b:6b:3c:c3:53:e0:06:32:70:00:17:a6:ca:46:64:7e:
be:8e:58:74:f9:d4:98:d8:05:c1:61:0d:19:12:4b:d0:59:e8:
40:ea:01:47:96:4c:b5:d9:28:48:b4:a3:28:03:2b:22:a8:08:
4c:ac:60:a1:73:e8:41:e0:e1:41:3a:4b:17:a6:46:d3:03:15:
54:98:37:aa:c3:54:44:ca:ca:51:bb:8c:dd:37:73:95:21:fc:
fb:43:3c:45:c0:c4:18:14:76:aa:ce:8b:17:17:f8:bb:b6:12:
ee:92:84:e8:07:82:96:6e:63:66:54:ba:27:44:01:df:67:c0:
51:68:a8:9d:dc:40:27:d0:1d:7b:bd:b0:7a:d5:b8:9e:ca:87:
7e:66:c2:ad:71:c9:56:73:51:53:7a:2d:f6:a7:0f:23:1c:d6:
da:29:54:32:92:e5:3e:ce:6a:19:ae:c7:b1:d1:ca:d8:97:e4:
d2:7a:2a:90:2f:fb:90:cf:4b:d2:37:3f:6d:69:f6:51:58:5d:
c7:56:14:52:83:9d:38:53:81:5e:95:32:ec:b2:59:59:66:8f:
2f:a7:d1:c5:eb:0d:c1:98:93:fa:d2:33:f7:b7:57:0f:23:e4:
5b:51:65:86:0a:42:0c:f7:85:d6:a0:c4:27:54:de:bc:54:41:
22:cb:8b:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmVqZRyoPxw/2xSz/Jhh6q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjUwOTI5MTMyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2VkODQ1MjFiNzUzMTk0ZjZiZDI0NTAyMjBkOGFlNzFiNGJlOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTAEBkL4SsHZFNvB9LFIfXU9/aR0
WW+F0HJuNSZBmZ5u/mcjINwRbc41wrp/bb8f2NUozICUlf7tGW8+o63kaOWSHFRJ
NfRBHmiDPgK+nv5i7vNqJB9ZTAwTUVNIfYSjHXhKTu8dM8RbVBs9W5gdJB6KWy9o
mRML+r7rNLBH81/syeh+Y22/QmG9acxDsngOlb0mp9WQKXV2YPFD7Xapo6sBiMUR
Qx2s1/pNOBypoCOIiKK3qsFr4JBowU+5zm4hgu96IBtpdmhfIii/H8WgtwEBJvXo
QkiGYC6jEeye93R65G7qz/UyHgiawKHDXSXXLtAAI6F0W/IMbmIc6usbTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfthFIbdTGU9r0kUCINiucbS+lwMB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvUi0yRVVodDFNWlQydlNSUUlnMks1eHRMNlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURtWAwQF
nxpgAwQCzZMQMA0GCSqGSIb3DQEBCwUAA4IBAQANVYtrPMNT4AYycAAXpspGZH6+
jlh0+dSY2AXBYQ0ZEkvQWehA6gFHlky12ShItKMoAysiqAhMrGChc+hB4OFBOksX
pkbTAxVUmDeqw1REyspRu4zdN3OVIfz7QzxFwMQYFHaqzosXF/i7thLukoToB4KW
bmNmVLonRAHfZ8BRaKid3EAn0B17vbB61bieyod+ZsKtcclWc1FTei32pw8jHNba
KVQykuU+zmoZrsex0crYl+TSeiqQL/uQz0vSNz9tafZRWF3HVhRSg504U4FelTLs
sllZZo8vp9HF6w3BmJP60jP3t1cPI+RbUWWGCkIM94XWoMQnVN68VEEiy4uo
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:57 2025 by rpki-client