Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/SnSqzG1_a1b3JqrDvJpsPusULh8.roa
File: SnSqzG1_a1b3JqrDvJpsPusULh8.roa (raw, json)
Hash identifier: CmTfdDiNqML57MVpE16u0zA0b4fBUsNL/e5yDLkAUo8=
Subject key identifier: 4A:74:AA:CC:6D:7F:6B:56:F7:26:AA:C3:BC:9A:6C:3E:EB:14:2E:1F
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 019897ED3FD3F25DC4B7D0F3E27C648DA50E
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/SnSqzG1_a1b3JqrDvJpsPusULh8.roa
Signing time: Mon 11 Aug 2025 06:59:24 +0000
ROA not before: Mon 11 Aug 2025 06:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58172
IP address blocks: 85.116.176.0/23 maxlen: 23
85.116.178.0/24 maxlen: 24
85.116.179.0/24 maxlen: 24
85.116.180.0/24 maxlen: 24
85.116.181.0/24 maxlen: 24
85.116.183.0/24 maxlen: 24
85.116.184.0/24 maxlen: 24
85.116.185.0/24 maxlen: 24
85.116.186.0/23 maxlen: 23
85.116.188.0/23 maxlen: 23
85.116.190.0/24 maxlen: 24
85.116.191.0/24 maxlen: 24
91.132.148.0/24 maxlen: 24
91.132.149.0/24 maxlen: 24
91.132.150.0/24 maxlen: 24
91.132.151.0/24 maxlen: 24
91.239.101.0/24 maxlen: 24
128.127.96.0/24 maxlen: 24
128.127.97.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:ed:3f:d3:f2:5d:c4:b7:d0:f3:e2:7c:64:8d:a5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Aug 11 06:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a74aacc6d7f6b56f726aac3bc9a6c3eeb142e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a6:13:53:cd:7c:78:45:1e:b9:c6:52:43:c5:
3d:08:8d:0b:02:5d:6c:fb:43:c5:ef:ae:97:68:7d:
a0:1d:fa:1e:3a:b0:ff:6e:24:b9:e0:75:cc:2c:f6:
69:57:5d:35:51:84:9c:e0:23:e8:89:2f:ba:9f:96:
a8:13:42:21:30:89:0d:2f:73:f7:cd:4a:fc:5c:7b:
1a:43:96:66:0a:b6:04:1c:53:5d:b2:c7:9a:d7:bd:
5f:38:3f:80:77:3f:48:a5:2d:a0:24:b0:f0:39:46:
f9:ad:90:0d:46:7d:c4:87:79:b0:9e:c5:8b:c9:4f:
8c:b5:f7:2e:e5:2b:23:4e:4b:16:4f:fb:cc:68:43:
fc:f7:45:d3:c9:30:5c:49:74:94:3a:58:3d:f9:2f:
04:aa:37:ba:b0:2f:23:ce:4f:f5:4e:66:29:8e:83:
0d:b4:3b:7f:ec:fc:16:1f:5e:dd:17:bf:98:dd:0e:
55:66:d5:ae:5c:66:b2:8d:cd:41:90:25:49:70:fd:
4b:c5:0c:5f:f0:7c:15:0b:cb:b0:8e:97:87:4c:df:
ac:65:1d:cc:16:48:a5:e7:4b:da:87:d5:6a:41:f0:
b4:67:fb:9a:9a:e5:f2:ae:d1:5c:b9:8a:06:31:9d:
4c:b5:88:80:ef:3c:aa:fb:9e:2a:cc:83:e7:6b:d3:
ad:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:74:AA:CC:6D:7F:6B:56:F7:26:AA:C3:BC:9A:6C:3E:EB:14:2E:1F
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/SnSqzG1_a1b3JqrDvJpsPusULh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.176.0-85.116.181.255
85.116.183.0-85.116.191.255
91.132.148.0/22
91.239.101.0/24
128.127.96.0/21
178.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
02:3f:f5:ef:f3:95:bb:25:28:d3:9b:2e:07:4b:bb:1d:30:df:
8e:82:be:ec:98:72:da:39:35:97:65:a6:6e:88:e4:14:52:d6:
3c:b3:0f:8a:10:21:0a:2d:7f:74:e5:69:02:42:50:f5:fd:4b:
3a:09:99:32:ae:89:03:20:01:2e:63:8d:88:6f:56:e3:ad:f1:
c3:ad:04:c3:be:01:fb:39:a6:18:2d:91:27:7e:dd:e6:1f:69:
f3:df:98:b8:39:9b:ae:40:95:df:cc:79:e7:bc:31:af:f7:1c:
1d:42:f5:d2:22:d0:aa:8f:2e:6e:29:d9:46:ef:c7:2d:a5:17:
4e:66:33:67:3b:fc:77:71:15:e0:d6:37:6c:b9:c3:ab:81:9d:
fa:be:3b:5c:62:7a:25:c7:aa:48:63:93:93:5e:7a:f4:3b:38:
50:17:e7:37:59:12:2d:28:53:67:1e:9f:18:a5:1f:79:18:c4:
37:33:58:e9:72:83:f9:8c:98:a7:a2:72:bb:9c:4a:ca:e5:78:
53:90:b4:42:92:70:79:06:4e:33:f0:ab:52:95:96:47:16:27:
e0:7c:c7:b2:21:19:b3:88:4d:90:f0:92:0e:21:74:6c:b0:a9:
0b:25:91:21:f0:61:b7:0c:05:bb:59:11:a5:6d:ce:08:bc:ab:
fa:8d:86:f6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZiX7T/T8l3Et9Dz4nxkjaUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwODExMDY1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTc0YWFjYzZkN2Y2YjU2ZjcyNmFhYzNiYzlhNmMzZWViMTQyZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaYTU818eEUeucZSQ8U9CI0LAl1s
+0PF766XaH2gHfoeOrD/biS54HXMLPZpV101UYSc4CPoiS+6n5aoE0IhMIkNL3P3
zUr8XHsaQ5ZmCrYEHFNdssea171fOD+Adz9IpS2gJLDwOUb5rZANRn3Eh3mwnsWL
yU+Mtfcu5SsjTksWT/vMaEP890XTyTBcSXSUOlg9+S8Eqje6sC8jzk/1TmYpjoMN
tDt/7PwWH17dF7+Y3Q5VZtWuXGayjc1BkCVJcP1LxQxf8HwVC8uwjpeHTN+sZR3M
Fkil50vah9VqQfC0Z/uamuXyrtFcuYoGMZ1MtYiA7zyq+54qzIPna9OtvQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEp0qsxtf2tW9yaqw7yabD7rFC4fMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvU25TcXpHMV9hMWIzSnFyRHZKcHNQdXNVTGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBARVdLAD
BAFVdLQwDAMEAFV0twMEBlV0gAMEAluElAMEAFvvZQMEA4B/YAMEA7IUsDANBgkq
hkiG9w0BAQsFAAOCAQEAAj/17/OVuyUo05suB0u7HTDfjoK+7Jhy2jk1l2Wmbojk
FFLWPLMPihAhCi1/dOVpAkJQ9f1LOgmZMq6JAyABLmONiG9W463xw60Ew74B+zmm
GC2RJ37d5h9p89+YuDmbrkCV38x557wxr/ccHUL10iLQqo8ubinZRu/HLaUXTmYz
Zzv8d3EV4NY3bLnDq4Gd+r47XGJ6JceqSGOTk1569Ds4UBfnN1kSLShTZx6fGKUf
eRjENzNY6XKD+YyYp6Jyu5xKyuV4U5C0QpJweQZOM/CrUpWWRxYn4HzHsiEZs4hN
kPCSDiF0bLCpCyWRIfBhtwwFu1kRpW3OCLyr+o2G9g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:17:25 2025 by rpki-client