Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/i1C2_03VF6U3TLTnhfWa-hdk8nE.roa
File: i1C2_03VF6U3TLTnhfWa-hdk8nE.roa (raw, json)
Hash identifier: 4u0sP/VUO27djDGleUL6lxDzjUMPiLw8ur/+xoa5LIs=
Subject key identifier: 8B:50:B6:FF:4D:D5:17:A5:37:4C:B4:E7:85:F5:9A:FA:17:64:F2:71
Certificate issuer: /CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Certificate serial: 019973BA75709582BED944BB96C35C0A4CF3
Authority key identifier: E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/i1C2_03VF6U3TLTnhfWa-hdk8nE.roa
Signing time: Mon 22 Sep 2025 23:20:23 +0000
ROA not before: Mon 22 Sep 2025 23:20:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34941
IP address blocks: 85.118.200.0/21 maxlen: 21
185.112.136.0/23 maxlen: 23
185.112.138.0/24 maxlen: 24
185.112.139.0/24 maxlen: 24
2a06:6180::/29 maxlen: 29
2a06:6180::/40 maxlen: 40
2a06:6180:4000::/40 maxlen: 40
2a06:6180:8000::/40 maxlen: 40
2a06:6187::/35 maxlen: 35
2a06:6187:4000::/35 maxlen: 35
2a06:6187:8000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:73:ba:75:70:95:82:be:d9:44:bb:96:c3:5c:0a:4c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Validity
Not Before: Sep 22 23:20:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b50b6ff4dd517a5374cb4e785f59afa1764f271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:64:a8:c6:04:50:00:67:7b:3d:7d:7e:aa:54:
ee:97:1e:de:a4:50:4c:af:53:ad:31:83:07:d5:64:
45:c6:6a:a5:71:7c:e3:a2:31:a1:47:fc:cc:a0:37:
dc:45:d9:6b:16:10:d5:a4:bd:75:2e:63:72:69:a6:
72:84:ef:4a:77:fb:35:23:bb:72:75:ad:84:f8:11:
37:a4:41:1d:f3:cb:1a:87:36:43:e1:8d:dc:a6:fd:
ec:04:c3:85:1e:16:24:4a:f8:d7:5d:b4:86:ba:0b:
bd:b1:6f:5a:ac:f9:48:df:86:20:0a:1e:00:b8:80:
f1:c8:5b:5d:fd:c0:68:0f:6f:d5:73:af:9c:1f:ea:
69:92:dd:55:b1:72:d1:1c:40:28:32:88:7c:d6:92:
f2:e8:1e:a2:cc:6e:62:cd:55:27:df:25:82:83:7c:
52:f6:5f:9b:53:31:30:19:d5:e7:ca:04:c3:59:76:
5a:b6:b6:f2:5d:97:d5:50:eb:22:84:8a:b8:2a:4e:
b9:1c:24:cd:d9:16:84:74:c8:01:b0:ea:2c:a4:41:
fd:55:a8:b8:3f:f5:d4:fa:70:c6:85:b5:8e:3b:e0:
ac:a9:d8:b6:cf:9f:53:d7:65:93:6e:67:4a:07:ef:
41:39:b8:8f:14:7a:6a:fa:d1:dc:62:c2:9e:90:41:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:50:B6:FF:4D:D5:17:A5:37:4C:B4:E7:85:F5:9A:FA:17:64:F2:71
X509v3 Authority Key Identifier:
keyid:E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/i1C2_03VF6U3TLTnhfWa-hdk8nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.200.0/21
185.112.136.0/22
IPv6:
2a06:6180::/29
Signature Algorithm: sha256WithRSAEncryption
22:0e:36:1f:d1:9b:90:04:54:b5:66:a5:59:32:ae:1e:f8:c1:
f8:ef:db:8d:34:60:19:41:40:db:f5:9b:8d:f0:62:fa:6d:d4:
f3:0a:e5:4d:75:9e:0e:06:45:be:07:52:bb:7d:5e:c3:5c:13:
20:34:cc:8f:eb:9d:57:2a:b7:3e:9e:66:55:17:b9:c8:52:b2:
cc:43:cb:04:97:c4:d0:af:ac:ee:88:ea:48:89:6b:fc:24:1c:
05:f4:a6:98:c6:fc:82:70:e7:7b:78:30:f4:39:99:eb:cd:fc:
cd:e9:c0:fc:76:38:22:e3:26:c5:94:ba:4f:fe:53:55:55:c0:
62:1d:44:cd:12:ab:5f:cc:91:ab:52:80:8a:5a:65:08:e0:b6:
bc:75:21:23:24:b2:96:9c:5c:a0:49:a8:dd:4c:b4:41:fe:27:
12:78:74:4b:f2:ed:58:b8:13:1d:e0:3a:f9:3a:24:91:50:dd:
67:6f:74:a6:03:9b:69:9c:33:5c:0c:18:3e:a3:87:a9:55:5d:
13:35:ed:c7:fb:4d:40:e8:00:0b:c0:e9:bb:d1:9f:be:fd:28:
7a:d5:09:10:ab:0c:6a:8c:21:1f:0d:b4:b3:e8:c3:84:81:0b:
be:f4:d5:37:20:e2:64:fb:73:4d:4c:10:b6:d1:13:88:dd:29:
f2:a0:3f:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZlzunVwlYK+2US7lsNcCkzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNzc1MzhkZWMyZWZjZDJmMTFjYzYzNzE5N2QxZDlhNmZk
YWU5ZDkwHhcNMjUwOTIyMjMyMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjUwYjZmZjRkZDUxN2E1Mzc0Y2I0ZTc4NWY1OWFmYTE3NjRmMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymSoxgRQAGd7PX1+qlTulx7epFBM
r1OtMYMH1WRFxmqlcXzjojGhR/zMoDfcRdlrFhDVpL11LmNyaaZyhO9Kd/s1I7ty
da2E+BE3pEEd88sahzZD4Y3cpv3sBMOFHhYkSvjXXbSGugu9sW9arPlI34YgCh4A
uIDxyFtd/cBoD2/Vc6+cH+ppkt1VsXLRHEAoMoh81pLy6B6izG5izVUn3yWCg3xS
9l+bUzEwGdXnygTDWXZatrbyXZfVUOsihIq4Kk65HCTN2RaEdMgBsOospEH9Vai4
P/XU+nDGhbWOO+Csqdi2z59T12WTbmdKB+9BObiPFHpq+tHcYsKekEGyQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFItQtv9N1RelN0y054X1mvoXZPJxMB8GA1UdIwQY
MBaAFOJ3U43sLvzS8RzGNxl9HZpv2unZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWIt
ODJlZTJkMmI0Mjg5LzEvaTFDMl8wM1ZGNlUzVExUbmhmV2EtaGRrOG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWItODJlZTJkMmI0Mjg5
LzEvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXbIAwQC
uXCIMA0EAgACMAcDBQMqBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQAiDjYf0ZuQBFS1
ZqVZMq4e+MH479uNNGAZQUDb9ZuN8GL6bdTzCuVNdZ4OBkW+B1K7fV7DXBMgNMyP
651XKrc+nmZVF7nIUrLMQ8sEl8TQr6zuiOpIiWv8JBwF9KaYxvyCcOd7eDD0OZnr
zfzN6cD8djgi4ybFlLpP/lNVVcBiHUTNEqtfzJGrUoCKWmUI4La8dSEjJLKWnFyg
SajdTLRB/icSeHRL8u1YuBMd4Dr5OiSRUN1nb3SmA5tpnDNcDBg+o4epVV0TNe3H
+01A6AALwOm70Z++/Sh61QkQqwxqjCEfDbSz6MOEgQu+9NU3IOJk+3NNTBC20ROI
3SnyoD/s
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:25 2025 by rpki-client