Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/S-jHXkuTv3yEQ2sUq6iz0jvEKR8.roa
File: S-jHXkuTv3yEQ2sUq6iz0jvEKR8.roa (raw, json)
Hash identifier: tKw9zDphV/qDQspavEJGBoVyfasBPoIBbRoqri6AaYg=
Subject key identifier: 4B:E8:C7:5E:4B:93:BF:7C:84:43:6B:14:AB:A8:B3:D2:3B:C4:29:1F
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0199D8A332C9A4644C2CAAC41DF5FC5C5B73
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/S-jHXkuTv3yEQ2sUq6iz0jvEKR8.roa
Signing time: Sun 12 Oct 2025 13:36:38 +0000
ROA not before: Sun 12 Oct 2025 13:36:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 94.103.0.0/24 maxlen: 24
94.103.1.0/24 maxlen: 24
109.172.54.0/24 maxlen: 24
109.172.55.0/24 maxlen: 24
178.130.46.0/24 maxlen: 24
178.130.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d8:a3:32:c9:a4:64:4c:2c:aa:c4:1d:f5:fc:5c:5b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 12 13:36:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4be8c75e4b93bf7c84436b14aba8b3d23bc4291f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:94:6c:cd:58:f4:b6:9e:32:3e:94:7e:9d:
a9:81:04:9c:b2:74:13:e7:89:55:1b:54:f2:f1:2f:
aa:b9:a2:ac:42:de:7b:ae:07:bf:11:f1:f9:00:6c:
61:fc:d7:74:23:95:5d:af:5b:ee:b1:42:dd:8e:22:
a9:f6:3d:bf:b3:9c:e9:37:a4:57:4b:c2:de:9e:df:
63:d9:45:c3:fe:79:3a:40:bb:1a:59:ea:2a:30:54:
1c:88:5f:a0:05:6e:b4:b3:a7:ea:bc:7b:e0:47:4c:
d5:cd:ab:cc:d4:86:a1:e0:06:6f:7a:99:9b:24:fa:
f3:29:d2:97:c9:3b:93:51:d9:45:b1:ef:94:b0:0b:
4a:1f:50:d1:be:b2:df:6e:17:82:a7:76:6e:e7:e7:
08:97:70:7a:9c:cf:c8:a8:9a:7c:24:da:83:03:e8:
28:c1:f4:9d:84:ed:f5:0e:40:ba:24:2a:f0:30:50:
2d:7a:93:1f:83:e3:3c:e8:3a:d9:85:66:32:46:37:
20:6d:eb:9c:6d:e0:a4:79:ca:0e:f0:e0:a9:8f:72:
8e:d8:cb:50:75:ab:51:2b:ee:2f:a0:fd:9c:df:b9:
b5:bd:11:fc:64:f5:50:11:a2:86:d1:c2:d3:bc:7a:
8f:09:2c:ad:b3:89:ec:c6:1d:f7:31:7a:20:e9:38:
29:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E8:C7:5E:4B:93:BF:7C:84:43:6B:14:AB:A8:B3:D2:3B:C4:29:1F
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/S-jHXkuTv3yEQ2sUq6iz0jvEKR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.0.0/23
109.172.54.0/23
178.130.46.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:34:dd:40:3b:50:34:9a:c7:41:2c:31:df:fb:b6:ed:e3:0a:
3d:4f:45:4c:2e:b4:2a:2c:bc:a5:9a:1c:c1:78:3f:be:a9:c9:
43:6c:7f:53:c2:8c:a5:23:b1:e4:bc:57:8e:75:69:18:da:88:
3a:dd:64:e6:cf:e2:46:37:5b:59:c4:a8:5e:a8:8b:3a:6b:db:
c1:a3:5f:4a:e2:87:26:b9:89:fa:e7:c2:65:34:ec:09:c0:3e:
85:f2:85:a2:ce:e5:1e:5a:c4:df:d5:7c:63:45:b8:5e:64:1b:
9e:98:97:11:00:47:fa:3a:ad:bc:41:a0:eb:8a:e1:95:ba:70:
da:e6:e1:e6:30:f7:14:00:2d:d0:cb:d2:f3:f3:0e:6e:eb:de:
41:a5:12:85:2a:4c:08:7f:dc:62:7c:f8:27:5a:00:98:0f:58:
2d:cb:a8:5f:7a:86:69:19:9b:b4:a3:5a:58:bf:af:44:3d:94:
48:f8:fb:70:64:a3:6b:8e:e8:49:2f:28:60:c1:15:a8:f8:3a:
81:cd:1a:fa:86:2c:0a:2c:9f:5e:30:b0:f6:a4:c4:af:4b:48:
b2:99:a0:00:7d:5a:24:b2:2d:a8:e0:57:8a:cb:2c:08:3b:ec:
c2:9b:cf:7a:6c:35:ad:06:4a:97:70:c0:d3:85:19:97:e0:2b:
c2:03:23:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnYozLJpGRMLKrEHfX8XFtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjUxMDEyMTMzNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmU4Yzc1ZTRiOTNiZjdjODQ0MzZiMTRhYmE4YjNkMjNiYzQyOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLOUbM1Y9LaeMj6Ufp2pgQScsnQT
54lVG1Ty8S+quaKsQt57rge/EfH5AGxh/Nd0I5Vdr1vusULdjiKp9j2/s5zpN6RX
S8Lent9j2UXD/nk6QLsaWeoqMFQciF+gBW60s6fqvHvgR0zVzavM1Iah4AZvepmb
JPrzKdKXyTuTUdlFse+UsAtKH1DRvrLfbheCp3Zu5+cIl3B6nM/IqJp8JNqDA+go
wfSdhO31DkC6JCrwMFAtepMfg+M86DrZhWYyRjcgbeucbeCkecoO8OCpj3KO2MtQ
datRK+4voP2c37m1vRH8ZPVQEaKG0cLTvHqPCSyts4nsxh33MXog6TgpCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEvox15Lk798hENrFKuos9I7xCkfMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvUy1qSFhrdVR2M3lFUTJzVXE2aXowanZFS1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXmcAAwQB
baw2AwQBsoIuMA0GCSqGSIb3DQEBCwUAA4IBAQCjNN1AO1A0msdBLDHf+7bt4wo9
T0VMLrQqLLylmhzBeD++qclDbH9TwoylI7HkvFeOdWkY2og63WTmz+JGN1tZxKhe
qIs6a9vBo19K4ocmuYn658JlNOwJwD6F8oWizuUeWsTf1XxjRbheZBuemJcRAEf6
Oq28QaDriuGVunDa5uHmMPcUAC3Qy9Lz8w5u695BpRKFKkwIf9xifPgnWgCYD1gt
y6hfeoZpGZu0o1pYv69EPZRI+PtwZKNrjuhJLyhgwRWo+DqBzRr6hiwKLJ9eMLD2
pMSvS0iymaAAfVoksi2o4FeKyywIO+zCm896bDWtBkqXcMDThRmX4CvCAyMo
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:12:53 2025 by rpki-client