
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RCAhdW8y8lZQe_hgXqFAZ8XkQf4.roa
File: RCAhdW8y8lZQe_hgXqFAZ8XkQf4.roa (raw, json)
Hash identifier: qct0DIB13CXPsTg5UzhCEYb/DG0VdQEeWFArQ7YyKVI=
Subject key identifier: 44:20:21:75:6F:32:F2:56:50:7B:F8:60:5E:A1:40:67:C5:E4:41:FE
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01997641BCCBE92EFD566A77C07D1666A6FE
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RCAhdW8y8lZQe_hgXqFAZ8XkQf4.roa
Signing time: Tue 23 Sep 2025 11:07:23 +0000
ROA not before: Tue 23 Sep 2025 11:07:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214208
IP address blocks: 85.8.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:41:bc:cb:e9:2e:fd:56:6a:77:c0:7d:16:66:a6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Sep 23 11:07:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=442021756f32f256507bf8605ea14067c5e441fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:44:09:da:89:d5:ad:a2:44:48:b0:3d:77:41:
1a:bb:64:22:35:70:4d:ae:d4:db:e8:1f:b8:f5:f9:
2e:ef:f0:16:79:53:01:8b:69:1e:7f:e7:c4:ef:41:
0e:61:10:a7:60:ec:f1:ae:dc:71:d7:5d:f9:77:f7:
64:ac:fe:17:a1:17:3e:58:14:df:da:1e:ff:44:da:
90:f2:ae:dc:1e:bb:ec:cc:c1:8d:a1:ce:69:c8:6e:
44:fd:7d:f0:9d:91:b3:72:99:33:f8:2b:7e:3b:79:
d3:c0:05:bd:85:50:b6:ea:66:f4:1a:5a:b9:8d:f8:
19:51:52:28:f2:2b:33:43:99:e9:c9:33:39:d9:b7:
04:0c:b7:50:db:94:d4:42:cd:2b:36:d6:96:33:b1:
86:5a:61:73:b7:8e:d9:dd:d0:c1:75:54:93:af:54:
01:a3:09:37:42:1c:87:b7:01:59:b9:29:e5:cb:39:
b2:d8:8f:50:d5:a2:a2:63:9a:14:07:9b:df:82:de:
82:0d:cc:6b:48:bd:0a:3a:16:28:86:a0:e4:be:a7:
88:c3:7f:f4:b6:3a:c6:e8:82:7a:47:51:33:6c:7a:
80:5d:ed:a9:76:9e:8c:5e:5a:7c:0e:87:47:52:4a:
9f:93:ba:0c:81:e7:5a:3f:36:86:27:2a:fb:50:11:
eb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:20:21:75:6F:32:F2:56:50:7B:F8:60:5E:A1:40:67:C5:E4:41:FE
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RCAhdW8y8lZQe_hgXqFAZ8XkQf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.170.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e6:8b:83:ad:73:ab:74:96:65:ba:4b:f7:52:4c:4b:d6:5f:
e5:64:d3:b3:f0:02:02:d9:af:3a:be:1e:b8:1c:ef:3b:9c:24:
3d:89:6b:be:94:91:af:cb:51:a9:3c:79:ef:ad:94:fe:60:29:
1e:d6:a7:b1:1c:24:a4:6c:37:1c:0a:c0:18:38:bc:8b:24:97:
6e:11:df:6a:34:a5:ea:16:fb:72:41:c7:60:83:8a:5f:66:03:
c9:7f:a0:1e:0f:b7:df:11:83:2b:ec:5e:cc:c4:50:39:6d:79:
03:9c:cc:63:bc:8b:88:38:41:34:e4:0c:1f:5f:45:24:46:5a:
78:1e:6c:b5:e8:ea:d7:7f:cd:a5:55:bd:a1:3d:01:73:ef:cc:
a4:25:c5:ec:b4:d8:89:14:9c:28:ad:0e:44:94:14:2c:14:69:
c6:1f:4c:22:01:c6:f8:28:94:8d:bb:18:13:8f:39:96:3a:88:
df:6a:ce:8d:bf:72:13:f3:c3:c1:f4:1c:32:65:9c:7b:a2:cb:
44:6c:88:89:f7:9e:be:af:1c:c8:08:7c:8a:29:c9:49:0e:9e:
fb:1c:26:4a:47:9f:b5:07:64:9a:a6:19:45:28:4f:ec:14:ea:
eb:fb:3a:74:6f:85:3a:ad:45:da:58:4e:7d:93:ad:20:a5:af:
02:a2:e1:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl2QbzL6S79Vmp3wH0WZqb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwOTIzMTEwNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIwMjE3NTZmMzJmMjU2NTA3YmY4NjA1ZWExNDA2N2M1ZTQ0MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EQJ2onVraJESLA9d0Eau2QiNXBN
rtTb6B+49fku7/AWeVMBi2kef+fE70EOYRCnYOzxrtxx1135d/dkrP4XoRc+WBTf
2h7/RNqQ8q7cHrvszMGNoc5pyG5E/X3wnZGzcpkz+Ct+O3nTwAW9hVC26mb0Glq5
jfgZUVIo8iszQ5npyTM52bcEDLdQ25TUQs0rNtaWM7GGWmFzt47Z3dDBdVSTr1QB
owk3QhyHtwFZuSnlyzmy2I9Q1aKiY5oUB5vfgt6CDcxrSL0KOhYohqDkvqeIw3/0
tjrG6IJ6R1EzbHqAXe2pdp6MXlp8DodHUkqfk7oMgedaPzaGJyr7UBHrUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQgIXVvMvJWUHv4YF6hQGfF5EH+MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvUkNBaGRXOHk4bFpRZV9oZ1hxRkFaOFhrUWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQiqMA0G
CSqGSIb3DQEBCwUAA4IBAQCP5ouDrXOrdJZlukv3UkxL1l/lZNOz8AIC2a86vh64
HO87nCQ9iWu+lJGvy1GpPHnvrZT+YCke1qexHCSkbDccCsAYOLyLJJduEd9qNKXq
FvtyQcdgg4pfZgPJf6AeD7ffEYMr7F7MxFA5bXkDnMxjvIuIOEE05AwfX0UkRlp4
Hmy16OrXf82lVb2hPQFz78ykJcXstNiJFJworQ5ElBQsFGnGH0wiAcb4KJSNuxgT
jzmWOojfas6Nv3IT88PB9BwyZZx7ostEbIiJ956+rxzICHyKKclJDp77HCZKR5+1
B2SaphlFKE/sFOrr+zp0b4U6rUXaWE59k60gpa8CouHa
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:58 2025 by rpki-client