
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/kEeDyUl01hTZEGFM3itOVXFr62M.roa
File: kEeDyUl01hTZEGFM3itOVXFr62M.roa (raw, json)
Hash identifier: FjPrfh53WoDMFf9Gz/XVlKYYZ1UhSfrDGs50b54qMv4=
Subject key identifier: 90:47:83:C9:49:74:D6:14:D9:10:61:4C:DE:2B:4E:55:71:6B:EB:63
Certificate issuer: /CN=f5cb856d4269219ed3a0c0dc47333236f155953a
Certificate serial: 019970A8050FE51700D43530D8ABAEB3626A
Authority key identifier: F5:CB:85:6D:42:69:21:9E:D3:A0:C0:DC:47:33:32:36:F1:55:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/kEeDyUl01hTZEGFM3itOVXFr62M.roa
Signing time: Mon 22 Sep 2025 09:01:23 +0000
ROA not before: Mon 22 Sep 2025 09:01:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8612
IP address blocks: 82.84.0.0/15 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.85.53.64/26 maxlen: 26
84.220.0.0/15 maxlen: 15
84.220.0.0/16 maxlen: 24
84.221.0.0/16 maxlen: 24
94.32.0.0/19 maxlen: 24
94.32.64.0/18 maxlen: 24
94.32.128.0/17 maxlen: 24
94.34.0.0/16 maxlen: 24
94.35.0.0/16 maxlen: 24
185.38.136.0/22 maxlen: 22
193.43.2.0/24 maxlen: 24
217.73.208.0/21 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:a8:05:0f:e5:17:00:d4:35:30:d8:ab:ae:b3:62:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5cb856d4269219ed3a0c0dc47333236f155953a
Validity
Not Before: Sep 22 09:01:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=904783c94974d614d910614cde2b4e55716beb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:a6:92:c9:39:31:4d:0d:cc:0b:7f:10:5a:
5b:7c:7b:9e:b1:84:32:26:a4:90:6c:39:23:af:4e:
01:33:2c:67:58:6e:02:44:c9:c9:77:37:b6:22:58:
59:4e:28:4c:42:e7:6f:30:99:f2:d8:6d:9d:e2:b9:
d7:35:39:8c:a9:95:4f:81:50:ec:13:36:b9:ab:62:
59:5d:0e:15:39:de:5c:61:ee:f8:3a:0e:8d:8d:36:
d1:81:19:a9:de:30:18:8e:1b:2c:92:0e:c8:dc:36:
27:d6:58:9a:82:b3:33:5c:5f:54:e9:2b:d5:0e:d8:
2c:9e:b4:89:7b:dc:68:14:db:03:39:6b:ff:b6:32:
7c:a5:83:06:c1:58:03:ef:ef:ba:e8:13:f0:fa:90:
0d:98:68:43:6b:e3:7a:6e:75:77:e6:11:34:8e:9d:
19:d0:4d:06:b8:61:94:0e:33:fc:8e:44:11:56:22:
c8:09:a2:08:b2:bd:fe:c5:65:6f:2e:0d:de:70:af:
eb:d9:1f:19:cc:ae:28:ed:5d:74:fa:14:10:1a:53:
61:25:31:e3:8f:07:e5:49:d0:1c:4e:95:f4:60:3d:
06:13:e8:77:2e:7f:f5:4d:1b:da:c8:36:6d:09:1a:
83:24:96:b7:43:4f:48:56:54:b4:54:0c:ca:60:a8:
b5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:47:83:C9:49:74:D6:14:D9:10:61:4C:DE:2B:4E:55:71:6B:EB:63
X509v3 Authority Key Identifier:
keyid:F5:CB:85:6D:42:69:21:9E:D3:A0:C0:DC:47:33:32:36:F1:55:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/kEeDyUl01hTZEGFM3itOVXFr62M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/74b280-e1b4-4310-8085-d65617bd3b4f/1/9cuFbUJpIZ7ToMDcRzMyNvFVlTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/19
94.32.64.0-94.32.255.255
94.34.0.0/15
185.38.136.0/22
193.43.2.0/24
217.73.208.0/21
Signature Algorithm: sha256WithRSAEncryption
19:13:cd:19:eb:e8:a5:06:26:ba:ec:59:7e:7c:44:8b:56:ae:
6a:5c:15:d9:14:75:66:0a:c1:a1:9d:f7:cb:52:d7:15:b8:2b:
c2:6d:60:70:0d:d1:3c:01:db:cb:d8:cc:72:e4:4a:b6:ab:3c:
87:76:67:31:a3:4e:09:7b:d4:f6:1e:be:bf:5e:3d:35:1a:5c:
0c:ef:53:0a:8c:16:ca:6f:e7:72:25:d3:e2:46:7a:ea:09:b8:
ef:dd:c8:13:f7:77:4b:b6:18:2c:d9:06:58:fd:73:ba:a0:09:
3e:87:f0:fe:1b:76:02:73:49:c1:f1:a3:86:e4:1f:ad:c2:10:
60:35:39:fd:e4:15:4f:a8:21:e8:b1:c5:b1:9f:2f:ad:ff:01:
2e:87:f1:fb:7e:47:81:7f:2a:e7:63:a1:ea:9b:3e:90:c8:59:
1c:6d:af:0d:c5:e0:6b:b3:ed:f4:82:dd:d7:bf:ab:ae:d9:ae:
6d:fe:7c:1f:18:9b:17:cb:83:c8:76:cf:11:03:3d:11:3d:14:
84:b0:e8:04:1f:86:0e:fb:c8:3d:82:d4:86:8f:0e:d1:10:c2:
c0:3e:2b:22:f7:57:f9:04:b9:c4:91:d6:b3:ba:37:5e:0b:f5:
44:bf:9c:93:68:61:36:f6:4b:8d:fd:fd:28:21:c4:16:51:f9:
81:7d:65:5b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZlwqAUP5RcA1DUw2Kuus2JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1Y2I4NTZkNDI2OTIxOWVkM2EwYzBkYzQ3MzMzMjM2ZjE1
NTk1M2EwHhcNMjUwOTIyMDkwMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQ3ODNjOTQ5NzRkNjE0ZDkxMDYxNGNkZTJiNGU1NTcxNmJlYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsimksk5MU0NzAt/EFpbfHuesYQy
JqSQbDkjr04BMyxnWG4CRMnJdze2IlhZTihMQudvMJny2G2d4rnXNTmMqZVPgVDs
Eza5q2JZXQ4VOd5cYe74Og6NjTbRgRmp3jAYjhsskg7I3DYn1liagrMzXF9U6SvV
DtgsnrSJe9xoFNsDOWv/tjJ8pYMGwVgD7++66BPw+pANmGhDa+N6bnV35hE0jp0Z
0E0GuGGUDjP8jkQRViLICaIIsr3+xWVvLg3ecK/r2R8ZzK4o7V10+hQQGlNhJTHj
jwflSdAcTpX0YD0GE+h3Ln/1TRvayDZtCRqDJJa3Q09IVlS0VAzKYKi1CQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJBHg8lJdNYU2RBhTN4rTlVxa+tjMB8GA1UdIwQY
MBaAFPXLhW1CaSGe06DA3EczMjbxVZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWN1RmJVSnBJWjdUb01EY1J6TXlOdkZWbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NGIyODAtZTFiNC00MzEwLTgwODUt
ZDY1NjE3YmQzYjRmLzEva0VlRHlVbDAxaFRaRUdGTTNpdE9WWEZyNjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NGIyODAtZTFiNC00MzEwLTgwODUtZDY1NjE3YmQzYjRm
LzEvOWN1RmJVSnBJWjdUb01EY1J6TXlOdkZWbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwMBUlQDAwFU
3AMEBV4gADALAwQGXiBAAwMAXiADAwFeIgMEArkmiAMEAMErAgMEA9lJ0DANBgkq
hkiG9w0BAQsFAAOCAQEAGRPNGevopQYmuuxZfnxEi1aualwV2RR1ZgrBoZ33y1LX
Fbgrwm1gcA3RPAHby9jMcuRKtqs8h3ZnMaNOCXvU9h6+v149NRpcDO9TCowWym/n
ciXT4kZ66gm4793IE/d3S7YYLNkGWP1zuqAJPofw/ht2AnNJwfGjhuQfrcIQYDU5
/eQVT6gh6LHFsZ8vrf8BLofx+35HgX8q52Oh6ps+kMhZHG2vDcXga7Pt9ILd17+r
rtmubf58HxibF8uDyHbPEQM9ET0UhLDoBB+GDvvIPYLUho8O0RDCwD4rIvdX+QS5
xJHWs7o3Xgv1RL+ck2hhNvZLjf39KCHEFlH5gX1lWw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:29 2025 by rpki-client