Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/IQytQDxkG6z6-hb3Iu6XIv8OQic.roa
File: IQytQDxkG6z6-hb3Iu6XIv8OQic.roa (raw, json)
Hash identifier: Fz8ORoLoUXIyDmykV9akqdIIcR0t067gq2FU4oUFIwY=
Subject key identifier: 21:0C:AD:40:3C:64:1B:AC:FA:FA:16:F7:22:EE:97:22:FF:0E:42:27
Certificate issuer: /CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Certificate serial: 0199E98FCBB4F70AC54C0BBA3EB8BC7B54A3
Authority key identifier: D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/IQytQDxkG6z6-hb3Iu6XIv8OQic.roa
Signing time: Wed 15 Oct 2025 20:28:58 +0000
ROA not before: Wed 15 Oct 2025 20:28:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 185.33.114.0/24 maxlen: 24
202.162.49.0/24 maxlen: 24
202.162.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e9:8f:cb:b4:f7:0a:c5:4c:0b:ba:3e:b8:bc:7b:54:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7c60a54e03c9f815cc33afd45d3c4db9af76f16
Validity
Not Before: Oct 15 20:28:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=210cad403c641bacfafa16f722ee9722ff0e4227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:f5:b5:e6:5e:85:80:00:35:b4:3e:ff:ba:
d9:58:8d:34:1b:b5:74:f8:fc:76:ff:22:63:17:59:
ca:82:be:05:1f:73:f9:9d:56:f9:fb:fa:0e:8b:74:
af:db:6f:a7:af:5b:1b:e9:35:10:3c:5a:2a:98:86:
7b:7f:05:e7:6c:94:fe:5a:3b:67:88:43:dc:fc:c0:
03:1e:2d:5e:a7:62:af:60:61:d7:37:73:53:e4:23:
13:7d:8f:2d:73:c5:fa:a9:47:72:d3:18:75:28:e1:
ca:b0:40:05:94:b9:ab:bf:f2:36:80:e6:63:6d:8c:
b9:1e:eb:bf:68:e7:25:d9:5e:8e:9e:8b:f2:d2:8c:
9d:97:a7:b8:31:13:15:76:9a:32:04:f0:29:f6:c7:
9c:02:16:d0:2d:8c:c8:d4:eb:e6:ae:c8:3b:d7:0a:
d7:39:fa:af:d4:5e:f9:e8:71:44:4c:5d:1e:64:cd:
58:28:1f:b7:2e:18:92:7d:c7:9c:8b:c4:c7:f7:c9:
db:52:11:8d:a3:2e:39:44:e7:a1:03:c4:3d:f9:fd:
f3:68:79:fd:7b:3c:54:f5:40:57:64:0a:70:2b:00:
22:33:40:6c:5d:ce:d9:8f:92:e6:36:6a:4a:9e:47:
ab:92:c1:94:95:99:db:c4:c1:03:bf:5d:d4:a9:a5:
df:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0C:AD:40:3C:64:1B:AC:FA:FA:16:F7:22:EE:97:22:FF:0E:42:27
X509v3 Authority Key Identifier:
keyid:D7:C6:0A:54:E0:3C:9F:81:5C:C3:3A:FD:45:D3:C4:DB:9A:F7:6F:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18YKVOA8n4Fcwzr9RdPE25r3bxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/IQytQDxkG6z6-hb3Iu6XIv8OQic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/89090c-53b1-41be-a338-3831f3ed1ca8/1/18YKVOA8n4Fcwzr9RdPE25r3bxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.114.0/24
202.162.49.0/24
202.162.52.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ea:a1:ca:c5:4c:c0:b0:a0:28:f0:98:d8:52:bc:28:d4:06:
f7:5b:d8:6d:66:ad:96:1e:65:be:6f:23:6b:70:70:3a:54:22:
4b:c0:66:16:d8:5e:4c:18:aa:95:75:1f:15:31:0b:38:88:51:
94:df:7d:58:a7:71:dd:6b:9b:c1:4c:a2:e2:c7:fb:f1:98:00:
f1:96:74:3a:2f:11:07:4d:ea:e9:da:b4:12:ac:c6:0a:c2:a0:
80:c3:8b:d6:16:20:38:1c:c9:2f:aa:80:f1:16:67:0a:cb:64:
a9:d7:67:1b:33:f1:da:5e:06:82:ab:ed:76:46:61:2e:39:e8:
0b:c1:f1:6a:e3:1a:e0:a2:f7:c2:b8:42:80:8c:f6:e7:3e:fe:
a0:cf:ba:0a:26:bf:c2:a8:58:a3:2d:1e:02:84:ae:36:a5:30:
1f:6b:cb:98:97:84:d4:65:0d:e7:26:c8:30:82:f7:ea:78:76:
4b:c3:c8:2a:4c:68:eb:7d:ae:85:75:c4:d1:f9:d5:d2:89:8f:
6a:d9:2c:40:84:65:95:8b:df:fe:e8:61:b9:bc:08:a2:f0:85:
4e:e1:fe:a3:ce:b4:84:d4:31:83:cc:43:d0:4c:f0:bd:2e:ac:
87:3d:d2:9a:7b:e1:8c:93:e2:a6:39:81:d6:35:a8:d4:0c:95:
9c:c0:b9:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnpj8u09wrFTAu6Pri8e1SjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3YzYwYTU0ZTAzYzlmODE1Y2MzM2FmZDQ1ZDNjNGRiOWFm
NzZmMTYwHhcNMjUxMDE1MjAyODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBjYWQ0MDNjNjQxYmFjZmFmYTE2ZjcyMmVlOTcyMmZmMGU0MjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEr1teZehYAANbQ+/7rZWI00G7V0
+Px2/yJjF1nKgr4FH3P5nVb5+/oOi3Sv22+nr1sb6TUQPFoqmIZ7fwXnbJT+Wjtn
iEPc/MADHi1ep2KvYGHXN3NT5CMTfY8tc8X6qUdy0xh1KOHKsEAFlLmrv/I2gOZj
bYy5Huu/aOcl2V6Onovy0oydl6e4MRMVdpoyBPAp9secAhbQLYzI1Ovmrsg71wrX
Ofqv1F756HFETF0eZM1YKB+3LhiSfceci8TH98nbUhGNoy45ROehA8Q9+f3zaHn9
ezxU9UBXZApwKwAiM0BsXc7Zj5LmNmpKnkerksGUlZnbxMEDv13UqaXf+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCEMrUA8ZBus+voW9yLulyL/DkInMB8GA1UdIwQY
MBaAFNfGClTgPJ+BXMM6/UXTxNua928WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgt
MzgzMWYzZWQxY2E4LzEvSVF5dFFEeGtHNno2LWhiM0l1NlhJdjhPUWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84OTA5MGMtNTNiMS00MWJlLWEzMzgtMzgzMWYzZWQxY2E4
LzEvMThZS1ZPQThuNEZjd3pyOVJkUEUyNXIzYnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuSFyAwQA
yqIxAwQAyqI0MA0GCSqGSIb3DQEBCwUAA4IBAQAO6qHKxUzAsKAo8JjYUrwo1Ab3
W9htZq2WHmW+byNrcHA6VCJLwGYW2F5MGKqVdR8VMQs4iFGU331Yp3Hda5vBTKLi
x/vxmADxlnQ6LxEHTerp2rQSrMYKwqCAw4vWFiA4HMkvqoDxFmcKy2Sp12cbM/Ha
XgaCq+12RmEuOegLwfFq4xrgovfCuEKAjPbnPv6gz7oKJr/CqFijLR4ChK42pTAf
a8uYl4TUZQ3nJsgwgvfqeHZLw8gqTGjrfa6FdcTR+dXSiY9q2SxAhGWVi9/+6GG5
vAii8IVO4f6jzrSE1DGDzEPQTPC9LqyHPdKae+GMk+KmOYHWNajUDJWcwLk4
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:12 2025 by rpki-client