Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/F8t05KMRne3MsUcmQpBcGXGBMI8.roa
File: F8t05KMRne3MsUcmQpBcGXGBMI8.roa (raw, json)
Hash identifier: d6IcpYMjJ62EgVhlSLiumFte8BB2LXTHsEgOP/d/Rss=
Subject key identifier: 17:CB:74:E4:A3:11:9D:ED:CC:B1:47:26:42:90:5C:19:71:81:30:8F
Certificate issuer: /CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Certificate serial: 01996197B70628859EFC06BFAF47A1FF0BEB
Authority key identifier: 00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/F8t05KMRne3MsUcmQpBcGXGBMI8.roa
Signing time: Fri 19 Sep 2025 10:49:16 +0000
ROA not before: Fri 19 Sep 2025 10:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50257
IP address blocks: 185.10.172.0/22 maxlen: 22
185.10.172.0/23 maxlen: 23
185.10.172.0/24 maxlen: 24
185.10.173.0/24 maxlen: 24
185.10.174.0/23 maxlen: 23
185.10.174.0/24 maxlen: 24
185.10.175.0/24 maxlen: 24
185.99.4.0/23 maxlen: 23
185.99.4.0/24 maxlen: 24
185.99.5.0/24 maxlen: 24
185.99.6.0/24 maxlen: 24
185.99.7.0/24 maxlen: 24
195.191.4.0/23 maxlen: 23
195.191.4.0/24 maxlen: 24
195.191.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:61:97:b7:06:28:85:9e:fc:06:bf:af:47:a1:ff:0b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Validity
Not Before: Sep 19 10:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17cb74e4a3119dedccb1472642905c197181308f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fb:7c:fa:43:44:4d:98:36:87:45:bf:ee:b5:
5a:b5:b6:4f:56:55:d4:44:a3:eb:0d:bf:5a:7a:38:
82:46:18:f0:e8:ce:ac:57:f2:b8:c9:f2:d8:a8:b0:
e9:2a:18:5e:0d:72:eb:75:1f:b7:a2:36:e0:b8:09:
67:d9:60:ac:fd:5f:4f:72:4f:6b:8d:5c:9a:05:d8:
ff:6d:7e:5e:76:f6:3c:f0:6b:a8:dc:a8:69:64:30:
d1:d2:ca:14:b6:b2:5f:45:9e:b5:40:e4:55:c4:16:
07:9b:af:bb:1c:c7:c6:ce:a5:f6:66:fe:8e:7a:51:
29:3e:10:f7:9e:28:2e:a3:86:c4:3e:72:4e:ae:84:
8a:ae:ab:07:48:b1:2d:15:68:a2:33:3f:e2:5a:c5:
f2:83:6f:61:ee:7f:b1:83:2d:a5:4e:cf:36:d4:03:
87:2c:97:b6:f1:23:87:f0:95:b2:b1:44:22:66:77:
82:b8:39:48:22:b4:39:70:77:e7:ba:83:54:67:cb:
73:de:bb:96:36:81:ee:98:92:c2:8d:97:4f:e6:c2:
9c:d0:1e:47:9b:e0:1b:64:e5:55:03:1f:45:3a:76:
0c:ae:ab:33:92:d0:f2:ec:ae:1a:59:aa:6c:85:d1:
ae:b2:c5:68:44:07:31:37:95:68:24:73:a0:fe:fd:
44:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:CB:74:E4:A3:11:9D:ED:CC:B1:47:26:42:90:5C:19:71:81:30:8F
X509v3 Authority Key Identifier:
keyid:00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/F8t05KMRne3MsUcmQpBcGXGBMI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.172.0/22
185.99.4.0/22
195.191.4.0/23
Signature Algorithm: sha256WithRSAEncryption
77:6c:a8:48:27:62:18:e7:57:71:48:b2:a3:e9:88:10:a1:c3:
49:2f:63:89:6a:b7:32:21:fb:1d:69:9a:d4:15:d2:fe:82:5e:
1c:e6:ed:1a:8d:93:1d:49:16:4c:59:4f:38:5b:2f:45:22:c6:
f4:2e:e6:b8:91:42:8e:1f:c8:80:19:f4:fa:4b:be:13:f5:ee:
b1:8c:5a:4e:80:69:d4:85:99:90:1d:b5:ee:e5:7c:75:4d:c7:
22:86:5e:fb:56:81:0b:fc:98:35:c2:51:46:36:92:bf:aa:6a:
a3:93:81:b0:f3:68:f1:65:26:cf:bf:50:ce:22:66:a5:7a:3e:
3c:a7:a9:c7:0d:3e:62:21:1b:ec:1f:de:4c:f0:11:9b:78:4d:
7f:2e:a1:3d:5d:49:2f:2f:e0:4a:c8:bb:1d:fd:55:48:d1:be:
5e:6d:b8:08:5f:77:0a:4e:de:f1:14:44:72:b1:9e:ef:1c:c1:
76:a3:b7:6f:06:3a:e1:54:7d:d1:93:89:19:da:a2:30:b4:5b:
f9:ef:01:73:dd:32:ce:15:1c:06:dd:3b:91:4e:4c:a6:3a:5d:
26:f7:28:d1:a7:64:94:f3:87:16:b7:8b:bd:cf:cd:f3:27:10:
51:19:01:42:6e:43:d2:0e:e7:dd:24:6e:f8:eb:f0:f8:07:77:
50:1b:94:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZlhl7cGKIWe/Aa/r0eh/wvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmM4ODY1YmMyYTA3ZTRhY2ZlYjI2M2I0ZDljZjYyNDYw
ZmQ1MjMwHhcNMjUwOTE5MTA0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2NiNzRlNGEzMTE5ZGVkY2NiMTQ3MjY0MjkwNWMxOTcxODEzMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Pt8+kNETZg2h0W/7rVatbZPVlXU
RKPrDb9aejiCRhjw6M6sV/K4yfLYqLDpKhheDXLrdR+3ojbguAln2WCs/V9Pck9r
jVyaBdj/bX5edvY88Guo3KhpZDDR0soUtrJfRZ61QORVxBYHm6+7HMfGzqX2Zv6O
elEpPhD3niguo4bEPnJOroSKrqsHSLEtFWiiMz/iWsXyg29h7n+xgy2lTs821AOH
LJe28SOH8JWysUQiZneCuDlIIrQ5cHfnuoNUZ8tz3ruWNoHumJLCjZdP5sKc0B5H
m+AbZOVVAx9FOnYMrqszktDy7K4aWapshdGussVoRAcxN5VoJHOg/v1EEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBfLdOSjEZ3tzLFHJkKQXBlxgTCPMB8GA1UdIwQY
MBaAFAAsiGW8KgfkrP6yY7TZz2JGD9UjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjIt
YTYwYzIwYzhmNzE3LzEvRjh0MDVLTVJuZTNNc1VjbVFwQmNHWEdCTUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3
LzEvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQqsAwQC
uWMEAwQBw78EMA0GCSqGSIb3DQEBCwUAA4IBAQB3bKhIJ2IY51dxSLKj6YgQocNJ
L2OJarcyIfsdaZrUFdL+gl4c5u0ajZMdSRZMWU84Wy9FIsb0Lua4kUKOH8iAGfT6
S74T9e6xjFpOgGnUhZmQHbXu5Xx1Tccihl77VoEL/Jg1wlFGNpK/qmqjk4Gw82jx
ZSbPv1DOImalej48p6nHDT5iIRvsH95M8BGbeE1/LqE9XUkvL+BKyLsd/VVI0b5e
bbgIX3cKTt7xFERysZ7vHMF2o7dvBjrhVH3Rk4kZ2qIwtFv57wFz3TLOFRwG3TuR
TkymOl0m9yjRp2SU84cWt4u9z83zJxBRGQFCbkPSDufdJG746/D4B3dQG5QF
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:53:56 2025 by rpki-client