Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/T58xMDbLANQb9Kgw893xpFau1Fs.roa
File: T58xMDbLANQb9Kgw893xpFau1Fs.roa (raw, json)
Hash identifier: 6zsxCyqe8IvUF3KmmNmoDeEUsdW8rKFl85HR/TG08js=
Subject key identifier: 4F:9F:31:30:36:CB:00:D4:1B:F4:A8:30:F3:DD:F1:A4:56:AE:D4:5B
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 0199A9063ED97CA0FD83887FC067BB0FC7A7
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/T58xMDbLANQb9Kgw893xpFau1Fs.roa
Signing time: Fri 03 Oct 2025 07:43:02 +0000
ROA not before: Fri 03 Oct 2025 07:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39405
IP address blocks: 45.153.92.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
141.0.200.0/21 maxlen: 24
185.116.128.0/22 maxlen: 24
185.117.16.0/22 maxlen: 24
185.224.32.0/22 maxlen: 22
185.224.32.0/24 maxlen: 24
185.224.33.0/24 maxlen: 24
185.224.34.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
185.246.24.0/22 maxlen: 22
185.246.24.0/24 maxlen: 24
185.246.25.0/24 maxlen: 24
185.247.86.0/23 maxlen: 24
185.249.184.0/22 maxlen: 24
185.253.92.0/22 maxlen: 24
193.84.73.0/24 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:06:3e:d9:7c:a0:fd:83:88:7f:c0:67:bb:0f:c7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Oct 3 07:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f9f313036cb00d41bf4a830f3ddf1a456aed45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:41:ce:11:b3:cb:8b:a5:8d:55:27:85:1b:c3:
fb:4a:6f:9a:9f:4e:f7:75:3f:d0:b4:fa:81:9f:13:
cb:d7:95:ee:d4:02:1b:ca:56:88:96:6e:8f:5e:66:
32:51:c1:09:97:72:c8:79:59:f5:ea:63:19:a6:9c:
7b:5e:b7:2d:51:27:93:d2:4d:6b:8f:cd:c7:a8:14:
a8:4a:00:c6:12:94:9e:cc:62:40:b5:6e:b2:94:04:
0a:44:16:7b:89:9a:ca:74:21:15:4a:4a:b4:0d:7e:
aa:bb:df:13:be:9d:14:fb:7b:7c:35:49:15:1d:55:
d8:8f:65:cc:e0:c5:d3:6b:f2:85:22:d6:ca:d6:1e:
76:a6:83:f4:cc:9f:75:72:2b:c0:46:18:9a:9d:b1:
fb:c8:81:ec:6a:3c:53:68:c2:c0:b6:d6:39:a8:86:
29:a1:5e:68:6a:2f:e1:42:e3:3e:92:1f:1f:96:3a:
ec:14:34:cb:6b:1b:42:8e:e9:93:81:eb:d2:32:10:
39:86:8b:9b:62:57:a7:44:13:8d:5e:72:19:e1:c4:
3b:dc:65:46:44:0d:b8:c0:44:1c:52:0c:58:1d:04:
4b:4a:0a:71:ca:48:e0:52:83:b2:ea:91:ae:f2:0a:
48:0f:9d:d7:82:d4:2f:19:91:8f:6a:b9:a2:98:e1:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9F:31:30:36:CB:00:D4:1B:F4:A8:30:F3:DD:F1:A4:56:AE:D4:5B
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/T58xMDbLANQb9Kgw893xpFau1Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.224.32.0/22
185.244.72.0/22
185.246.24.0/22
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
25:b4:5e:f3:de:72:05:c4:0c:27:5c:9c:fa:f4:19:d8:86:6d:
0b:3c:41:ee:bf:60:cc:8b:97:f3:23:47:7d:53:08:ef:2c:92:
7e:f1:44:12:8b:b1:54:37:d9:62:33:97:fd:0c:ea:0a:40:94:
d3:79:15:9c:eb:43:aa:d4:72:3c:a3:61:04:2e:22:a1:66:cd:
39:31:ad:82:cc:1e:c4:f9:0b:17:e5:98:0b:41:c9:8b:3f:17:
93:2a:2d:75:0d:13:fe:1f:00:75:02:17:5f:97:eb:a4:ea:d7:
1e:97:61:41:e1:db:a8:6d:e0:31:c6:c5:84:bf:46:84:5f:6e:
87:8a:90:e7:c7:3d:5f:de:45:b1:13:7a:57:ed:95:9c:76:5c:
7c:61:38:f1:66:8a:52:5d:17:df:f5:aa:2a:ca:9d:19:a1:91:
a9:59:7f:1f:d0:2b:50:d8:c8:b9:81:36:95:28:63:c5:0c:d2:
99:73:4a:d3:78:7f:96:38:8a:6c:9e:6d:9c:32:d9:06:6c:a6:
1a:ff:fd:e8:1a:22:06:e1:e1:ce:19:61:6b:d7:aa:7a:14:ab:
a4:4f:f7:f0:67:9e:a2:a2:8f:46:ea:0d:ad:07:13:09:d1:22:
09:6c:7b:1b:14:db:29:ba:b7:cb:87:80:92:19:69:dd:89:f9:
50:dc:8b:fc
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZmpBj7ZfKD9g4h/wGe7D8enMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUxMDAzMDc0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjlmMzEzMDM2Y2IwMGQ0MWJmNGE4MzBmM2RkZjFhNDU2YWVkNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20HOEbPLi6WNVSeFG8P7Sm+an073
dT/QtPqBnxPL15Xu1AIbylaIlm6PXmYyUcEJl3LIeVn16mMZppx7XrctUSeT0k1r
j83HqBSoSgDGEpSezGJAtW6ylAQKRBZ7iZrKdCEVSkq0DX6qu98Tvp0U+3t8NUkV
HVXYj2XM4MXTa/KFItbK1h52poP0zJ91civARhianbH7yIHsajxTaMLAttY5qIYp
oV5oai/hQuM+kh8fljrsFDTLaxtCjumTgevSMhA5houbYlenRBONXnIZ4cQ73GVG
RA24wEQcUgxYHQRLSgpxykjgUoOy6pGu8gpID53XgtQvGZGParmimOG5pwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFE+fMTA2ywDUG/SoMPPd8aRWrtRbMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvVDU4eE1EYkxBTlFiOUtndzg5M3hwRmF1MUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLZlcAwQD
XV0oAwQDjQDIAwQCuXSAAwQCuXUQAwQCueAgAwQCufRIAwQCufYYAwQBufdWAwQC
ufm4AwQCuf1cAwQAwVRJMBQEAgACMA4DBQAqAWYAAwUAKgxEADANBgkqhkiG9w0B
AQsFAAOCAQEAJbRe895yBcQMJ1yc+vQZ2IZtCzxB7r9gzIuX8yNHfVMI7yySfvFE
EouxVDfZYjOX/QzqCkCU03kVnOtDqtRyPKNhBC4ioWbNOTGtgswexPkLF+WYC0HJ
iz8XkyotdQ0T/h8AdQIXX5frpOrXHpdhQeHbqG3gMcbFhL9GhF9uh4qQ58c9X95F
sRN6V+2VnHZcfGE48WaKUl0X3/WqKsqdGaGRqVl/H9ArUNjIuYE2lShjxQzSmXNK
03h/ljiKbJ5tnDLZBmymGv/96BoiBuHhzhlha9eqehSrpE/38GeeoqKPRuoNrQcT
CdEiCWx7GxTbKbq3y4eAkhlp3Yn5UNyL/A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:01 2025 by rpki-client