Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/v2AeKCE4a1-7pESC9ltKNw8Jhlk.roa
File: v2AeKCE4a1-7pESC9ltKNw8Jhlk.roa (raw, json)
Hash identifier: mbnYBoINyXxAJJIHqSAZZfEa8QgzUqoulxmBdaMTgUA=
Subject key identifier: BF:60:1E:28:21:38:6B:5F:BB:A4:44:82:F6:5B:4A:37:0F:09:86:59
Certificate issuer: /CN=7031374eb9679109e91a38e28b17bf260ab9d3ab
Certificate serial: 019995D2C733C41BB0B3B8E741C799251A24
Authority key identifier: 70:31:37:4E:B9:67:91:09:E9:1A:38:E2:8B:17:BF:26:0A:B9:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/v2AeKCE4a1-7pESC9ltKNw8Jhlk.roa
Signing time: Mon 29 Sep 2025 14:14:02 +0000
ROA not before: Mon 29 Sep 2025 14:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214286
IP address blocks: 185.223.136.0/24 maxlen: 24
185.223.139.0/24 maxlen: 24
2a14:43c0:1000::/36 maxlen: 36
2a14:43c0:2000::/36 maxlen: 36
2a14:43c0:3000::/36 maxlen: 36
2a14:43c0:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.mft
rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:d2:c7:33:c4:1b:b0:b3:b8:e7:41:c7:99:25:1a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7031374eb9679109e91a38e28b17bf260ab9d3ab
Validity
Not Before: Sep 29 14:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf601e2821386b5fbba44482f65b4a370f098659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:92:94:73:7d:30:fb:14:7b:ba:ec:d6:91:
4e:d1:6c:b2:97:12:8f:48:9f:e1:e0:ff:15:cc:63:
4c:1e:95:cf:2e:8f:42:14:69:c9:20:16:21:b5:c5:
48:0b:ba:f1:f8:4f:a2:d2:d1:3d:4f:35:80:50:69:
09:1a:54:9f:06:f1:f2:e1:53:09:70:d7:50:01:f6:
1a:75:5c:73:02:b7:19:b8:c9:40:5c:b4:43:f1:5e:
cb:2b:1c:5f:35:cb:fb:28:d3:a2:f6:7f:cc:06:41:
61:cb:d2:b3:3f:a3:1c:a1:65:d9:26:8d:18:2b:42:
6a:ff:72:e7:e5:f7:5d:3d:ab:65:72:5b:a1:13:a3:
af:32:1a:f7:31:6d:25:ad:0d:99:15:3f:d4:ec:76:
89:91:4f:40:d7:70:c8:ae:e5:de:08:19:c2:99:7b:
97:86:bc:dc:61:70:70:5f:ce:b1:87:c3:e4:4f:50:
17:13:b4:6b:e5:f0:da:c6:71:27:2f:10:42:15:b4:
44:66:de:6d:4d:f7:eb:a9:24:0b:77:5c:67:09:2e:
50:0b:cf:f6:76:1a:8e:ae:b1:1d:9a:e0:88:d5:39:
eb:2d:29:2e:35:8a:fc:c9:d6:a9:6e:53:b6:ff:5a:
b1:2e:ba:f8:d0:ab:a9:69:e1:cc:7d:21:bd:95:43:
0f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:60:1E:28:21:38:6B:5F:BB:A4:44:82:F6:5B:4A:37:0F:09:86:59
X509v3 Authority Key Identifier:
keyid:70:31:37:4E:B9:67:91:09:E9:1A:38:E2:8B:17:BF:26:0A:B9:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/v2AeKCE4a1-7pESC9ltKNw8Jhlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.136.0/24
185.223.139.0/24
IPv6:
2a14:43c0:1000::-2a14:43c0:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:3c:b4:ec:d7:bc:89:5f:66:7d:91:7f:ac:68:70:3c:41:7a:
58:35:ed:6c:c1:6a:98:97:e9:08:99:39:50:c2:04:31:7e:ad:
db:6f:13:37:4f:17:44:2e:3b:fb:de:59:be:76:6f:63:24:e7:
0e:6a:4d:a6:60:20:48:87:90:c0:c4:71:50:e3:df:ae:32:28:
29:ca:41:ee:ac:6b:8b:30:54:f7:3f:60:f1:35:63:7d:22:9e:
d5:83:d2:ec:c5:1c:73:82:4c:ac:4c:3f:b2:59:97:36:4c:68:
9f:d0:d2:a5:c4:ff:e4:a6:6a:7e:46:cd:d0:ff:13:ea:e7:f6:
67:f5:ff:03:9a:ac:5d:0e:ab:b0:fc:d9:af:2e:d1:e1:3a:80:
f0:9b:5e:41:8f:1b:6a:43:7b:e9:21:8c:0a:37:6c:d0:57:06:
a6:2c:99:09:27:be:07:6a:8b:fb:3a:d3:71:60:0c:ac:7a:d4:
ad:5f:e2:41:0a:7e:cf:f8:05:ed:a1:46:c1:96:b8:3b:9a:fe:
c8:1a:37:5b:d3:e1:d3:91:ef:26:97:d3:f4:4f:fb:3f:d0:3e:
1a:21:f6:9d:0a:48:de:d2:7d:3c:f4:0f:a5:88:97:5e:5b:bb:
fb:9c:c6:c7:cf:a2:5c:f0:fc:d9:64:d6:87:b2:33:6f:fb:59:
04:96:94:ea
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZmV0sczxBuws7jnQceZJRokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMzEzNzRlYjk2NzkxMDllOTFhMzhlMjhiMTdiZjI2MGFi
OWQzYWIwHhcNMjUwOTI5MTQxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjYwMWUyODIxMzg2YjVmYmJhNDQ0ODJmNjViNGEzNzBmMDk4NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofWSlHN9MPsUe7rs1pFO0WyylxKP
SJ/h4P8VzGNMHpXPLo9CFGnJIBYhtcVIC7rx+E+i0tE9TzWAUGkJGlSfBvHy4VMJ
cNdQAfYadVxzArcZuMlAXLRD8V7LKxxfNcv7KNOi9n/MBkFhy9KzP6McoWXZJo0Y
K0Jq/3Ln5fddPatlcluhE6OvMhr3MW0lrQ2ZFT/U7HaJkU9A13DIruXeCBnCmXuX
hrzcYXBwX86xh8PkT1AXE7Rr5fDaxnEnLxBCFbREZt5tTffrqSQLd1xnCS5QC8/2
dhqOrrEdmuCI1TnrLSkuNYr8ydapblO2/1qxLrr40KupaeHMfSG9lUMPxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL9gHighOGtfu6REgvZbSjcPCYZZMB8GA1UdIwQY
MBaAFHAxN065Z5EJ6Ro44osXvyYKudOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0RFM1RybG5rUW5wR2pqaWl4ZV9KZ3E1MDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kOGI3M2ItNTAxMy00M2NkLWJhMmIt
MmMyMTgwNzE0ZTcxLzEvdjJBZUtDRTRhMS03cEVTQzlsdEtOdzhKaGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kOGI3M2ItNTAxMy00M2NkLWJhMmItMmMyMTgwNzE0ZTcx
LzEvY0RFM1RybG5rUW5wR2pqaWl4ZV9KZ3E1MDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAud+IAwQA
ud+LMBgEAgACMBIwEAMGBCoUQ8AQAwYEKhRDwEAwDQYJKoZIhvcNAQELBQADggEB
AIU8tOzXvIlfZn2Rf6xocDxBelg17WzBapiX6QiZOVDCBDF+rdtvEzdPF0QuO/ve
Wb52b2Mk5w5qTaZgIEiHkMDEcVDj364yKCnKQe6sa4swVPc/YPE1Y30intWD0uzF
HHOCTKxMP7JZlzZMaJ/Q0qXE/+Sman5GzdD/E+rn9mf1/wOarF0Oq7D82a8u0eE6
gPCbXkGPG2pDe+khjAo3bNBXBqYsmQknvgdqi/s603FgDKx61K1f4kEKfs/4Be2h
RsGWuDua/sgaN1vT4dOR7yaX0/RP+z/QPhoh9p0KSN7SfTz0D6WIl15bu/ucxsfP
olzw/Nlk1oeyM2/7WQSWlOo=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:10 2025 by rpki-client