Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/2z6IIqozQyPH_vBQ1I8B_OaBk44.roa
File: 2z6IIqozQyPH_vBQ1I8B_OaBk44.roa (raw, json)
Hash identifier: IqSfTrxbeJd952CmJYdHNDtutp36feaLwKnioO9qAl0=
Subject key identifier: DB:3E:88:22:AA:33:43:23:C7:FE:F0:50:D4:8F:01:FC:E6:81:93:8E
Certificate issuer: /CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Certificate serial: 0199E689DA38A49AB29028927C92045C3603
Authority key identifier: F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/2z6IIqozQyPH_vBQ1I8B_OaBk44.roa
Signing time: Wed 15 Oct 2025 06:23:37 +0000
ROA not before: Wed 15 Oct 2025 06:23:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207190
IP address blocks: 45.141.68.0/22 maxlen: 22
45.141.68.0/24 maxlen: 24
45.141.69.0/24 maxlen: 24
45.141.70.0/24 maxlen: 24
45.141.71.0/24 maxlen: 24
178.236.40.0/21 maxlen: 21
178.236.40.0/23 maxlen: 23
178.236.40.0/24 maxlen: 24
178.236.41.0/24 maxlen: 24
178.236.42.0/23 maxlen: 23
178.236.42.0/24 maxlen: 24
178.236.43.0/24 maxlen: 24
178.236.44.0/24 maxlen: 24
178.236.47.0/24 maxlen: 24
193.218.38.0/23 maxlen: 23
193.218.38.0/24 maxlen: 24
193.218.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e6:89:da:38:a4:9a:b2:90:28:92:7c:92:04:5c:36:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Validity
Not Before: Oct 15 06:23:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db3e8822aa334323c7fef050d48f01fce681938e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:c6:1c:28:21:01:88:18:46:02:55:47:a5:
23:e6:db:ed:20:8a:7c:3b:16:d3:8f:23:dc:b3:6d:
4c:4c:6d:00:92:f4:a8:f9:dd:20:28:d8:ee:57:bd:
f8:6b:d6:8a:71:12:9c:1e:53:37:26:58:1c:60:a2:
d6:14:c6:2e:15:d1:73:8a:43:11:bf:66:32:39:b3:
62:59:13:fc:34:0a:26:c9:e4:6e:0c:be:8c:db:37:
72:7f:f8:6f:e1:42:ff:1e:1f:bc:9c:23:6c:13:fe:
d0:bc:b8:b5:9d:e1:f5:2c:59:1d:c2:d7:3f:8d:d5:
41:c8:76:f3:91:9b:79:18:d0:d2:61:80:21:8b:56:
bc:a4:8a:e4:4d:f8:e5:15:cc:5f:f2:00:e7:79:98:
32:c0:d6:60:fe:a3:4f:87:09:6e:e9:74:0e:73:58:
e0:c6:3d:eb:99:92:da:d4:0c:ee:4b:59:81:b1:35:
9d:97:60:63:d8:f4:94:e5:40:90:ec:3f:45:d8:16:
e1:ac:63:3e:0a:53:67:5e:bd:e4:ba:5f:55:e3:1f:
d7:69:29:ab:7e:53:8e:ab:49:ce:67:8b:4d:1b:48:
5f:28:f7:d4:9b:39:1d:03:b4:70:8c:64:03:c4:cd:
df:cc:cd:bd:14:8a:9e:68:db:06:08:ab:c0:f7:1d:
06:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3E:88:22:AA:33:43:23:C7:FE:F0:50:D4:8F:01:FC:E6:81:93:8E
X509v3 Authority Key Identifier:
keyid:F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/2z6IIqozQyPH_vBQ1I8B_OaBk44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.68.0/22
178.236.40.0/21
193.218.38.0/23
Signature Algorithm: sha256WithRSAEncryption
29:23:c6:1c:59:fe:05:c3:32:0b:db:0e:d6:b8:8f:58:da:30:
cc:5f:0a:a3:04:dd:72:a0:ab:76:94:62:e3:7c:a0:eb:12:1c:
9f:da:a9:ae:69:c7:90:b5:38:d2:cb:af:87:e9:98:f0:92:1f:
f7:6b:78:ae:cc:17:3c:c9:4b:35:b1:57:65:c7:61:85:a2:65:
a3:d3:e6:b7:fc:b2:73:6d:01:5a:eb:cc:3c:c7:08:6a:12:33:
e5:be:e7:d8:e8:d4:76:64:8f:76:bc:3c:66:4c:bc:53:fb:d6:
9c:4d:08:1b:df:25:23:0e:ad:3a:18:a8:07:58:6f:24:5d:41:
73:01:ac:7e:ed:6f:44:d3:1e:30:35:71:22:05:0e:cb:07:0d:
0e:a7:97:73:92:8d:ac:28:c8:a8:ec:88:4d:43:e9:90:ac:0f:
e3:1f:23:95:6c:df:87:d5:c0:64:b6:ec:0e:c7:1d:1d:63:f6:
e9:3b:bb:00:47:dd:37:4c:a8:1d:78:a1:9b:b9:7f:dd:bc:78:
50:64:f6:53:54:bc:b9:f9:c2:00:73:65:99:3c:73:cb:59:89:
98:5b:a6:af:05:02:c8:a5:10:6e:9b:aa:76:93:d7:73:0d:f1:
fb:dc:55:eb:3c:b7:28:70:01:ae:2b:e4:cc:51:c9:9b:b5:06:
21:bf:9d:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnmido4pJqykCiSfJIEXDYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODJjYjEzZGRlMTI2NThjZGFjMThjYWNhZTkxZmJiZjVj
NTgwOTAwHhcNMjUxMDE1MDYyMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNlODgyMmFhMzM0MzIzYzdmZWYwNTBkNDhmMDFmY2U2ODE5MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4nGHCghAYgYRgJVR6Uj5tvtIIp8
OxbTjyPcs21MTG0AkvSo+d0gKNjuV734a9aKcRKcHlM3JlgcYKLWFMYuFdFzikMR
v2YyObNiWRP8NAomyeRuDL6M2zdyf/hv4UL/Hh+8nCNsE/7QvLi1neH1LFkdwtc/
jdVByHbzkZt5GNDSYYAhi1a8pIrkTfjlFcxf8gDneZgywNZg/qNPhwlu6XQOc1jg
xj3rmZLa1AzuS1mBsTWdl2Bj2PSU5UCQ7D9F2BbhrGM+ClNnXr3kul9V4x/XaSmr
flOOq0nOZ4tNG0hfKPfUmzkdA7RwjGQDxM3fzM29FIqeaNsGCKvA9x0GhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNs+iCKqM0Mjx/7wUNSPAfzmgZOOMB8GA1UdIwQY
MBaAFPOCyxPd4SZYzawYysrpH7v1xYCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDIt
OTcwNDI4OTFlYjk5LzEvMno2SUlxb3pReVBIX3ZCUTFJOEJfT2FCazQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDItOTcwNDI4OTFlYjk5
LzEvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY1EAwQD
suwoAwQBwdomMA0GCSqGSIb3DQEBCwUAA4IBAQApI8YcWf4FwzIL2w7WuI9Y2jDM
XwqjBN1yoKt2lGLjfKDrEhyf2qmuaceQtTjSy6+H6Zjwkh/3a3iuzBc8yUs1sVdl
x2GFomWj0+a3/LJzbQFa68w8xwhqEjPlvufY6NR2ZI92vDxmTLxT+9acTQgb3yUj
Dq06GKgHWG8kXUFzAax+7W9E0x4wNXEiBQ7LBw0Op5dzko2sKMio7IhNQ+mQrA/j
HyOVbN+H1cBktuwOxx0dY/bpO7sAR903TKgdeKGbuX/dvHhQZPZTVLy5+cIAc2WZ
PHPLWYmYW6avBQLIpRBum6p2k9dzDfH73FXrPLcocAGuK+TMUcmbtQYhv53q
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:43:02 2025 by rpki-client