Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AeRW2IzzHa8sgYjrW7QogaL1WWo.roa
File: AeRW2IzzHa8sgYjrW7QogaL1WWo.roa (raw, json)
Hash identifier: mOgxIrog/AxUhk6U2thPlE/gzaz0gGobQDleoJHGSnw=
Subject key identifier: 01:E4:56:D8:8C:F3:1D:AF:2C:81:88:EB:5B:B4:28:81:A2:F5:59:6A
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0199150CCC3AFE12ED6F94E065FB47B1A092
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AeRW2IzzHa8sgYjrW7QogaL1WWo.roa
Signing time: Thu 04 Sep 2025 14:06:24 +0000
ROA not before: Thu 04 Sep 2025 14:06:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212335
IP address blocks: 2.58.233.0/24 maxlen: 24
45.9.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:0c:cc:3a:fe:12:ed:6f:94:e0:65:fb:47:b1:a0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 4 14:06:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01e456d88cf31daf2c8188eb5bb42881a2f5596a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:ec:56:ef:eb:8a:b3:72:2d:18:bf:24:32:
cd:3c:8c:87:ec:b7:92:42:ec:4c:d2:58:d5:94:f9:
2c:df:ac:fe:fb:41:e2:44:3c:21:df:bd:af:69:6e:
d0:7e:f7:aa:5f:2e:2c:1f:50:1d:07:0b:22:ad:ff:
2d:48:7c:ad:78:f8:61:cc:5c:38:12:76:28:fc:b1:
66:cf:72:b7:33:41:05:a7:d3:bb:f7:8e:d9:44:04:
d8:cf:67:1a:17:6c:05:d7:da:48:f7:89:61:4c:b2:
2f:45:22:c4:ec:9a:ae:f7:f3:35:0f:e7:6c:b1:a6:
3d:7d:68:c7:15:83:76:61:cd:e6:00:02:18:1d:85:
e7:84:3c:f4:db:c0:0e:f5:bc:2d:cf:03:83:7c:d4:
80:82:81:41:55:5e:64:0e:0e:f2:0a:61:ff:75:35:
1b:cf:1d:12:71:32:1c:14:3a:20:f6:70:2c:a2:a2:
a3:8a:93:fd:20:f9:25:66:96:0e:ce:62:79:e5:53:
67:a5:06:87:e3:1e:c4:c3:1c:f2:fd:14:b8:01:a9:
8d:35:f6:ff:b8:e3:87:f9:b7:d6:3c:ce:b1:69:9b:
1e:69:56:6d:bd:8a:7c:f6:b4:24:e7:ab:03:4d:7a:
f2:5f:45:66:c6:12:8e:8c:ea:bf:28:44:92:4c:cd:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E4:56:D8:8C:F3:1D:AF:2C:81:88:EB:5B:B4:28:81:A2:F5:59:6A
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/AeRW2IzzHa8sgYjrW7QogaL1WWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.233.0/24
45.9.154.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6b:3d:45:3a:d1:42:6c:c4:71:b1:e2:90:ca:6c:c1:00:8f:
ea:b7:4f:3b:78:d2:74:81:f1:70:f9:9f:86:2e:a8:5f:44:73:
d7:df:e5:ee:11:08:03:83:6e:7d:d2:3d:ad:6c:cc:6b:21:91:
b3:da:4a:be:10:e3:9d:80:93:16:5d:a6:5a:7c:33:07:40:1d:
3b:aa:80:8d:9f:bf:c4:dd:a8:73:73:a8:3a:40:bd:51:3d:d2:
c1:d0:49:51:49:ae:03:64:e6:df:f8:2c:ae:30:fc:09:3c:6a:
a1:5f:51:b6:c0:4b:1d:b6:19:ca:c4:91:c6:76:fc:b1:c4:c4:
33:a1:0f:33:98:f6:39:b1:e4:15:26:25:63:2d:d1:8a:f4:90:
9e:78:8c:26:e9:0d:43:b0:20:1c:5f:02:6b:70:78:4a:80:85:
17:b4:d2:10:98:15:17:a1:8e:6f:0f:78:43:f8:81:49:32:4b:
97:c3:ba:8d:c5:c5:18:95:2c:5a:37:0a:d2:f1:9d:45:65:04:
90:4c:d3:47:81:87:2d:33:1a:2b:ff:d8:f9:7b:f1:ab:f0:70:
83:4b:6d:11:e5:2b:ce:b6:25:1e:0c:e0:44:60:a5:45:3e:aa:
d0:37:4c:12:70:1c:bf:a8:ef:8b:3d:a2:36:48:61:e7:44:24:
e6:67:a0:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkVDMw6/hLtb5TgZftHsaCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTA0MTQwNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU0NTZkODhjZjMxZGFmMmM4MTg4ZWI1YmI0Mjg4MWEyZjU1OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0bsVu/rirNyLRi/JDLNPIyH7LeS
QuxM0ljVlPks36z++0HiRDwh372vaW7QfveqXy4sH1AdBwsirf8tSHytePhhzFw4
EnYo/LFmz3K3M0EFp9O7947ZRATYz2caF2wF19pI94lhTLIvRSLE7Jqu9/M1D+ds
saY9fWjHFYN2Yc3mAAIYHYXnhDz028AO9bwtzwODfNSAgoFBVV5kDg7yCmH/dTUb
zx0ScTIcFDog9nAsoqKjipP9IPklZpYOzmJ55VNnpQaH4x7Ewxzy/RS4AamNNfb/
uOOH+bfWPM6xaZseaVZtvYp89rQk56sDTXryX0VmxhKOjOq/KESSTM3T0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAHkVtiM8x2vLIGI61u0KIGi9VlqMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvQWVSVzJJenpIYThzZ1lqclc3UW9nYUwxV1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjrpAwQA
LQmaMA0GCSqGSIb3DQEBCwUAA4IBAQBPaz1FOtFCbMRxseKQymzBAI/qt087eNJ0
gfFw+Z+GLqhfRHPX3+XuEQgDg2590j2tbMxrIZGz2kq+EOOdgJMWXaZafDMHQB07
qoCNn7/E3ahzc6g6QL1RPdLB0ElRSa4DZObf+CyuMPwJPGqhX1G2wEsdthnKxJHG
dvyxxMQzoQ8zmPY5seQVJiVjLdGK9JCeeIwm6Q1DsCAcXwJrcHhKgIUXtNIQmBUX
oY5vD3hD+IFJMkuXw7qNxcUYlSxaNwrS8Z1FZQSQTNNHgYctMxor/9j5e/Gr8HCD
S20R5SvOtiUeDOBEYKVFPqrQN0wScBy/qO+LPaI2SGHnRCTmZ6AP
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:33 2025 by rpki-client