Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/bk2E2MwznVO9fyeEdSNKPr5qf4g.roa
File: bk2E2MwznVO9fyeEdSNKPr5qf4g.roa (raw, json)
Hash identifier: koJYcFmVjppjNe30QYkPLjnztCXTOqE8zj4CJBsH3wk=
Subject key identifier: 6E:4D:84:D8:CC:33:9D:53:BD:7F:27:84:75:23:4A:3E:BE:6A:7F:88
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 0198A37128995A5A409AB2452B0C1DD6F05D
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/bk2E2MwznVO9fyeEdSNKPr5qf4g.roa
Signing time: Wed 13 Aug 2025 12:39:18 +0000
ROA not before: Wed 13 Aug 2025 12:39:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209898
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
185.203.114.0/23 maxlen: 23
2a09:2940::/29 maxlen: 48
2a0a:e5c0::/29 maxlen: 48
2a0a:e5c0:1::/48 maxlen: 48
2a0a:e5c0:2::/48 maxlen: 48
2a0a:e5c1:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:71:28:99:5a:5a:40:9a:b2:45:2b:0c:1d:d6:f0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Aug 13 12:39:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e4d84d8cc339d53bd7f278475234a3ebe6a7f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9f:42:f7:9a:d7:e1:2a:93:37:1a:bd:29:f0:
95:f0:1e:79:b0:a1:38:fa:a2:ff:c7:ab:11:b8:bb:
07:57:38:03:65:df:57:ea:b3:e6:04:2e:8d:ca:46:
d2:a4:6a:d8:86:5a:9e:b7:ce:81:02:32:32:85:d4:
22:30:c4:db:9d:88:8c:a2:30:28:9f:32:04:3d:52:
dd:b5:cf:7d:ac:50:51:be:95:0f:e5:d3:53:f2:ab:
f9:f8:5f:0f:b8:86:0b:04:35:09:6c:b9:50:61:74:
c7:1f:bf:27:27:b9:86:a6:e6:dd:9f:e0:ba:91:e1:
f0:09:f2:42:47:ea:6e:8d:d7:f5:ca:50:60:e7:1a:
23:ce:18:6a:42:d8:50:46:3d:e5:05:49:aa:0f:73:
5a:88:99:79:9b:0c:67:b2:45:61:01:6b:5d:a9:52:
a7:f7:81:ae:05:48:80:c3:e8:5f:62:4a:4b:30:38:
87:8d:d5:e4:b7:c4:30:31:c7:e3:62:8c:5c:08:d6:
3e:41:03:3c:22:c9:57:e2:bf:f9:58:cc:e2:c5:52:
e0:a1:d9:fb:a9:d7:3c:af:37:7b:96:d0:a9:41:06:
6a:9f:8a:82:83:b2:e3:eb:f5:bb:cf:a9:95:6d:2a:
ed:72:56:0a:d2:a8:3c:4e:be:15:1b:35:ae:92:a2:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4D:84:D8:CC:33:9D:53:BD:7F:27:84:75:23:4A:3E:BE:6A:7F:88
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/bk2E2MwznVO9fyeEdSNKPr5qf4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
185.203.114.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:ec:41:53:13:e7:76:33:1d:7f:5d:0b:b5:6b:f6:e9:d6:a1:
92:29:8c:55:bc:a4:08:23:3a:bb:8e:1a:08:10:c8:7b:b8:b1:
fe:38:45:e5:a4:b5:31:ef:cf:10:6b:da:35:a5:23:ff:3c:19:
a6:35:76:2f:8c:21:34:22:28:e2:2d:f6:c8:b2:cb:87:5b:83:
44:a6:cb:a9:2c:2b:82:5d:27:30:7b:ec:f7:8c:a0:50:9a:64:
f3:92:21:36:8d:b9:c7:2e:41:ce:91:52:9e:a5:8a:85:f3:01:
f7:7e:2a:a6:bd:30:06:c2:10:bd:19:3c:5e:bc:74:7d:a2:3e:
be:cb:f8:15:0f:13:8c:ba:26:d1:37:6b:df:4f:ec:62:21:53:
b1:5d:de:29:ea:4e:16:57:30:b1:7a:f5:19:0a:45:36:c0:36:
ee:52:3a:08:34:33:2b:67:37:9b:60:1f:54:4e:65:b4:10:2a:
b7:ec:d4:9c:58:fd:7f:94:99:25:d3:df:3f:e0:94:99:b2:d4:
09:96:7a:4a:99:07:0a:f1:30:70:e4:d9:a1:9c:3b:52:28:d0:
77:39:f3:2c:c1:17:7d:a8:af:4d:b4:25:e3:9f:32:16:ae:45:
80:4e:28:c9:0c:11:7c:53:e4:5d:39:a9:de:f1:99:e1:b5:82:
cf:a6:03:0c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZijcSiZWlpAmrJFKwwd1vBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjUwODEzMTIzOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRkODRkOGNjMzM5ZDUzYmQ3ZjI3ODQ3NTIzNGEzZWJlNmE3Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1J9C95rX4SqTNxq9KfCV8B55sKE4
+qL/x6sRuLsHVzgDZd9X6rPmBC6NykbSpGrYhlqet86BAjIyhdQiMMTbnYiMojAo
nzIEPVLdtc99rFBRvpUP5dNT8qv5+F8PuIYLBDUJbLlQYXTHH78nJ7mGpubdn+C6
keHwCfJCR+pujdf1ylBg5xojzhhqQthQRj3lBUmqD3NaiJl5mwxnskVhAWtdqVKn
94GuBUiAw+hfYkpLMDiHjdXkt8QwMcfjYoxcCNY+QQM8IslX4r/5WMzixVLgodn7
qdc8rzd7ltCpQQZqn4qCg7Lj6/W7z6mVbSrtclYK0qg8Tr4VGzWukqIK3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG5NhNjMM51TvX8nhHUjSj6+an+IMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvYmsyRTJNd3puVk85ZnllRWRTTktQcjVxZjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB
k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC
AQEAUuxBUxPndjMdf10LtWv26dahkimMVbykCCM6u44aCBDIe7ix/jhF5aS1Me/P
EGvaNaUj/zwZpjV2L4whNCIo4i32yLLLh1uDRKbLqSwrgl0nMHvs94ygUJpk85Ih
No25xy5BzpFSnqWKhfMB934qpr0wBsIQvRk8Xrx0faI+vsv4FQ8TjLom0Tdr30/s
YiFTsV3eKepOFlcwsXr1GQpFNsA27lI6CDQzK2c3m2AfVE5ltBAqt+zUnFj9f5SZ
JdPfP+CUmbLUCZZ6SpkHCvEwcOTZoZw7UijQdznzLMEXfaivTbQl458yFq5FgE4o
yQwRfFPkXTmp3vGZ4bWCz6YDDA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:39:38 2025 by rpki-client