Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7I5VBzX-nf-kBAGJlHJCSeXdHZc.roa
File: 7I5VBzX-nf-kBAGJlHJCSeXdHZc.roa (raw, json)
Hash identifier: sFPupxKtkSSA1tX1X/hgV3HB/fe6NzHep7IcC/BWRgI=
Subject key identifier: EC:8E:55:07:35:FE:9D:FF:A4:04:01:89:94:72:42:49:E5:DD:1D:97
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0199FC23F7221CA8C6DC4871A8F9A7B6E332
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7I5VBzX-nf-kBAGJlHJCSeXdHZc.roa
Signing time: Sun 19 Oct 2025 11:03:59 +0000
ROA not before: Sun 19 Oct 2025 11:03:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 176.125.248.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.240.122.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:23:f7:22:1c:a8:c6:dc:48:71:a8:f9:a7:b6:e3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 19 11:03:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec8e550735fe9dffa404018994724249e5dd1d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5c:f5:91:01:ff:81:83:31:5d:29:55:d8:2a:
b0:32:84:4a:6f:a6:4c:f4:96:8a:64:64:40:6a:96:
3d:76:22:e9:6a:1c:cc:07:52:4c:ac:ee:d0:8e:88:
6c:54:98:d9:5f:2d:9d:e2:a4:67:29:0a:e4:d0:5a:
a5:8b:7f:51:3a:54:5a:44:bf:48:18:05:42:bf:79:
85:94:79:4f:0f:3d:98:2e:2d:69:45:cb:08:9e:4c:
15:8a:d8:2d:19:15:8d:04:0d:d4:78:92:1a:b9:32:
b6:b2:e9:c5:5d:d7:d9:18:7b:68:5b:f7:6d:23:bd:
46:96:ba:c1:b8:7c:1b:77:90:d3:f4:6c:de:38:b3:
bf:63:40:f6:22:3b:16:43:75:a8:6c:63:21:da:4b:
9a:83:46:4e:61:3c:6c:7d:f8:f3:d5:76:a1:3f:82:
ce:27:eb:68:ff:03:f2:54:8a:1e:c9:b7:e0:aa:97:
61:b3:cf:75:ce:8f:97:01:71:7b:cc:87:f4:a1:9f:
b0:ab:0b:b2:d5:d9:84:ac:54:20:f2:3b:b0:21:6a:
d7:64:73:98:10:62:99:63:2c:46:ea:ab:f5:8a:8f:
28:04:ff:f6:48:42:57:6d:a2:a5:8e:73:44:12:b9:
9a:5e:41:a5:ff:6a:d7:d2:e0:34:d8:22:b1:bf:6f:
ce:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8E:55:07:35:FE:9D:FF:A4:04:01:89:94:72:42:49:E5:DD:1D:97
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7I5VBzX-nf-kBAGJlHJCSeXdHZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.222.29.0/24
185.240.122.0/24
185.251.231.0/24
193.8.112.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:83:d3:aa:3d:41:d1:79:dc:5f:72:c0:6a:1b:19:34:11:9a:
bc:41:98:17:e4:2e:a8:6d:06:58:e9:9c:57:4c:87:88:78:84:
68:77:2c:a5:b0:59:ee:7f:01:64:b3:2d:3c:1c:83:4f:68:d9:
26:09:0f:a9:f2:6f:4e:b4:7b:8c:37:75:83:b5:d0:ac:14:d1:
87:26:98:0f:a3:78:e3:65:5a:7d:e8:5b:6b:d8:40:84:b8:f5:
7d:e1:f2:d5:5f:ad:44:6f:61:20:58:e3:0a:78:33:24:e9:b7:
02:d2:71:db:c0:c8:a2:c2:35:2b:4b:59:13:5a:0b:57:da:2f:
a6:df:ff:27:92:b6:0f:23:03:99:2b:4c:78:fc:26:c9:30:04:
5c:c8:6f:2f:47:0e:7c:27:b5:f4:8c:82:b6:b2:44:62:1e:c1:
83:de:83:c1:79:65:37:80:49:81:7d:72:1e:b6:5e:ce:1f:cd:
f7:52:2e:03:2f:37:fb:3d:98:44:6e:c8:66:29:1f:03:f2:1d:
15:93:0b:25:67:92:19:60:1c:6a:bf:0b:19:7a:04:ca:5d:20:
25:1d:f0:ca:17:77:47:01:bc:5f:93:91:cd:f6:0a:2f:e1:11:
18:ca:ad:82:ad:25:20:fb:f2:29:3c:8b:7a:fc:a0:d0:07:18:
fe:1d:88:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZn8I/ciHKjG3EhxqPmntuMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMDE5MTEwMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhlNTUwNzM1ZmU5ZGZmYTQwNDAxODk5NDcyNDI0OWU1ZGQxZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21z1kQH/gYMxXSlV2CqwMoRKb6ZM
9JaKZGRAapY9diLpahzMB1JMrO7QjohsVJjZXy2d4qRnKQrk0Fqli39ROlRaRL9I
GAVCv3mFlHlPDz2YLi1pRcsInkwVitgtGRWNBA3UeJIauTK2sunFXdfZGHtoW/dt
I71GlrrBuHwbd5DT9GzeOLO/Y0D2IjsWQ3WobGMh2kuag0ZOYTxsffjz1XahP4LO
J+to/wPyVIoeybfgqpdhs891zo+XAXF7zIf0oZ+wqwuy1dmErFQg8juwIWrXZHOY
EGKZYyxG6qv1io8oBP/2SEJXbaKljnNEErmaXkGl/2rX0uA02CKxv2/OQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOyOVQc1/p3/pAQBiZRyQknl3R2XMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN0k1VkJ6WC1uZi1rQkFHSmxISkNTZVhkSFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsH34AwQA
ud4dAwQAufB6AwQAufvnAwQAwQhwMA0GCSqGSIb3DQEBCwUAA4IBAQCpg9OqPUHR
edxfcsBqGxk0EZq8QZgX5C6obQZY6ZxXTIeIeIRodyylsFnufwFksy08HINPaNkm
CQ+p8m9OtHuMN3WDtdCsFNGHJpgPo3jjZVp96Ftr2ECEuPV94fLVX61Eb2EgWOMK
eDMk6bcC0nHbwMiiwjUrS1kTWgtX2i+m3/8nkrYPIwOZK0x4/CbJMARcyG8vRw58
J7X0jIK2skRiHsGD3oPBeWU3gEmBfXIetl7OH833Ui4DLzf7PZhEbshmKR8D8h0V
kwslZ5IZYBxqvwsZegTKXSAlHfDKF3dHAbxfk5HN9gov4REYyq2CrSUg+/IpPIt6
/KDQBxj+HYg1
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:31:16 2025 by rpki-client