Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/K8EjZ_3WPjwv0W2aNfotejGzQUI.roa
File: K8EjZ_3WPjwv0W2aNfotejGzQUI.roa (raw, json)
Hash identifier: ZD6jTjKGAi5Tbhse2TYNz3HcAvqRtLDhJzjyCqSgJiE=
Subject key identifier: 2B:C1:23:67:FD:D6:3E:3C:2F:D1:6D:9A:35:FA:2D:7A:31:B3:41:42
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0199E829D2DF26EA13C619834228943FBF2E
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/K8EjZ_3WPjwv0W2aNfotejGzQUI.roa
Signing time: Wed 15 Oct 2025 13:57:59 +0000
ROA not before: Wed 15 Oct 2025 13:57:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 193.68.85.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
213.21.233.0/24 maxlen: 24
213.21.235.0/24 maxlen: 24
213.21.242.0/24 maxlen: 24
213.21.246.0/24 maxlen: 24
213.21.250.0/24 maxlen: 24
213.21.251.0/24 maxlen: 24
213.21.252.0/24 maxlen: 24
213.21.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:29:d2:df:26:ea:13:c6:19:83:42:28:94:3f:bf:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Oct 15 13:57:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bc12367fdd63e3c2fd16d9a35fa2d7a31b34142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:4c:6b:e7:7c:bf:45:ce:5d:01:3f:dd:01:
65:59:56:a6:f8:e9:2b:4b:f4:85:45:aa:e0:90:25:
a9:93:6e:46:ac:3f:3d:5d:d4:70:9b:51:a4:29:08:
04:6d:31:d7:04:b9:ed:e8:86:48:e6:cc:e6:3b:b4:
af:c3:a2:07:ba:36:96:3b:8e:89:27:cb:aa:73:aa:
6e:82:1a:08:dd:4c:8a:fd:80:3c:3b:0d:bd:54:67:
86:a3:ba:ff:77:3b:64:33:7f:5b:90:00:f6:ee:ba:
79:8d:4e:d3:56:69:ec:f8:aa:ef:ad:3b:f1:6f:b4:
be:75:24:34:e6:b2:28:01:b3:b1:0c:a5:07:3f:7f:
f8:ce:e6:e3:99:96:b8:23:0b:95:04:f8:38:13:9c:
67:27:8f:b4:fb:4c:0a:8d:6d:04:f9:bd:22:14:90:
1d:9f:2d:3d:fa:68:10:d3:bd:a0:77:8a:8a:63:a1:
bc:c1:f1:57:0a:23:19:af:10:16:c6:cf:d6:fc:61:
7b:28:1d:3d:e8:dd:9b:ec:c6:cf:b2:bd:b2:9c:39:
2e:d8:32:bc:bd:4d:c5:2f:86:bc:f2:93:c2:dc:b3:
e7:10:38:2c:6e:58:13:e0:6d:15:3d:04:0c:b9:3c:
9f:e8:6e:97:d1:9d:e2:96:fe:19:76:b3:3f:dc:38:
f2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C1:23:67:FD:D6:3E:3C:2F:D1:6D:9A:35:FA:2D:7A:31:B3:41:42
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/K8EjZ_3WPjwv0W2aNfotejGzQUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.85.0/24
213.21.229.0/24
213.21.233.0/24
213.21.235.0/24
213.21.242.0/24
213.21.246.0/24
213.21.250.0-213.21.252.255
213.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
76:fa:e3:13:ce:f2:0e:4f:ad:44:e9:d6:65:b0:17:f6:fe:36:
0a:7c:2e:ab:35:f2:96:d3:7d:2b:d3:1d:01:12:8f:d4:21:e7:
af:f0:ef:2d:97:79:fd:b2:2f:4d:0e:e6:8b:47:8b:50:a2:03:
10:f8:23:51:5f:5c:d4:0d:14:75:3f:60:a4:5a:20:8c:a8:79:
5d:db:1f:2c:1d:22:cb:d6:fb:e4:52:3e:25:5d:6d:54:82:5f:
77:58:4c:1f:a2:35:5b:16:4d:98:ae:c7:29:0b:78:c6:8f:f6:
e5:3e:9b:bf:84:68:f1:ae:79:88:82:be:0a:25:99:dd:f3:10:
ce:e6:64:7a:20:b2:d8:4f:73:78:27:0e:dd:aa:45:fb:57:fc:
d6:66:51:1b:df:f3:11:fa:43:8d:23:f9:74:f7:68:b4:df:d5:
94:8a:fc:1d:32:1b:c5:00:c8:8e:5f:fc:1f:66:07:7c:33:7a:
48:77:b9:b8:af:73:24:eb:25:1c:d8:c7:b0:57:2b:b5:57:24:
ac:c6:d8:1c:f7:55:3d:91:6e:73:47:56:77:49:b7:cf:af:61:
c3:10:d1:95:6f:9f:cd:3c:b5:b9:e1:de:ec:90:67:32:77:f2:
50:9f:b1:16:d8:0f:78:31:26:d0:2a:b0:f3:ee:5b:7b:69:f1:
15:65:8f:a4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZnoKdLfJuoTxhmDQiiUP78uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUxMDE1MTM1NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmMxMjM2N2ZkZDYzZTNjMmZkMTZkOWEzNWZhMmQ3YTMxYjM0MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtytMa+d8v0XOXQE/3QFlWVam+Okr
S/SFRargkCWpk25GrD89XdRwm1GkKQgEbTHXBLnt6IZI5szmO7Svw6IHujaWO46J
J8uqc6pughoI3UyK/YA8Ow29VGeGo7r/dztkM39bkAD27rp5jU7TVmns+KrvrTvx
b7S+dSQ05rIoAbOxDKUHP3/4zubjmZa4IwuVBPg4E5xnJ4+0+0wKjW0E+b0iFJAd
ny09+mgQ072gd4qKY6G8wfFXCiMZrxAWxs/W/GF7KB096N2b7MbPsr2ynDku2DK8
vU3FL4a88pPC3LPnEDgsblgT4G0VPQQMuTyf6G6X0Z3ilv4ZdrM/3DjyQwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCvBI2f91j48L9FtmjX6LXoxs0FCMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvSzhFalpfM1dQand2MFcyYU5mb3Rlakd6UVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAwURVAwQA
1RXlAwQA1RXpAwQA1RXrAwQA1RXyAwQA1RX2MAwDBAHVFfoDBADVFfwDBADVFf4w
DQYJKoZIhvcNAQELBQADggEBAHb64xPO8g5PrUTp1mWwF/b+Ngp8Lqs18pbTfSvT
HQESj9Qh56/w7y2Xef2yL00O5otHi1CiAxD4I1FfXNQNFHU/YKRaIIyoeV3bHywd
IsvW++RSPiVdbVSCX3dYTB+iNVsWTZiuxykLeMaP9uU+m7+EaPGueYiCvgolmd3z
EM7mZHogsthPc3gnDt2qRftX/NZmURvf8xH6Q40j+XT3aLTf1ZSK/B0yG8UAyI5f
/B9mB3wzekh3ubivcyTrJRzYx7BXK7VXJKzG2Bz3VT2RbnNHVndJt8+vYcMQ0ZVv
n808tbnh3uyQZzJ38lCfsRbYD3gxJtAqsPPuW3tp8RVlj6Q=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:57 2025 by rpki-client