Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/2dZgvqLVnr3L7YBNwa-dmAKuNeI.roa
File: 2dZgvqLVnr3L7YBNwa-dmAKuNeI.roa (raw, json)
Hash identifier: x4ULifAZk0DVtPg0u1emvRD3DI0t8YVOlw3nhG2CXgs=
Subject key identifier: D9:D6:60:BE:A2:D5:9E:BD:CB:ED:80:4D:C1:AF:9D:98:02:AE:35:E2
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0199E219AF756248F2BE574689A7A685F102
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/2dZgvqLVnr3L7YBNwa-dmAKuNeI.roa
Signing time: Tue 14 Oct 2025 09:42:38 +0000
ROA not before: Tue 14 Oct 2025 09:42:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 77.111.117.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
91.190.187.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.240.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:19:af:75:62:48:f2:be:57:46:89:a7:a6:85:f1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Oct 14 09:42:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d660bea2d59ebdcbed804dc1af9d9802ae35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:cb:cc:60:8e:43:37:77:f9:d9:6e:c2:3f:
7a:bf:dd:3b:81:c9:89:b8:9c:e4:08:41:f9:ec:6c:
b8:71:7f:52:e0:2a:3d:7f:fa:54:c1:3a:c2:e3:90:
d6:80:87:65:e9:6e:06:79:16:f1:07:5c:ae:a5:43:
92:03:5b:c2:b0:39:ee:4f:00:a5:e0:26:a8:c0:49:
71:1b:ae:3f:39:ca:c3:ca:10:72:64:7d:66:05:2f:
cf:98:c9:c8:be:ae:fa:27:60:37:c6:ca:f7:30:bd:
ce:d3:f6:7e:dd:95:72:3e:2f:39:9a:cd:b1:33:91:
17:03:78:8e:10:86:1c:03:7e:39:f1:e6:ff:f5:32:
bb:41:c9:fa:5e:07:18:ff:88:b0:92:f3:c7:78:d9:
6b:cb:53:f9:a8:dd:1c:92:43:cf:f1:78:79:4c:d4:
22:9d:61:54:8a:59:9d:1b:19:54:39:11:2d:e1:46:
ec:55:6f:c2:c8:1d:32:65:fb:e9:ef:34:bb:ed:29:
b9:ad:c2:88:ab:a4:ab:1a:a9:e3:94:fa:e3:1c:e3:
0a:07:5b:53:e3:ae:39:d4:2d:8e:73:a2:85:73:81:
07:58:68:14:38:87:f1:e6:6c:15:a7:87:2f:8d:d6:
42:f1:b7:21:5c:0e:35:59:d2:8e:ca:69:be:31:9e:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D6:60:BE:A2:D5:9E:BD:CB:ED:80:4D:C1:AF:9D:98:02:AE:35:E2
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/2dZgvqLVnr3L7YBNwa-dmAKuNeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.117.0/24
77.111.123.0/24
91.190.187.0/24
92.61.103.0/24
92.61.106.0/24
92.61.109.0/24
185.112.240.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:f2:66:2c:fe:4e:52:86:1e:b1:1a:69:1d:ae:0d:db:12:9b:
eb:1c:f1:4d:e9:82:5b:0f:28:bf:00:7f:32:0d:db:f3:4d:70:
64:8b:5a:cf:f0:3e:03:b1:4b:52:ce:5b:dd:96:77:9c:29:c4:
b6:34:42:81:b6:3f:08:24:5e:5c:14:3b:84:d0:f3:e2:39:e3:
11:80:df:d0:99:25:89:22:a9:03:26:c4:90:a6:84:43:91:5d:
1c:c3:ef:4f:f2:8c:6c:8c:9f:3f:fe:49:1d:75:02:fc:6f:ef:
09:5f:4b:d0:e7:c0:09:61:c4:7c:15:61:a5:a8:6c:d3:ba:20:
03:45:cf:d1:93:16:f3:05:3e:04:57:19:a5:24:ac:50:e3:56:
f9:2d:41:b8:6d:4d:71:39:ef:db:0f:9b:41:79:54:1e:4b:3f:
4a:8a:8d:c2:74:72:02:77:57:6b:f7:d5:de:fe:25:4d:b9:dd:
5d:00:d3:bc:f9:a2:32:76:13:ab:a2:ac:d1:a6:d4:a2:31:1e:
17:06:b4:45:bc:af:a6:21:fe:d2:b3:b7:76:08:48:76:1c:c6:
e3:c9:d0:a5:32:73:83:07:d4:ed:06:c0:c6:78:f3:87:7f:87:
50:c9:0e:f8:15:c7:43:bc:81:76:f5:15:bd:a1:d1:d6:56:f4:
ba:d6:10:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZniGa91YkjyvldGiaemhfECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUxMDE0MDk0MjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ2NjBiZWEyZDU5ZWJkY2JlZDgwNGRjMWFmOWQ5ODAyYWUzNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN7LzGCOQzd3+dluwj96v907gcmJ
uJzkCEH57Gy4cX9S4Co9f/pUwTrC45DWgIdl6W4GeRbxB1yupUOSA1vCsDnuTwCl
4CaowElxG64/OcrDyhByZH1mBS/PmMnIvq76J2A3xsr3ML3O0/Z+3ZVyPi85ms2x
M5EXA3iOEIYcA3458eb/9TK7Qcn6XgcY/4iwkvPHeNlry1P5qN0ckkPP8Xh5TNQi
nWFUilmdGxlUOREt4UbsVW/CyB0yZfvp7zS77Sm5rcKIq6SrGqnjlPrjHOMKB1tT
46451C2Oc6KFc4EHWGgUOIfx5mwVp4cvjdZC8bchXA41WdKOymm+MZ5ALwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNnWYL6i1Z69y+2ATcGvnZgCrjXiMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvMmRaZ3ZxTFZucjNMN1lCTndhLWRtQUt1TmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATW91AwQA
TW97AwQAW767AwQAXD1nAwQAXD1qAwQAXD1tAwQCuXDwMA0GCSqGSIb3DQEBCwUA
A4IBAQDK8mYs/k5Shh6xGmkdrg3bEpvrHPFN6YJbDyi/AH8yDdvzTXBki1rP8D4D
sUtSzlvdlnecKcS2NEKBtj8IJF5cFDuE0PPiOeMRgN/QmSWJIqkDJsSQpoRDkV0c
w+9P8oxsjJ8//kkddQL8b+8JX0vQ58AJYcR8FWGlqGzTuiADRc/RkxbzBT4EVxml
JKxQ41b5LUG4bU1xOe/bD5tBeVQeSz9Kio3CdHICd1dr99Xe/iVNud1dANO8+aIy
dhOroqzRptSiMR4XBrRFvK+mIf7Ss7d2CEh2HMbjydClMnODB9TtBsDGePOHf4dQ
yQ74FcdDvIF29RW9odHWVvS61hAb
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:05 2025 by rpki-client