Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/K4EzHSk1OTprfFu33wbkhRI9yVU.roa
File: K4EzHSk1OTprfFu33wbkhRI9yVU.roa (raw, json)
Hash identifier: kwoZBLXnxtnLuus/aL73h2OdIKgHiGaRAdqLJUprZV4=
Subject key identifier: 2B:81:33:1D:29:35:39:3A:6B:7C:5B:B7:DF:06:E4:85:12:3D:C9:55
Certificate issuer: /CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Certificate serial: 0199DD755566B174E863CFBB51179DC08224
Authority key identifier: B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/K4EzHSk1OTprfFu33wbkhRI9yVU.roa
Signing time: Mon 13 Oct 2025 12:04:38 +0000
ROA not before: Mon 13 Oct 2025 12:04:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215231
IP address blocks: 194.117.72.0/24 maxlen: 24
2a14:2ec6::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.mft
rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:75:55:66:b1:74:e8:63:cf:bb:51:17:9d:c0:82:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Validity
Not Before: Oct 13 12:04:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b81331d2935393a6b7c5bb7df06e485123dc955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:bc:a2:7c:47:c3:34:c2:2e:20:e4:a6:f1:
78:be:8f:71:ae:76:38:c1:3d:49:86:37:7a:ad:81:
97:45:02:7a:c8:fe:a0:76:7c:40:ac:34:7b:34:fd:
ca:6d:f8:57:f5:93:18:96:2e:5a:25:00:3d:ef:2a:
46:d8:2d:8e:78:8d:13:b4:a9:30:fa:7d:46:f5:b0:
68:39:f7:c9:d1:16:38:24:06:8d:b7:35:fc:1b:00:
22:61:86:d9:3c:de:ab:12:e9:6d:73:31:4f:e9:6f:
cb:89:27:4c:77:d4:47:b0:dd:02:6d:8c:7e:26:a8:
e5:5b:06:7b:b6:06:75:bf:a9:7f:27:0f:1a:86:29:
b2:e0:80:dd:74:ae:28:2f:f7:f9:d5:1d:4a:aa:c8:
8f:38:e8:a7:2a:9e:87:9d:9d:7f:6f:ae:94:1b:b4:
1a:4e:b1:14:b5:f7:62:22:2c:f8:01:70:4b:2d:1a:
78:44:ea:f5:45:a4:a4:50:8f:ce:c8:8e:87:e2:19:
40:df:64:16:e5:5a:78:08:11:63:9c:1e:ec:bb:3b:
c2:80:35:6d:3a:10:98:6f:61:b5:8f:c5:45:f3:eb:
f9:4b:99:02:40:d9:e6:a0:a4:96:14:49:4d:53:9e:
31:ed:eb:cf:84:b2:d5:bb:85:7f:a3:19:ff:ca:86:
64:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:81:33:1D:29:35:39:3A:6B:7C:5B:B7:DF:06:E4:85:12:3D:C9:55
X509v3 Authority Key Identifier:
keyid:B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/K4EzHSk1OTprfFu33wbkhRI9yVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.72.0/24
IPv6:
2a14:2ec6::/31
Signature Algorithm: sha256WithRSAEncryption
99:c9:5e:39:8b:f0:d0:6a:0f:61:01:a8:f2:98:09:15:4b:04:
d5:c7:c8:4e:e0:0b:56:12:d2:99:8c:d5:4d:1a:fb:c2:e1:7b:
ee:63:b4:5c:64:88:b4:d7:39:2f:ce:1d:a1:e1:3b:73:bb:6b:
e6:23:e7:7c:07:0f:4b:99:7a:d1:79:e3:c0:a4:20:60:73:02:
49:1f:7b:4a:4d:ba:3e:92:30:78:ac:16:9e:91:f0:1d:a8:39:
85:20:fe:66:b2:99:fd:0f:4f:43:a5:13:3b:89:a5:dc:0f:0c:
ca:fb:c2:40:fb:01:9f:81:d9:3b:49:88:0c:c7:c4:a6:5f:6a:
19:55:ae:3a:db:67:72:bc:2e:fd:a5:f8:a7:7c:3d:d4:c1:e8:
b6:54:1a:f1:a6:7f:b5:20:a4:5d:90:0d:3a:07:cb:7b:00:33:
35:32:1c:8d:16:a9:5b:a4:d7:ce:33:9a:2b:24:ba:7f:d2:c5:
6e:95:bc:28:94:41:19:91:3b:1e:01:dd:d0:0c:88:ba:e4:2c:
95:5a:b6:75:42:02:a2:74:10:8a:74:93:05:75:e6:2e:1e:89:
c6:7a:af:da:ae:e8:76:7c:50:41:5b:93:00:82:38:08:fc:fb:
7a:aa:2b:a8:f0:1f:ee:73:db:f1:3a:7e:71:1b:a8:49:ad:48:
a4:9d:40:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZnddVVmsXToY8+7URedwIIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjY0MDM1MWFiMjFhMGRjN2FhYTE1ZmFiNWIxMTA5Nzc3
MTRhM2MwHhcNMjUxMDEzMTIwNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjgxMzMxZDI5MzUzOTNhNmI3YzViYjdkZjA2ZTQ4NTEyM2RjOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7i8onxHwzTCLiDkpvF4vo9xrnY4
wT1Jhjd6rYGXRQJ6yP6gdnxArDR7NP3KbfhX9ZMYli5aJQA97ypG2C2OeI0TtKkw
+n1G9bBoOffJ0RY4JAaNtzX8GwAiYYbZPN6rEultczFP6W/LiSdMd9RHsN0CbYx+
JqjlWwZ7tgZ1v6l/Jw8ahimy4IDddK4oL/f51R1KqsiPOOinKp6HnZ1/b66UG7Qa
TrEUtfdiIiz4AXBLLRp4ROr1RaSkUI/OyI6H4hlA32QW5Vp4CBFjnB7suzvCgDVt
OhCYb2G1j8VF8+v5S5kCQNnmoKSWFElNU54x7evPhLLVu4V/oxn/yoZkmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCuBMx0pNTk6a3xbt98G5IUSPclVMB8GA1UdIwQY
MBaAFLImQDUashoNx6qhX6tbEQl3cUo8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQt
MTc5ZTZlNDI5MGMwLzEvSzRFekhTazFPVHByZkZ1MzN3YmtoUkk5eVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQtMTc5ZTZlNDI5MGMw
LzEvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnVIMA0E
AgACMAcDBQEqFC7GMA0GCSqGSIb3DQEBCwUAA4IBAQCZyV45i/DQag9hAajymAkV
SwTVx8hO4AtWEtKZjNVNGvvC4XvuY7RcZIi01zkvzh2h4Ttzu2vmI+d8Bw9LmXrR
eePApCBgcwJJH3tKTbo+kjB4rBaekfAdqDmFIP5mspn9D09DpRM7iaXcDwzK+8JA
+wGfgdk7SYgMx8SmX2oZVa4622dyvC79pfinfD3Uwei2VBrxpn+1IKRdkA06B8t7
ADM1MhyNFqlbpNfOM5orJLp/0sVulbwolEEZkTseAd3QDIi65CyVWrZ1QgKidBCK
dJMFdeYuHonGeq/aruh2fFBBW5MAgjgI/Pt6qiuo8B/uc9vxOn5xG6hJrUiknUDz
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:08 2025 by rpki-client