Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/2-HRD6bwoabjO9Qn710S3v32VoI.roa
File: 2-HRD6bwoabjO9Qn710S3v32VoI.roa (raw, json)
Hash identifier: kexWRD+OmA3dG4m2fY8icqYNslO76EO40+SSv1pEbyw=
Subject key identifier: DB:E1:D1:0F:A6:F0:A1:A6:E3:3B:D4:27:EF:5D:12:DE:FD:F6:56:82
Certificate issuer: /CN=24f4b9f485642089f36b174d9642dc4837ff4d24
Certificate serial: 0199ECE6E5620756FB965B22A2B641A88CFD
Authority key identifier: 24:F4:B9:F4:85:64:20:89:F3:6B:17:4D:96:42:DC:48:37:FF:4D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JPS59IVkIInzaxdNlkLcSDf_TSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/2-HRD6bwoabjO9Qn710S3v32VoI.roa
Signing time: Thu 16 Oct 2025 12:02:58 +0000
ROA not before: Thu 16 Oct 2025 12:02:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215130
IP address blocks: 45.129.73.0/24 maxlen: 24
83.142.28.0/24 maxlen: 24
2a14:3940::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/JPS59IVkIInzaxdNlkLcSDf_TSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/JPS59IVkIInzaxdNlkLcSDf_TSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JPS59IVkIInzaxdNlkLcSDf_TSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:e6:e5:62:07:56:fb:96:5b:22:a2:b6:41:a8:8c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24f4b9f485642089f36b174d9642dc4837ff4d24
Validity
Not Before: Oct 16 12:02:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbe1d10fa6f0a1a6e33bd427ef5d12defdf65682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:01:31:42:60:01:fc:de:17:74:df:0a:6c:96:
6b:af:5f:76:45:46:48:10:5b:b1:76:8f:c1:1b:c4:
f5:1c:14:96:c9:4b:f4:ad:51:28:50:da:47:c7:6c:
60:b9:6f:40:0c:70:5c:22:4c:c0:7f:a0:0d:29:59:
3e:46:cd:aa:1b:dc:45:24:d2:1a:fe:a4:07:5b:25:
1d:5f:15:e6:6a:f0:ea:23:6e:3b:5d:de:2f:86:3d:
e5:15:fa:75:28:b5:5c:31:60:46:93:1e:c7:88:4b:
f5:80:c4:ad:6e:bd:07:ac:e1:f2:dc:c3:22:a5:11:
4e:1d:94:67:3e:6a:8a:cf:e7:5d:73:21:5b:c1:55:
f7:a9:e3:83:95:28:b4:5f:e0:4a:b3:1c:f9:c0:ec:
c4:42:b0:d2:07:04:45:1d:6c:e6:5f:aa:a2:3b:c3:
d9:c0:40:69:77:de:b4:1a:04:28:21:87:95:de:19:
93:83:6d:5d:0f:6a:a3:36:9b:96:74:c0:29:86:cb:
cf:41:60:08:74:bc:bf:fe:2b:ea:45:d4:58:7e:8f:
2e:52:ed:1c:d3:b7:79:2d:f6:27:f4:57:50:6c:be:
e1:e6:74:d9:b7:aa:a6:fa:1b:f0:42:5f:10:c7:4f:
65:31:48:95:fd:1c:da:f8:96:23:5a:e5:fc:fe:84:
4f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:D1:0F:A6:F0:A1:A6:E3:3B:D4:27:EF:5D:12:DE:FD:F6:56:82
X509v3 Authority Key Identifier:
keyid:24:F4:B9:F4:85:64:20:89:F3:6B:17:4D:96:42:DC:48:37:FF:4D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPS59IVkIInzaxdNlkLcSDf_TSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/2-HRD6bwoabjO9Qn710S3v32VoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/JPS59IVkIInzaxdNlkLcSDf_TSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.73.0/24
83.142.28.0/24
IPv6:
2a14:3940::/29
Signature Algorithm: sha256WithRSAEncryption
52:22:db:dc:42:68:f2:20:0e:0e:1f:aa:c2:63:ae:32:14:14:
e7:19:f6:6a:a1:aa:36:c1:1f:dd:cd:69:11:13:27:a5:27:c6:
32:10:4f:27:e5:06:df:c3:e1:da:b4:7c:c5:06:61:99:c1:19:
8f:2e:ce:c7:e7:23:14:6f:5f:2e:6b:88:77:47:ac:cb:a4:b7:
29:d0:77:66:f3:56:af:fa:7f:fc:76:f3:ff:ed:8a:d1:a3:97:
85:e7:d0:48:e9:c3:9e:16:e7:81:89:b6:01:7b:64:3f:93:37:
91:2c:4b:7b:83:5f:3c:c7:b5:c7:9e:9e:ec:68:5a:98:87:9a:
1a:7d:f0:45:4e:95:bf:e0:f9:4f:90:ee:55:78:e4:60:44:18:
24:d9:4b:05:da:31:46:4b:99:f2:fe:fe:c1:a2:2e:07:c3:64:
8e:81:33:75:2e:bc:06:e5:60:bf:1f:e5:21:44:35:25:77:ff:
da:9a:ff:6e:ae:43:e3:e7:73:2a:e8:39:f1:7b:b2:8f:4b:1d:
51:0b:30:2b:ca:d1:22:c6:5d:ef:83:a6:85:32:2e:3e:56:bc:
4f:17:33:74:35:7a:ca:c7:db:84:10:97:b5:e9:80:d1:f8:bf:
da:1e:64:43:bf:3b:01:bc:8a:30:b8:dc:9c:b2:76:4b:d0:1e:
90:2e:83:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZns5uViB1b7llsiorZBqIz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZjRiOWY0ODU2NDIwODlmMzZiMTc0ZDk2NDJkYzQ4Mzdm
ZjRkMjQwHhcNMjUxMDE2MTIwMjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUxZDEwZmE2ZjBhMWE2ZTMzYmQ0MjdlZjVkMTJkZWZkZjY1NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAExQmAB/N4XdN8KbJZrr192RUZI
EFuxdo/BG8T1HBSWyUv0rVEoUNpHx2xguW9ADHBcIkzAf6ANKVk+Rs2qG9xFJNIa
/qQHWyUdXxXmavDqI247Xd4vhj3lFfp1KLVcMWBGkx7HiEv1gMStbr0HrOHy3MMi
pRFOHZRnPmqKz+ddcyFbwVX3qeODlSi0X+BKsxz5wOzEQrDSBwRFHWzmX6qiO8PZ
wEBpd960GgQoIYeV3hmTg21dD2qjNpuWdMAphsvPQWAIdLy//ivqRdRYfo8uUu0c
07d5LfYn9FdQbL7h5nTZt6qm+hvwQl8Qx09lMUiV/Rza+JYjWuX8/oRP4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNvh0Q+m8KGm4zvUJ+9dEt799laCMB8GA1UdIwQY
MBaAFCT0ufSFZCCJ82sXTZZC3Eg3/00kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlBTNTlJVmtJSW56YXhkTmxrTGNTRGZfVFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jNDdlOTAtMGYwOC00NjNiLTg4MTAt
YzA3Yjk4ZjZlNzY1LzEvMi1IUkQ2YndvYWJqTzlRbjcxMFMzdjMyVm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jNDdlOTAtMGYwOC00NjNiLTg4MTAtYzA3Yjk4ZjZlNzY1
LzEvSlBTNTlJVmtJSW56YXhkTmxrTGNTRGZfVFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYFJAwQA
U44cMA0EAgACMAcDBQMqFDlAMA0GCSqGSIb3DQEBCwUAA4IBAQBSItvcQmjyIA4O
H6rCY64yFBTnGfZqoao2wR/dzWkREyelJ8YyEE8n5Qbfw+HatHzFBmGZwRmPLs7H
5yMUb18ua4h3R6zLpLcp0Hdm81av+n/8dvP/7YrRo5eF59BI6cOeFueBibYBe2Q/
kzeRLEt7g188x7XHnp7saFqYh5oaffBFTpW/4PlPkO5VeORgRBgk2UsF2jFGS5ny
/v7Boi4Hw2SOgTN1LrwG5WC/H+UhRDUld//amv9urkPj53Mq6Dnxe7KPSx1RCzAr
ytEixl3vg6aFMi4+VrxPFzN0NXrKx9uEEJe16YDR+L/aHmRDvzsBvIowuNycsnZL
0B6QLoOE
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:36 2025 by rpki-client