Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1QIjwgiI5iCiTuIfcV8Wfv7BzxE.roa
File: 1QIjwgiI5iCiTuIfcV8Wfv7BzxE.roa (raw, json)
Hash identifier: qurGmU6Hn/G8o3qsiBIvq8C+1RusM+BzSRh0OBzoB2c=
Subject key identifier: D5:02:23:C2:08:88:E6:20:A2:4E:E2:1F:71:5F:16:7E:FE:C1:CF:11
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0199CE1EA214DC5EEE40957E27058ABC8027
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1QIjwgiI5iCiTuIfcV8Wfv7BzxE.roa
Signing time: Fri 10 Oct 2025 12:35:38 +0000
ROA not before: Fri 10 Oct 2025 12:35:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 80.242.60.0/24 maxlen: 24
90.156.144.0/24 maxlen: 24
90.156.145.0/24 maxlen: 24
185.39.16.0/24 maxlen: 24
213.109.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:1e:a2:14:dc:5e:ee:40:95:7e:27:05:8a:bc:80:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Oct 10 12:35:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d50223c20888e620a24ee21f715f167efec1cf11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:eb:d4:06:f8:5c:48:f1:65:79:da:0e:73:4e:
ad:32:32:58:04:64:9f:29:2b:19:fc:6d:b6:62:06:
fb:de:f4:12:61:ff:ec:fd:16:67:9c:f1:df:d3:12:
b9:28:d6:84:e5:5c:e3:1a:22:08:ff:28:4c:64:0e:
1c:30:ea:f1:eb:8d:7a:85:b6:37:88:28:3d:de:8e:
89:11:45:5a:49:ae:aa:a2:58:88:16:3d:03:3f:03:
64:91:a9:bf:30:96:41:46:99:f5:16:f6:76:92:a4:
f1:34:69:3c:3f:a5:47:e2:f9:47:3f:f7:3f:ec:93:
5e:5b:55:20:24:0b:ac:63:c5:97:e7:5b:df:d7:2d:
f5:6b:32:57:9b:46:ad:3d:9f:ff:26:a2:6c:17:69:
3e:e5:9a:42:79:7c:84:dc:2f:c1:29:b3:62:7b:3b:
4c:41:1d:64:2c:65:ca:34:28:77:d5:f8:fb:b4:5b:
f5:d1:eb:85:06:7f:cd:6b:bd:8a:7a:cb:37:7e:b8:
16:ae:75:15:ff:f1:b1:a3:68:83:1b:26:2d:78:e4:
c8:6c:58:8e:f4:c2:19:00:e3:2e:e1:c6:9d:e7:9e:
83:94:4b:22:af:dd:f2:e4:d1:ae:4d:f3:33:04:78:
27:18:86:f9:53:92:2b:ba:ae:18:a6:f5:a8:2c:2b:
3b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:02:23:C2:08:88:E6:20:A2:4E:E2:1F:71:5F:16:7E:FE:C1:CF:11
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1QIjwgiI5iCiTuIfcV8Wfv7BzxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.60.0/24
90.156.144.0/23
185.39.16.0/24
213.109.110.0/24
Signature Algorithm: sha256WithRSAEncryption
54:4d:af:e6:d2:f1:db:49:07:e3:3f:4a:0d:96:93:e4:41:31:
2f:e7:be:86:d8:97:ff:f4:ce:f0:16:87:c0:dc:a4:f5:c2:c3:
1b:2b:0e:a5:7a:db:d4:ba:c4:a4:b4:7a:c6:aa:5d:15:43:5f:
ed:87:c4:8a:c6:dc:68:11:89:df:a0:9d:a5:1a:b0:43:25:44:
85:b7:e5:c6:cc:82:fa:b0:19:1a:62:4a:8b:57:46:ae:43:99:
cf:3a:fd:4e:c6:19:66:2e:93:c1:d8:b8:c2:44:70:c0:4c:1a:
8c:27:1b:5c:93:f0:ff:78:a3:ce:ec:0f:59:01:fa:f3:2c:4b:
46:9e:c8:97:40:9c:3a:b1:5c:e1:cb:69:61:6c:38:f0:7d:d9:
7a:af:87:2f:0d:d2:68:51:81:80:e7:4b:44:9f:5f:e2:48:7b:
bb:ed:97:9b:00:e6:51:13:82:c6:53:eb:52:4a:aa:e9:7c:d3:
df:e7:9c:e4:e1:fe:24:49:8e:33:a5:89:1e:f0:c8:29:34:08:
d8:01:60:bb:26:40:e1:85:f7:1f:c1:8d:de:a2:7b:3b:00:ec:
20:b1:1f:3a:4c:89:f5:77:e7:69:3e:e4:fe:e9:a9:e3:26:d4:
46:3c:5a:00:fe:d5:00:1e:6e:1e:de:fa:b0:ba:76:e1:ba:a4:
fc:90:90:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnOHqIU3F7uQJV+JwWKvIAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUxMDEwMTIzNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAyMjNjMjA4ODhlNjIwYTI0ZWUyMWY3MTVmMTY3ZWZlYzFjZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvevUBvhcSPFledoOc06tMjJYBGSf
KSsZ/G22Ygb73vQSYf/s/RZnnPHf0xK5KNaE5VzjGiII/yhMZA4cMOrx6416hbY3
iCg93o6JEUVaSa6qoliIFj0DPwNkkam/MJZBRpn1FvZ2kqTxNGk8P6VH4vlHP/c/
7JNeW1UgJAusY8WX51vf1y31azJXm0atPZ//JqJsF2k+5ZpCeXyE3C/BKbNieztM
QR1kLGXKNCh31fj7tFv10euFBn/Na72Kess3frgWrnUV//Gxo2iDGyYteOTIbFiO
9MIZAOMu4cad556DlEsir93y5NGuTfMzBHgnGIb5U5Iruq4YpvWoLCs7EQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNUCI8IIiOYgok7iH3FfFn7+wc8RMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMVFJandnaUk1aUNpVHVJZmNWOFdmdjdCenhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPI8AwQB
WpyQAwQAuScQAwQA1W1uMA0GCSqGSIb3DQEBCwUAA4IBAQBUTa/m0vHbSQfjP0oN
lpPkQTEv576G2Jf/9M7wFofA3KT1wsMbKw6letvUusSktHrGql0VQ1/th8SKxtxo
EYnfoJ2lGrBDJUSFt+XGzIL6sBkaYkqLV0auQ5nPOv1OxhlmLpPB2LjCRHDATBqM
Jxtck/D/eKPO7A9ZAfrzLEtGnsiXQJw6sVzhy2lhbDjwfdl6r4cvDdJoUYGA50tE
n1/iSHu77ZebAOZRE4LGU+tSSqrpfNPf55zk4f4kSY4zpYke8MgpNAjYAWC7JkDh
hfcfwY3eons7AOwgsR86TIn1d+dpPuT+6anjJtRGPFoA/tUAHm4e3vqwunbhuqT8
kJDP
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:08:59 2025 by rpki-client