Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/7RcVSPQCzSAD9Z0YjuHlePGDFWg.roa
File: 7RcVSPQCzSAD9Z0YjuHlePGDFWg.roa (raw, json)
Hash identifier: S4IS55wph67wbgnwoP307vg7B/Zu/I71h/swmOXFGuE=
Subject key identifier: ED:17:15:48:F4:02:CD:20:03:F5:9D:18:8E:E1:E5:78:F1:83:15:68
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01995D9B2B59546F940DFC6BC19B965D67B9
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/7RcVSPQCzSAD9Z0YjuHlePGDFWg.roa
Signing time: Thu 18 Sep 2025 16:14:34 +0000
ROA not before: Thu 18 Sep 2025 16:14:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.58.99.0/24 maxlen: 24
91.240.33.0/24 maxlen: 24
109.196.104.0/24 maxlen: 24
109.196.106.0/24 maxlen: 24
109.196.107.0/24 maxlen: 24
109.196.108.0/24 maxlen: 24
109.196.109.0/24 maxlen: 24
109.196.111.0/24 maxlen: 24
176.101.57.0/24 maxlen: 24
176.101.58.0/24 maxlen: 24
176.101.59.0/24 maxlen: 24
176.101.60.0/24 maxlen: 24
176.101.61.0/24 maxlen: 24
176.101.62.0/24 maxlen: 24
176.101.63.0/24 maxlen: 24
213.109.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:9b:2b:59:54:6f:94:0d:fc:6b:c1:9b:96:5d:67:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Sep 18 16:14:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed171548f402cd2003f59d188ee1e578f1831568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f6:c2:cf:f5:ba:e1:b8:ee:c0:7d:ca:6c:30:
ef:5b:ec:f2:8e:62:ba:36:95:97:88:a9:20:b0:0d:
be:76:71:d0:ad:8b:42:ff:f4:9d:d4:3c:77:be:94:
7c:05:23:d6:8b:16:1e:7f:bc:75:dc:c9:1f:a3:8f:
11:da:67:58:b2:78:8c:84:f5:fa:b5:82:61:4a:dc:
fb:fb:25:fb:f1:10:ab:a3:b3:81:1c:97:6e:ea:21:
0e:17:9c:ef:a2:3a:f4:cb:4e:7e:be:c4:bd:69:12:
6e:3a:b5:9d:c4:c9:79:93:cc:db:dc:29:fe:35:e0:
1a:fe:4b:8f:7c:0e:5c:0e:60:1e:ef:1f:5f:f0:dd:
b5:a3:c8:0e:f2:5a:a2:a8:26:11:b1:99:7b:17:c6:
55:1a:06:b7:32:c0:79:96:b5:10:6a:c8:ad:7c:53:
1d:db:15:40:07:8b:05:a6:53:76:7a:ce:91:75:f8:
38:de:55:13:61:80:88:27:e6:20:2e:de:84:ac:69:
42:97:b5:b2:b7:f2:31:7d:d7:4d:f5:3d:24:74:94:
ba:a2:cd:ae:53:d1:df:0e:54:e7:53:62:15:a4:4a:
44:73:84:13:da:44:82:51:5e:4d:48:fb:0b:00:f8:
29:43:b5:78:4e:06:15:63:09:ea:1e:3c:04:42:e5:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:17:15:48:F4:02:CD:20:03:F5:9D:18:8E:E1:E5:78:F1:83:15:68
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/7RcVSPQCzSAD9Z0YjuHlePGDFWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.99.0/24
91.240.33.0/24
109.196.104.0/24
109.196.106.0-109.196.109.255
109.196.111.0/24
176.101.57.0-176.101.63.255
213.109.111.0/24
Signature Algorithm: sha256WithRSAEncryption
18:53:2e:0c:b7:f1:af:38:a5:1e:90:54:06:0f:5f:f1:47:8c:
f7:e2:8d:2f:99:1c:f6:68:b4:d5:8f:02:28:56:a6:06:f4:96:
46:49:3e:42:a3:f8:1a:b1:6c:4f:2d:a1:a9:fe:a3:63:07:03:
c6:9a:b3:48:1a:e0:5e:65:4e:d8:fc:3a:e0:b1:7a:e4:06:cd:
55:b1:f1:57:16:ce:78:61:32:c7:cc:34:1d:8c:5a:75:59:91:
dd:c9:02:34:c3:b6:7b:e0:bd:ce:17:f1:a7:90:40:8f:96:28:
e0:9e:2d:a4:f5:7d:37:5d:b0:70:7b:68:5d:6c:50:73:e1:d4:
2c:1e:f6:7c:7d:1c:3a:cf:ed:13:44:44:ab:9f:a4:2f:27:37:
ed:46:6e:b7:be:df:77:f4:af:eb:af:53:86:4e:7f:45:39:73:
c6:45:8f:f1:64:14:a1:40:3d:98:5e:13:c2:98:75:ac:a6:0a:
16:26:c2:a0:4b:45:e9:d5:ca:5b:cd:4b:aa:ec:5f:a0:19:ad:
2a:b7:4c:7c:7b:d1:31:09:c6:3b:0a:29:46:44:bc:5b:92:4d:
70:3c:4b:0c:e2:7c:e9:56:6b:d3:b0:dc:b2:61:22:64:0f:c0:
e5:05:52:fe:18:ab:f9:a2:b6:72:51:2b:28:25:3d:f8:a5:e1:
e5:ce:e4:2d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZldmytZVG+UDfxrwZuWXWe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwOTE4MTYxNDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE3MTU0OGY0MDJjZDIwMDNmNTlkMTg4ZWUxZTU3OGYxODMxNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfbCz/W64bjuwH3KbDDvW+zyjmK6
NpWXiKkgsA2+dnHQrYtC//Sd1Dx3vpR8BSPWixYef7x13Mkfo48R2mdYsniMhPX6
tYJhStz7+yX78RCro7OBHJdu6iEOF5zvojr0y05+vsS9aRJuOrWdxMl5k8zb3Cn+
NeAa/kuPfA5cDmAe7x9f8N21o8gO8lqiqCYRsZl7F8ZVGga3MsB5lrUQasitfFMd
2xVAB4sFplN2es6Rdfg43lUTYYCIJ+YgLt6ErGlCl7Wyt/IxfddN9T0kdJS6os2u
U9HfDlTnU2IVpEpEc4QT2kSCUV5NSPsLAPgpQ7V4TgYVYwnqHjwEQuWyGQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFO0XFUj0As0gA/WdGI7h5XjxgxVoMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvN1JjVlNQUUN6U0FEOVowWWp1SGxlUEdERldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAAjpjAwQA
W/AhAwQAbcRoMAwDBAFtxGoDBAFtxGwDBABtxG8wDAMEALBlOQMEBrBlAAMEANVt
bzANBgkqhkiG9w0BAQsFAAOCAQEAGFMuDLfxrzilHpBUBg9f8UeM9+KNL5kc9mi0
1Y8CKFamBvSWRkk+QqP4GrFsTy2hqf6jYwcDxpqzSBrgXmVO2Pw64LF65AbNVbHx
VxbOeGEyx8w0HYxadVmR3ckCNMO2e+C9zhfxp5BAj5Yo4J4tpPV9N12wcHtoXWxQ
c+HULB72fH0cOs/tE0REq5+kLyc37UZut77fd/Sv669Thk5/RTlzxkWP8WQUoUA9
mF4Twph1rKYKFibCoEtF6dXKW81LquxfoBmtKrdMfHvRMQnGOwopRkS8W5JNcDxL
DOJ86VZr07DcsmEiZA/A5QVS/hir+aK2clErKCU9+KXh5c7kLQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:01 2025 by rpki-client