Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/I0EWVa5mZSWikCbYj71SVDGODXk.roa
File: I0EWVa5mZSWikCbYj71SVDGODXk.roa (raw, json)
Hash identifier: qRro/RYNQpEPToY47O32IDSH0UGN5UknBXKBqz78hLc=
Subject key identifier: 23:41:16:55:AE:66:65:25:A2:90:26:D8:8F:BD:52:54:31:8E:0D:79
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 019941CAD3B7187F7723959D28C242130F39
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/I0EWVa5mZSWikCbYj71SVDGODXk.roa
Signing time: Sat 13 Sep 2025 06:37:15 +0000
ROA not before: Sat 13 Sep 2025 06:37:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57324
IP address blocks: 93.187.32.0/24 maxlen: 24
93.187.33.0/24 maxlen: 24
93.187.34.0/24 maxlen: 24
93.187.35.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
93.187.37.0/24 maxlen: 24
93.187.38.0/24 maxlen: 24
93.187.39.0/24 maxlen: 24
185.52.118.0/24 maxlen: 24
185.52.119.0/24 maxlen: 24
2a00:dd00:3::/48 maxlen: 48
2a00:dd00:4::/48 maxlen: 48
2a00:dd00:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:41:ca:d3:b7:18:7f:77:23:95:9d:28:c2:42:13:0f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Sep 13 06:37:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23411655ae666525a29026d88fbd5254318e0d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:16:58:cd:67:b1:d5:86:ec:e5:2b:b4:25:44:
4f:dc:20:61:85:6d:ab:95:cc:4d:87:32:b5:40:07:
c3:bb:f7:a6:b5:23:3f:10:8b:d3:53:82:ce:a2:68:
3c:1d:5c:47:76:f9:21:1a:cf:68:98:c1:26:5e:36:
63:1b:dc:d5:ed:51:b4:82:db:be:aa:b9:22:28:01:
d4:f2:1e:23:32:03:1b:c3:1f:37:6b:47:02:41:fc:
78:ae:ba:59:e2:2b:b9:08:56:e5:60:50:b8:37:52:
b2:19:57:af:a4:85:d0:99:88:99:f5:f4:08:75:cd:
70:a6:17:2a:e1:63:12:88:4a:ee:59:73:15:35:ee:
d3:f1:37:4c:9f:b6:51:3c:f0:bc:8c:56:8c:70:3f:
9a:1e:14:85:bf:06:8d:91:9f:08:98:30:6e:a6:3f:
f7:03:4b:c0:00:d3:0a:89:1d:df:06:ae:f0:ba:23:
32:ef:d0:23:e6:b8:42:a5:86:5c:b6:94:06:d1:b7:
7a:82:5b:5f:a5:12:2b:49:1f:07:ca:3f:3b:23:61:
51:5e:05:68:1e:50:ad:45:50:e3:a7:35:35:de:9a:
cb:65:61:b9:e3:09:2b:1f:23:e6:c6:5b:28:c9:c2:
b0:55:cf:7d:0a:ed:0b:54:a5:67:d2:9c:10:b1:cf:
2e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:41:16:55:AE:66:65:25:A2:90:26:D8:8F:BD:52:54:31:8E:0D:79
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/I0EWVa5mZSWikCbYj71SVDGODXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.118.0/23
IPv6:
2a00:dd00:3::-2a00:dd00:4:ffff:ffff:ffff:ffff:ffff
2a00:dd00:6::/48
Signature Algorithm: sha256WithRSAEncryption
65:ce:87:27:5f:cf:e9:4c:0a:3d:69:b2:ba:cb:7c:7f:fd:de:
0f:ac:3a:32:0b:20:78:e8:a1:12:62:e5:42:dc:5d:16:4b:87:
fb:31:db:be:08:89:b2:f0:f4:e5:4d:3c:3e:64:91:0e:d6:e7:
0c:f3:8f:59:e6:a5:8a:ae:25:a9:8f:1e:68:b4:e2:4c:ef:85:
1f:a2:a4:39:26:0d:31:8f:2d:92:5e:61:14:aa:af:b1:95:73:
05:d6:d5:ea:61:5a:fc:4c:7a:a0:65:4b:e8:ef:83:c9:06:25:
6c:e1:ee:c3:77:06:d0:ee:17:49:b1:54:50:9e:64:0c:57:60:
99:8f:47:f3:75:9c:f0:ca:1f:cc:f1:7e:01:80:52:95:da:a4:
e2:32:de:1d:74:cd:ce:bd:6c:33:93:92:6b:00:7e:ac:9a:c9:
dc:af:d3:8d:80:d2:f9:6a:29:c4:f3:54:af:b1:08:b2:28:ba:
5a:3c:f3:67:32:77:2a:ce:9b:40:59:52:b7:63:a4:3f:c6:76:
22:e1:d4:71:36:98:d6:73:97:98:ca:f0:6a:e2:39:d8:61:c2:
a4:3d:4f:b5:0c:b5:db:4c:11:64:0b:d1:df:8c:b2:d8:5b:cc:
42:a8:6f:d7:7f:e1:46:e2:a3:7b:f0:ee:c8:21:7a:79:96:fd:
b8:66:f4:e7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZlBytO3GH93I5WdKMJCEw85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjUwOTEzMDYzNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQxMTY1NWFlNjY2NTI1YTI5MDI2ZDg4ZmJkNTI1NDMxOGUwZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBZYzWex1Ybs5Su0JURP3CBhhW2r
lcxNhzK1QAfDu/emtSM/EIvTU4LOomg8HVxHdvkhGs9omMEmXjZjG9zV7VG0gtu+
qrkiKAHU8h4jMgMbwx83a0cCQfx4rrpZ4iu5CFblYFC4N1KyGVevpIXQmYiZ9fQI
dc1wphcq4WMSiEruWXMVNe7T8TdMn7ZRPPC8jFaMcD+aHhSFvwaNkZ8ImDBupj/3
A0vAANMKiR3fBq7wuiMy79Aj5rhCpYZctpQG0bd6gltfpRIrSR8Hyj87I2FRXgVo
HlCtRVDjpzU13prLZWG54wkrHyPmxlsoycKwVc99Cu0LVKVn0pwQsc8uAwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCNBFlWuZmUlopAm2I+9UlQxjg15MB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvSTBFV1ZhNW1aU1dpa0NiWWo3MVNWREdPRFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQDXbsgAwQB
uTR2MCMEAgACMB0wEgMHACoA3QAAAwMHACoA3QAABAMHACoA3QAABjANBgkqhkiG
9w0BAQsFAAOCAQEAZc6HJ1/P6UwKPWmyust8f/3eD6w6MgsgeOihEmLlQtxdFkuH
+zHbvgiJsvD05U08PmSRDtbnDPOPWealiq4lqY8eaLTiTO+FH6KkOSYNMY8tkl5h
FKqvsZVzBdbV6mFa/Ex6oGVL6O+DyQYlbOHuw3cG0O4XSbFUUJ5kDFdgmY9H83Wc
8MofzPF+AYBSldqk4jLeHXTNzr1sM5OSawB+rJrJ3K/TjYDS+WopxPNUr7EIsii6
WjzzZzJ3Ks6bQFlSt2OkP8Z2IuHUcTaY1nOXmMrwauI52GHCpD1PtQy120wRZAvR
34yy2FvMQqhv13/hRuKje/DuyCF6eZb9uGb05w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:47 2025 by rpki-client