Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/6Y2-BPBwmi0ajRFfuk-7gjxb3VY.roa
File: 6Y2-BPBwmi0ajRFfuk-7gjxb3VY.roa (raw, json)
Hash identifier: zEnO2OcP02snJFVmokqdabitxnMtngb7RKkC32lY0BQ=
Subject key identifier: E9:8D:BE:04:F0:70:9A:2D:1A:8D:11:5F:BA:4F:BB:82:3C:5B:DD:56
Certificate issuer: /CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Certificate serial: 01997F82366540CEF26440A4405B460306C7
Authority key identifier: 0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/6Y2-BPBwmi0ajRFfuk-7gjxb3VY.roa
Signing time: Thu 25 Sep 2025 06:14:23 +0000
ROA not before: Thu 25 Sep 2025 06:14:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213281
IP address blocks: 45.155.140.0/22 maxlen: 24
151.252.216.0/21 maxlen: 24
185.124.72.0/22 maxlen: 24
217.195.148.0/22 maxlen: 24
2a0f:ff00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:82:36:65:40:ce:f2:64:40:a4:40:5b:46:03:06:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Validity
Not Before: Sep 25 06:14:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e98dbe04f0709a2d1a8d115fba4fbb823c5bdd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cc:09:a8:66:c5:ac:4f:40:87:ca:b7:c0:3f:
3d:00:d0:7e:cb:9c:e7:a7:fe:cc:82:05:7f:6a:c6:
41:4a:97:96:ab:54:71:90:8f:62:28:44:5a:6d:c7:
56:57:8b:b0:dd:7f:86:de:00:3c:7b:e9:12:33:bc:
72:7f:e3:33:0e:bd:06:41:b7:61:aa:23:7a:db:3b:
52:85:28:20:8d:6b:98:98:bb:5e:05:28:be:f6:53:
4e:cb:98:81:42:0a:0f:55:0c:a6:81:53:57:5e:07:
b1:d5:6d:26:90:07:91:f5:0c:23:44:6b:af:b7:8d:
3d:fd:ab:7f:b0:a8:e0:67:fc:f9:1a:2d:f4:04:cc:
f2:0f:e2:e5:98:77:c7:ae:ee:74:37:16:0b:fa:7f:
be:d2:42:ac:f8:a7:c1:a6:2d:55:bc:2c:ce:3a:75:
5d:a1:28:25:f6:f4:bb:fa:4d:d8:6d:3b:e6:ee:0c:
2d:a3:b3:c6:0c:0d:5c:79:67:38:f9:f9:d3:4f:45:
2c:e6:b7:b6:9e:f7:05:7f:65:f9:d2:b2:c2:a0:36:
6d:09:9c:64:0e:ba:6b:39:64:e2:8e:f8:88:8d:ee:
d8:43:66:b2:50:d1:87:53:2a:41:60:8f:88:bd:4c:
16:e8:01:d8:80:99:83:13:f0:89:17:9f:dd:d6:25:
26:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8D:BE:04:F0:70:9A:2D:1A:8D:11:5F:BA:4F:BB:82:3C:5B:DD:56
X509v3 Authority Key Identifier:
keyid:0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/6Y2-BPBwmi0ajRFfuk-7gjxb3VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.140.0/22
151.252.216.0/21
185.124.72.0/22
217.195.148.0/22
IPv6:
2a0f:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
69:15:a5:fe:b3:81:8d:31:bc:ef:a8:d9:18:d0:8e:d0:fb:d8:
af:50:49:55:bb:48:f3:a6:3e:55:d1:7a:2c:01:2f:ca:1d:7a:
47:b0:50:2c:25:fe:29:af:dc:f2:f6:03:13:b3:45:aa:30:4b:
de:b5:83:bb:82:e4:db:db:6b:c5:57:1d:80:97:8c:f1:f5:fa:
b6:7e:0c:54:bc:52:1f:b7:af:ef:e1:15:25:9b:76:0f:cf:06:
d3:4c:a3:d9:34:12:94:6e:ab:5b:cc:db:06:29:7d:3f:ac:3f:
6c:f6:01:ce:39:3c:e3:26:ef:74:a0:d1:a6:68:94:1d:02:91:
5b:72:d2:de:5f:c4:09:07:07:3d:72:94:dd:5c:a5:ee:ef:5c:
0b:31:a8:9b:df:03:25:67:4b:8a:71:de:3b:4d:77:e6:45:73:
e1:ac:2d:e1:d2:68:e4:6a:8d:27:f0:47:79:88:26:a6:a0:45:
bd:72:7a:82:e2:e0:b9:29:b0:16:c3:7f:64:97:13:68:7e:5f:
26:cf:e6:36:72:27:7f:1c:85:e6:68:ae:2d:88:bf:74:58:a3:
df:da:c5:47:f6:2c:6e:a6:90:68:74:32:74:c8:64:ff:81:fc:
70:54:83:05:80:42:26:0a:50:b4:8e:a7:f4:15:a4:a3:79:fc:
48:39:93:ba
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZl/gjZlQM7yZECkQFtGAwbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTdkYWUwNDQ3NmRiMTAxNmNhYTQzZTNlZDliYzZiZDY5
ZjM5NzUwHhcNMjUwOTI1MDYxNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThkYmUwNGYwNzA5YTJkMWE4ZDExNWZiYTRmYmI4MjNjNWJkZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1swJqGbFrE9Ah8q3wD89ANB+y5zn
p/7MggV/asZBSpeWq1RxkI9iKERabcdWV4uw3X+G3gA8e+kSM7xyf+MzDr0GQbdh
qiN62ztShSggjWuYmLteBSi+9lNOy5iBQgoPVQymgVNXXgex1W0mkAeR9QwjRGuv
t409/at/sKjgZ/z5Gi30BMzyD+LlmHfHru50NxYL+n++0kKs+KfBpi1VvCzOOnVd
oSgl9vS7+k3YbTvm7gwto7PGDA1ceWc4+fnTT0Us5re2nvcFf2X50rLCoDZtCZxk
DrprOWTijviIje7YQ2ayUNGHUypBYI+IvUwW6AHYgJmDE/CJF5/d1iUmxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOmNvgTwcJotGo0RX7pPu4I8W91WMB8GA1UdIwQY
MBaAFAwX2uBEdtsQFsqkPj7ZvGvWnzl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODkt
ODA0ZjE3ZWMyNDVlLzEvNlkyLUJQQndtaTBhalJGZnVrLTdnanhiM1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODktODA0ZjE3ZWMyNDVl
LzEvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZuMAwQD
l/zYAwQCuXxIAwQC2cOUMA0EAgACMAcDBQMqD/8AMA0GCSqGSIb3DQEBCwUAA4IB
AQBpFaX+s4GNMbzvqNkY0I7Q+9ivUElVu0jzpj5V0XosAS/KHXpHsFAsJf4pr9zy
9gMTs0WqMEvetYO7guTb22vFVx2Al4zx9fq2fgxUvFIft6/v4RUlm3YPzwbTTKPZ
NBKUbqtbzNsGKX0/rD9s9gHOOTzjJu90oNGmaJQdApFbctLeX8QJBwc9cpTdXKXu
71wLMaib3wMlZ0uKcd47TXfmRXPhrC3h0mjkao0n8Ed5iCamoEW9cnqC4uC5KbAW
w39klxNofl8mz+Y2cid/HIXmaK4tiL90WKPf2sVH9ixuppBodDJ0yGT/gfxwVIMF
gEImClC0jqf0FaSjefxIOZO6
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:00 2025 by rpki-client