Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/1iS_m3lD3dXmwGgBO22atH55ZJQ.roa
File: 1iS_m3lD3dXmwGgBO22atH55ZJQ.roa (raw, json)
Hash identifier: dudlGcQ03vBBCIjSveQDl5YeTGubffbp9QB39KgS7sA=
Subject key identifier: D6:24:BF:9B:79:43:DD:D5:E6:C0:68:01:3B:6D:9A:B4:7E:79:64:94
Certificate issuer: /CN=e099ee07822ef2ace9c356f7b42caeaff25c9692
Certificate serial: 0199AB58644FB36E0E91E3D54F99F8C1B3B9
Authority key identifier: E0:99:EE:07:82:2E:F2:AC:E9:C3:56:F7:B4:2C:AE:AF:F2:5C:96:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/1iS_m3lD3dXmwGgBO22atH55ZJQ.roa
Signing time: Fri 03 Oct 2025 18:32:00 +0000
ROA not before: Fri 03 Oct 2025 18:32:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203226
IP address blocks: 185.50.254.0/24 maxlen: 24
2a14:6980:10::/44 maxlen: 44
2a14:6980:10::/48 maxlen: 48
2a14:6980:11::/48 maxlen: 48
2a14:6980:12::/48 maxlen: 48
2a14:6980:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ab:58:64:4f:b3:6e:0e:91:e3:d5:4f:99:f8:c1:b3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e099ee07822ef2ace9c356f7b42caeaff25c9692
Validity
Not Before: Oct 3 18:32:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d624bf9b7943ddd5e6c068013b6d9ab47e796494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:80:bd:d4:59:a4:dd:51:01:af:2e:89:e2:b8:
08:a8:bb:32:06:da:46:1b:7f:61:43:2f:7f:7d:0e:
7c:e4:ee:e0:7f:96:30:a7:60:a6:54:99:a1:57:59:
ed:4e:e6:0d:f0:78:47:e3:ad:78:5a:6e:c6:60:eb:
80:c9:58:65:69:3d:42:06:6e:45:a6:a9:93:11:6e:
d1:4b:74:3f:de:8c:44:e7:23:cc:6d:67:73:3e:58:
80:78:d4:22:f6:0b:24:02:cc:e5:e3:15:d3:e2:28:
bb:3e:be:ca:18:4b:d6:aa:f8:d6:ed:23:e8:c9:00:
e1:47:ee:65:5e:23:e7:07:65:9e:85:52:0b:04:b0:
a9:4d:e7:0d:aa:24:8c:2a:12:42:ea:f4:d4:9f:9f:
57:6e:fd:71:9e:42:cc:be:11:c3:34:fb:55:08:bb:
02:d7:fc:12:79:99:8c:68:d3:28:59:30:86:8a:d1:
4b:d0:9b:4c:76:55:ef:bc:71:71:9e:f7:ec:e1:89:
b5:d2:26:4d:65:5c:12:b1:66:74:70:7c:68:f1:04:
ce:f3:f0:1e:f8:fe:ee:09:19:24:dd:04:83:80:26:
ed:5f:6e:9a:de:ab:8e:87:dd:16:49:1b:76:70:e7:
e5:04:8d:25:63:00:18:e9:f0:d4:72:ad:4d:39:84:
ec:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:24:BF:9B:79:43:DD:D5:E6:C0:68:01:3B:6D:9A:B4:7E:79:64:94
X509v3 Authority Key Identifier:
keyid:E0:99:EE:07:82:2E:F2:AC:E9:C3:56:F7:B4:2C:AE:AF:F2:5C:96:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/1iS_m3lD3dXmwGgBO22atH55ZJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.254.0/24
IPv6:
2a14:6980:10::/44
Signature Algorithm: sha256WithRSAEncryption
67:5d:e2:4c:9d:41:3a:e0:e2:68:98:f2:6a:97:82:0e:c2:9b:
96:ba:ad:67:dc:03:2c:31:b1:15:17:7e:79:53:37:3e:13:9e:
4f:2a:ce:12:7e:87:01:7a:55:21:d9:b3:bb:70:00:64:b1:49:
92:12:88:97:2d:fe:7d:31:c1:67:33:79:be:4e:50:b7:8f:73:
99:2b:05:50:42:41:1b:d8:1c:29:51:42:c6:8c:f4:09:45:78:
ce:be:91:34:cd:46:ae:77:52:9e:b7:7c:25:cc:29:d0:51:7e:
85:d0:66:83:fc:9b:69:91:40:45:c1:11:72:e2:ae:a9:b2:b4:
d1:dc:e0:32:0d:ec:35:55:52:99:bf:a2:b2:21:90:f1:4b:c3:
ea:e9:5b:df:91:ec:05:a3:32:2e:15:17:e4:d7:54:db:2f:df:
2a:c3:10:f7:43:ca:42:56:42:fe:38:01:43:6b:ad:2c:7e:a9:
16:d0:f0:60:cf:74:ff:f2:86:cb:0e:35:ab:84:dc:b4:2e:62:
7e:62:ea:7a:b0:dc:a1:d3:e8:0a:e3:37:33:c0:ee:5f:98:14:
78:44:4b:ed:6a:7e:5e:5c:01:a7:a6:89:3c:9d:58:7f:02:af:
49:4a:d0:02:18:1c:c2:8c:11:26:93:ba:18:12:6a:09:a8:dd:
47:f5:70:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZmrWGRPs24OkePVT5n4wbO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTllZTA3ODIyZWYyYWNlOWMzNTZmN2I0MmNhZWFmZjI1
Yzk2OTIwHhcNMjUxMDAzMTgzMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI0YmY5Yjc5NDNkZGQ1ZTZjMDY4MDEzYjZkOWFiNDdlNzk2NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oC91Fmk3VEBry6J4rgIqLsyBtpG
G39hQy9/fQ585O7gf5Ywp2CmVJmhV1ntTuYN8HhH4614Wm7GYOuAyVhlaT1CBm5F
pqmTEW7RS3Q/3oxE5yPMbWdzPliAeNQi9gskAszl4xXT4ii7Pr7KGEvWqvjW7SPo
yQDhR+5lXiPnB2WehVILBLCpTecNqiSMKhJC6vTUn59Xbv1xnkLMvhHDNPtVCLsC
1/wSeZmMaNMoWTCGitFL0JtMdlXvvHFxnvfs4Ym10iZNZVwSsWZ0cHxo8QTO8/Ae
+P7uCRkk3QSDgCbtX26a3quOh90WSRt2cOflBI0lYwAY6fDUcq1NOYTsbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYkv5t5Q93V5sBoATttmrR+eWSUMB8GA1UdIwQY
MBaAFOCZ7geCLvKs6cNW97Qsrq/yXJaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpudUI0SXU4cXpwdzFiM3RDeXVyX0pjbHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NzMyYmItZjU5MC00MTk0LTg1YmUt
ZDA2OWYxNzYwMmI2LzEvMWlTX20zbEQzZFhtd0dnQk8yMmF0SDU1WkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NzMyYmItZjU5MC00MTk0LTg1YmUtZDA2OWYxNzYwMmI2
LzEvNEpudUI0SXU4cXpwdzFiM3RDeXVyX0pjbHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuTL+MA8E
AgACMAkDBwQqFGmAABAwDQYJKoZIhvcNAQELBQADggEBAGdd4kydQTrg4miY8mqX
gg7Cm5a6rWfcAywxsRUXfnlTNz4Tnk8qzhJ+hwF6VSHZs7twAGSxSZISiJct/n0x
wWczeb5OULePc5krBVBCQRvYHClRQsaM9AlFeM6+kTTNRq53Up63fCXMKdBRfoXQ
ZoP8m2mRQEXBEXLirqmytNHc4DIN7DVVUpm/orIhkPFLw+rpW9+R7AWjMi4VF+TX
VNsv3yrDEPdDykJWQv44AUNrrSx+qRbQ8GDPdP/yhssONauE3LQuYn5i6nqw3KHT
6ArjNzPA7l+YFHhES+1qfl5cAaemiTydWH8Cr0lK0AIYHMKMESaTuhgSagmo3Uf1
cNQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:32 2025 by rpki-client