Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/Pe2NALGIvmCuJSlPZ20SuZ-M9hg.roa
File: Pe2NALGIvmCuJSlPZ20SuZ-M9hg.roa (raw, json)
Hash identifier: OtaghSGRDvDf2NYLRv+GOjbFhhiw6EZBcNNwCgYOYjA=
Subject key identifier: 3D:ED:8D:00:B1:88:BE:60:AE:25:29:4F:67:6D:12:B9:9F:8C:F6:18
Certificate issuer: /CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Certificate serial: 0199BE9BFE38C6E1DF55D1186C500AD3BD8C
Authority key identifier: 95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/Pe2NALGIvmCuJSlPZ20SuZ-M9hg.roa
Signing time: Tue 07 Oct 2025 12:18:37 +0000
ROA not before: Tue 07 Oct 2025 12:18:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213742
IP address blocks: 45.87.40.0/24 maxlen: 24
195.138.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:9b:fe:38:c6:e1:df:55:d1:18:6c:50:0a:d3:bd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Validity
Not Before: Oct 7 12:18:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ded8d00b188be60ae25294f676d12b99f8cf618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:89:dd:07:29:0d:35:e1:0b:39:dd:71:89:10:
88:a3:ac:31:cf:52:33:a3:8a:32:57:e0:07:f7:7a:
95:ff:9d:e7:58:fa:f5:f0:4b:f6:cf:77:5f:6c:36:
46:be:2d:a4:78:46:7f:13:19:63:e8:f8:d4:96:0c:
f5:60:3c:f3:5e:08:bf:cb:c2:f3:ad:e9:59:2a:8e:
46:e0:15:89:b3:c3:50:80:e3:f7:f5:5f:cc:2f:e8:
a9:a6:61:4e:05:ea:cc:e2:07:e3:fa:3c:7e:55:f0:
2a:03:e6:2e:c2:a0:34:14:ad:a1:d9:ba:0e:8e:9f:
93:6d:1a:b8:25:4a:61:49:13:b1:f8:65:89:16:bb:
06:fb:7b:0e:e0:e4:a6:2b:48:fe:45:b5:3d:0f:13:
52:e0:cd:81:46:d5:6d:fe:fd:3f:4b:6e:32:0f:af:
39:fb:5a:08:fc:11:8a:7d:fd:7b:9d:47:08:33:fe:
2f:9f:18:24:86:83:d3:a2:ea:9b:02:67:b8:12:21:
7c:51:8d:de:10:5d:83:ae:fc:df:20:a4:b7:44:64:
59:8f:57:e6:e7:17:d0:1d:e3:f8:a8:f4:af:21:53:
2b:4f:ad:61:cd:91:41:1c:6e:3d:11:c6:5f:f7:98:
69:c5:ef:fd:8b:13:3e:05:e9:4e:3e:fc:0c:b2:18:
70:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:ED:8D:00:B1:88:BE:60:AE:25:29:4F:67:6D:12:B9:9F:8C:F6:18
X509v3 Authority Key Identifier:
keyid:95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/Pe2NALGIvmCuJSlPZ20SuZ-M9hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.40.0/24
195.138.40.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:ce:fe:83:af:4f:fb:be:e4:6b:7a:e9:ff:b8:4b:82:20:e8:
ff:ff:c9:9c:a6:c2:c8:7e:4e:64:b0:98:a4:12:06:78:05:be:
0c:5d:26:3b:d2:07:6a:16:ec:72:3e:e2:71:b3:6a:27:37:53:
82:06:5a:94:71:ba:27:6f:3a:28:2d:4b:db:0c:17:af:18:e7:
e6:b2:6c:cc:57:e1:a9:79:90:72:24:26:f8:37:da:37:f8:73:
94:04:c6:0d:85:27:f4:56:5f:7b:18:6b:4d:0d:85:9a:b7:e0:
5e:fd:71:2a:a1:bd:53:ff:3b:75:fd:9f:be:c1:30:71:b4:67:
ac:c2:d8:4a:09:29:5b:3b:c0:f3:a2:3d:34:13:c5:23:ac:3b:
92:4c:4c:76:b2:b1:d9:31:2b:08:9a:1a:84:eb:d7:4b:6a:8a:
f8:3e:32:a7:f0:27:d8:94:2f:c9:ba:be:3c:28:41:f9:d0:a7:
93:0f:a4:11:82:e4:3c:ca:96:60:04:3d:86:0f:90:50:21:3c:
07:5b:24:10:f7:df:88:20:73:6b:b5:d7:d0:ae:49:4a:ff:58:
f1:10:a1:4f:58:74:87:0b:85:e8:d7:a9:15:8f:f2:74:b3:01:
53:02:fd:4f:3f:19:c9:a7:37:ed:1c:16:e4:94:56:89:66:1a:
f4:8c:52:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm+m/44xuHfVdEYbFAK072MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDRhMDlhNDU5NmQ4MTU3ZGE2OWRjMzM0NmM1YWJjZTRj
ZTRlMTMwHhcNMjUxMDA3MTIxODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVkOGQwMGIxODhiZTYwYWUyNTI5NGY2NzZkMTJiOTlmOGNmNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYndBykNNeELOd1xiRCIo6wxz1Iz
o4oyV+AH93qV/53nWPr18Ev2z3dfbDZGvi2keEZ/Exlj6PjUlgz1YDzzXgi/y8Lz
relZKo5G4BWJs8NQgOP39V/ML+ippmFOBerM4gfj+jx+VfAqA+YuwqA0FK2h2boO
jp+TbRq4JUphSROx+GWJFrsG+3sO4OSmK0j+RbU9DxNS4M2BRtVt/v0/S24yD685
+1oI/BGKff17nUcIM/4vnxgkhoPTouqbAme4EiF8UY3eEF2DrvzfIKS3RGRZj1fm
5xfQHeP4qPSvIVMrT61hzZFBHG49EcZf95hpxe/9ixM+BelOPvwMshhwpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD3tjQCxiL5griUpT2dtErmfjPYYMB8GA1UdIwQY
MBaAFJUEoJpFltgVfaadwzRsWrzkzk4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQt
NjczYzM4ODkxNjFkLzEvUGUyTkFMR0l2bUN1SlNsUFoyMFN1Wi1NOWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQtNjczYzM4ODkxNjFk
LzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVcoAwQA
w4ooMA0GCSqGSIb3DQEBCwUAA4IBAQC/zv6Dr0/7vuRreun/uEuCIOj//8mcpsLI
fk5ksJikEgZ4Bb4MXSY70gdqFuxyPuJxs2onN1OCBlqUcbonbzooLUvbDBevGOfm
smzMV+GpeZByJCb4N9o3+HOUBMYNhSf0Vl97GGtNDYWat+Be/XEqob1T/zt1/Z++
wTBxtGeswthKCSlbO8Dzoj00E8UjrDuSTEx2srHZMSsImhqE69dLaor4PjKn8CfY
lC/Jur48KEH50KeTD6QRguQ8ypZgBD2GD5BQITwHWyQQ99+IIHNrtdfQrklK/1jx
EKFPWHSHC4Xo16kVj/J0swFTAv1PPxnJpzftHBbklFaJZhr0jFJJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:01:08 2025 by rpki-client