Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/l2jBV0bVg0CQFfEWYmZGcUnNWs8.roa
File: l2jBV0bVg0CQFfEWYmZGcUnNWs8.roa (raw, json)
Hash identifier: I43WzSD4plBzSNiTRFYHSTVDaLrtL+SCq1cjo57LmDs=
Subject key identifier: 97:68:C1:57:46:D5:83:40:90:15:F1:16:62:66:46:71:49:CD:5A:CF
Certificate issuer: /CN=d8442f2c2f88d9f6eb2d9c5df3680be21ee7c9b3
Certificate serial: 0198ACDD59B9C23D97EFC4ABF0058F557450
Authority key identifier: D8:44:2F:2C:2F:88:D9:F6:EB:2D:9C:5D:F3:68:0B:E2:1E:E7:C9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EQvLC-I2fbrLZxd82gL4h7nybM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/l2jBV0bVg0CQFfEWYmZGcUnNWs8.roa
Signing time: Fri 15 Aug 2025 08:34:04 +0000
ROA not before: Fri 15 Aug 2025 08:34:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200876
IP address blocks: 82.163.240.0/21 maxlen: 21
82.163.240.0/24 maxlen: 32
82.163.241.0/24 maxlen: 32
82.163.242.0/24 maxlen: 32
82.163.243.0/24 maxlen: 32
82.163.244.0/24 maxlen: 32
82.163.245.0/24 maxlen: 32
82.163.246.0/24 maxlen: 32
82.163.247.0/24 maxlen: 32
88.212.128.0/20 maxlen: 20
88.212.128.0/24 maxlen: 32
88.212.129.0/24 maxlen: 32
88.212.130.0/24 maxlen: 32
88.212.131.0/24 maxlen: 32
88.212.132.0/24 maxlen: 32
88.212.133.0/24 maxlen: 32
88.212.134.0/24 maxlen: 32
88.212.135.0/24 maxlen: 32
88.212.136.0/24 maxlen: 32
88.212.137.0/24 maxlen: 32
88.212.138.0/24 maxlen: 32
88.212.139.0/24 maxlen: 32
88.212.140.0/24 maxlen: 32
88.212.141.0/24 maxlen: 32
88.212.142.0/24 maxlen: 32
88.212.143.0/24 maxlen: 32
88.212.160.0/22 maxlen: 22
88.212.160.0/24 maxlen: 32
88.212.161.0/24 maxlen: 32
88.212.162.0/24 maxlen: 32
88.212.163.0/24 maxlen: 32
185.46.208.0/22 maxlen: 22
185.46.208.0/24 maxlen: 32
185.46.209.0/24 maxlen: 32
185.46.210.0/24 maxlen: 32
185.46.211.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/2EQvLC-I2fbrLZxd82gL4h7nybM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/2EQvLC-I2fbrLZxd82gL4h7nybM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2EQvLC-I2fbrLZxd82gL4h7nybM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:dd:59:b9:c2:3d:97:ef:c4:ab:f0:05:8f:55:74:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8442f2c2f88d9f6eb2d9c5df3680be21ee7c9b3
Validity
Not Before: Aug 15 08:34:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9768c15746d583409015f1166266467149cd5acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0b:7a:ce:a7:b6:5b:b4:36:51:aa:3f:06:09:
b5:c3:8a:75:ec:58:9e:ec:a1:ab:a6:2d:4f:66:30:
f0:e9:fc:f9:73:ea:f4:e8:d5:ea:e7:96:3c:64:4b:
ac:49:44:59:d8:d4:5f:09:31:55:e0:f8:7c:d4:21:
79:a1:20:ad:03:15:2d:ee:64:d6:ed:50:03:a7:bc:
37:b3:27:f4:84:45:99:5a:72:73:7c:80:ff:22:9a:
6a:0d:1d:09:01:b6:50:d1:70:5f:d4:93:b3:a3:44:
de:c2:5e:ea:c0:a1:98:17:c8:a9:aa:79:c6:de:b8:
90:5d:5e:c3:bf:22:ef:fa:6a:87:de:79:5e:1d:87:
a0:da:25:4b:b6:be:00:f2:61:a7:f4:5d:dd:28:9c:
86:63:80:d2:ab:b4:89:a4:6a:52:d6:2f:cf:5e:07:
a3:52:23:b5:53:4f:4f:3a:ea:6c:44:07:cf:f8:05:
d6:0a:3d:db:e2:27:48:55:a8:70:1a:eb:fc:cf:52:
e4:05:f7:bf:17:ce:fd:78:38:95:8d:4c:0c:6a:f5:
cd:0e:4b:2e:c2:ec:b2:80:f6:70:c0:64:54:81:4b:
ba:4f:be:37:0f:eb:e4:fc:5d:4c:c9:56:55:4a:91:
5d:4f:ef:ea:46:93:39:1b:5d:2a:2c:71:2e:5b:40:
73:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:68:C1:57:46:D5:83:40:90:15:F1:16:62:66:46:71:49:CD:5A:CF
X509v3 Authority Key Identifier:
keyid:D8:44:2F:2C:2F:88:D9:F6:EB:2D:9C:5D:F3:68:0B:E2:1E:E7:C9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EQvLC-I2fbrLZxd82gL4h7nybM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/l2jBV0bVg0CQFfEWYmZGcUnNWs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d70b84-3d4b-4f22-8e53-0f546e14eb1d/1/2EQvLC-I2fbrLZxd82gL4h7nybM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.240.0/21
88.212.128.0/20
88.212.160.0/22
185.46.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:4f:b4:5f:7b:69:be:08:67:e9:80:2a:03:55:e1:30:08:fe:
f8:f7:83:8f:26:5a:77:61:69:86:e2:94:56:42:a4:df:34:cc:
3c:2b:07:10:95:e8:a2:35:11:57:44:27:98:97:d7:fb:5b:9a:
11:c2:4f:e9:44:a4:a6:6d:74:8b:c1:87:2c:6e:29:19:e5:d6:
6d:b8:fe:38:88:ce:56:97:ec:a5:ce:6f:9c:4b:13:88:4f:fb:
6c:66:7c:dc:7f:0a:7b:50:56:1e:d5:f9:c4:0b:b8:81:82:11:
ed:9f:ff:aa:81:3c:62:8f:14:d2:34:7d:2b:83:72:f3:ad:ac:
3e:65:67:e4:af:56:22:30:37:bd:37:66:5e:07:11:d4:10:be:
4f:c4:ad:11:6e:e9:74:52:e7:6c:2a:72:f7:ed:79:29:97:27:
da:b8:7d:88:da:45:17:e7:47:f0:f1:09:bc:81:81:e3:34:18:
2a:e7:d7:e0:d5:f9:b8:bf:9c:ad:6f:65:be:fa:0b:d2:b0:bb:
25:58:ac:08:6a:f0:3d:ea:b1:34:01:58:13:78:3f:e7:f0:d3:
f7:89:d8:7c:e9:81:c4:ed:06:4e:41:05:ff:83:88:b9:d4:e0:
4a:52:2a:b2:e8:67:9a:a4:c3:12:3a:f7:9b:86:12:47:64:14:
e4:a8:52:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZis3Vm5wj2X78Sr8AWPVXRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NDQyZjJjMmY4OGQ5ZjZlYjJkOWM1ZGYzNjgwYmUyMWVl
N2M5YjMwHhcNMjUwODE1MDgzNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY4YzE1NzQ2ZDU4MzQwOTAxNWYxMTY2MjY2NDY3MTQ5Y2Q1YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAt6zqe2W7Q2Uao/Bgm1w4p17Fie
7KGrpi1PZjDw6fz5c+r06NXq55Y8ZEusSURZ2NRfCTFV4Ph81CF5oSCtAxUt7mTW
7VADp7w3syf0hEWZWnJzfID/IppqDR0JAbZQ0XBf1JOzo0Tewl7qwKGYF8ipqnnG
3riQXV7DvyLv+mqH3nleHYeg2iVLtr4A8mGn9F3dKJyGY4DSq7SJpGpS1i/PXgej
UiO1U09POupsRAfP+AXWCj3b4idIVahwGuv8z1LkBfe/F879eDiVjUwMavXNDksu
wuyygPZwwGRUgUu6T743D+vk/F1MyVZVSpFdT+/qRpM5G10qLHEuW0BzxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJdowVdG1YNAkBXxFmJmRnFJzVrPMB8GA1UdIwQY
MBaAFNhELywviNn26y2cXfNoC+Ie58mzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkVRdkxDLUkyZmJyTFp4ZDgyZ0w0aDdueWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNzBiODQtM2Q0Yi00ZjIyLThlNTMt
MGY1NDZlMTRlYjFkLzEvbDJqQlYwYlZnMENRRmZFV1ltWkdjVW5OV3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNzBiODQtM2Q0Yi00ZjIyLThlNTMtMGY1NDZlMTRlYjFk
LzEvMkVRdkxDLUkyZmJyTFp4ZDgyZ0w0aDdueWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDUqPwAwQE
WNSAAwQCWNSgAwQCuS7QMA0GCSqGSIb3DQEBCwUAA4IBAQBPT7Rfe2m+CGfpgCoD
VeEwCP7494OPJlp3YWmG4pRWQqTfNMw8KwcQleiiNRFXRCeYl9f7W5oRwk/pRKSm
bXSLwYcsbikZ5dZtuP44iM5Wl+ylzm+cSxOIT/tsZnzcfwp7UFYe1fnEC7iBghHt
n/+qgTxijxTSNH0rg3Lzraw+ZWfkr1YiMDe9N2ZeBxHUEL5PxK0Rbul0UudsKnL3
7XkplyfauH2I2kUX50fw8Qm8gYHjNBgq59fg1fm4v5ytb2W++gvSsLslWKwIavA9
6rE0AVgTeD/n8NP3idh86YHE7QZOQQX/g4i51OBKUiqy6GeapMMSOvebhhJHZBTk
qFII
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:21:56 2025 by rpki-client