Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/1-tobmuArgsO1CcS37ElbRPB4oI0.roa
File: 1-tobmuArgsO1CcS37ElbRPB4oI0.roa (raw, json)
Hash identifier: eoz/B2g3BVZDkFcVrm+jT5e/XqpAm/AHcMzK9BR9JlQ=
Subject key identifier: FA:DA:1B:9A:E0:2B:82:C3:B5:09:C4:B7:EC:49:5B:44:F0:78:A0:8D
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 01999A0B19C2E4CE459517CCE2999530DAD6
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/1-tobmuArgsO1CcS37ElbRPB4oI0.roa
Signing time: Tue 30 Sep 2025 09:54:02 +0000
ROA not before: Tue 30 Sep 2025 09:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62336
IP address blocks: 91.221.250.0/23 maxlen: 23
141.78.128.0/18 maxlen: 18
185.234.32.0/22 maxlen: 22
185.250.220.0/22 maxlen: 22
2a02:2761::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:0b:19:c2:e4:ce:45:95:17:cc:e2:99:95:30:da:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Sep 30 09:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fada1b9ae02b82c3b509c4b7ec495b44f078a08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:10:32:d6:ed:87:74:30:f1:47:1b:56:f6:
0e:b2:01:0e:ec:15:8c:a1:7d:aa:ea:f8:e3:b1:e8:
9c:24:9e:5f:90:53:87:d5:74:ea:77:41:eb:60:70:
2c:51:34:51:25:f0:64:d7:16:35:f5:16:0c:18:5b:
31:75:05:42:90:e2:90:5a:6c:62:6c:9a:d7:ce:ef:
e5:3a:ae:35:f3:66:0b:32:b6:ae:6c:36:f1:3c:bf:
2a:34:5a:2a:cc:dd:54:fe:47:66:36:fb:dc:6a:38:
b5:b2:f4:56:0d:37:f4:db:40:4d:44:aa:15:21:7c:
e9:d1:1d:d3:28:64:ea:f2:38:78:20:25:a1:c7:b7:
b8:88:5b:75:dc:57:c5:4c:e1:ad:00:93:d8:ac:e2:
f7:0e:31:62:a0:e4:20:db:a7:7b:e4:91:f2:0e:f8:
f9:6c:fe:f9:91:7c:5d:60:32:0f:73:f8:aa:44:64:
dc:06:ae:a1:8f:9b:10:c3:2d:7d:dc:dc:aa:81:65:
1b:cd:5a:c0:db:f1:99:24:e7:88:3b:47:03:9c:90:
76:1d:31:53:50:7a:95:b1:43:b7:63:f5:8a:21:ea:
39:58:6a:ff:a3:82:ee:f7:62:27:3c:48:a9:fb:00:
af:88:27:63:a9:1c:78:3e:75:b8:04:ae:d9:3f:fc:
82:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DA:1B:9A:E0:2B:82:C3:B5:09:C4:B7:EC:49:5B:44:F0:78:A0:8D
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/1-tobmuArgsO1CcS37ElbRPB4oI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.250.0/23
141.78.128.0/18
185.234.32.0/22
185.250.220.0/22
IPv6:
2a02:2761::/32
Signature Algorithm: sha256WithRSAEncryption
2b:19:f5:4e:a8:16:ba:2b:86:c2:7b:d8:02:2d:36:5f:e3:87:
18:6b:24:31:b7:e1:fd:2b:83:15:94:b6:16:5d:fc:e4:04:98:
fe:f5:bd:7e:af:22:70:92:98:b7:94:77:fc:cb:b7:f4:20:80:
3d:5f:37:50:0d:3d:4e:34:08:86:56:fd:01:88:37:2c:d4:a7:
00:86:1a:b4:8d:74:16:f3:3f:9e:d8:eb:65:19:32:8c:ef:c7:
d8:6d:e9:b3:52:9c:2a:5f:91:f3:40:ab:60:e2:5f:a1:44:dc:
4e:23:a3:91:f0:5c:91:52:ce:95:f6:8a:86:6c:12:f2:ae:1f:
4a:0f:b3:30:15:0b:b0:1e:09:20:db:84:95:de:0e:e9:05:ee:
39:d8:8a:e2:2f:16:c9:06:29:38:8e:5a:fb:36:47:10:6a:af:
3d:6d:b8:92:c6:d9:a2:d7:41:b0:3c:9a:24:5b:5b:e5:bd:7d:
ec:51:02:d2:4e:c8:87:c6:61:28:83:eb:48:77:6c:22:ce:19:
83:ca:41:61:40:f3:8a:9e:e3:07:a8:bb:bf:41:72:10:d9:25:
eb:33:32:78:92:17:18:9e:18:30:9e:ea:55:3e:39:72:7b:4d:
57:de:0a:f0:fa:4b:ae:71:61:ec:89:6e:ef:07:8f:eb:50:c3:
92:af:36:35
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZmaCxnC5M5FlRfM4pmVMNrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl
YTU3MDIwHhcNMjUwOTMwMDk1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRhMWI5YWUwMmI4MmMzYjUwOWM0YjdlYzQ5NWI0NGYwNzhhMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0cQMtbth3Qw8UcbVvYOsgEO7BWM
oX2q6vjjseicJJ5fkFOH1XTqd0HrYHAsUTRRJfBk1xY19RYMGFsxdQVCkOKQWmxi
bJrXzu/lOq4182YLMraubDbxPL8qNFoqzN1U/kdmNvvcaji1svRWDTf020BNRKoV
IXzp0R3TKGTq8jh4ICWhx7e4iFt13FfFTOGtAJPYrOL3DjFioOQg26d75JHyDvj5
bP75kXxdYDIPc/iqRGTcBq6hj5sQwy193NyqgWUbzVrA2/GZJOeIO0cDnJB2HTFT
UHqVsUO3Y/WKIeo5WGr/o4Lu92InPEip+wCviCdjqRx4PnW4BK7ZP/yCGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPraG5rgK4LDtQnEt+xJW0TweKCNMB8GA1UdIwQY
MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt
ZjIyNzQ5NjVjMDk1LzEvMS10b2JtdUFyZ3NPMUNjUzM3RWxiUlBCNG9JMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvODAyYjM1LTY3M2MtNDc1Ni05NzYxLWYyMjc0OTY1YzA5
NS8xL1FvMzVtQ1RPWjdETFg0ZjhSbG1lRTYzcVZ3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAVvd+gME
Bo1OgAMEArnqIAMEArn63DANBAIAAjAHAwUAKgInYTANBgkqhkiG9w0BAQsFAAOC
AQEAKxn1TqgWuiuGwnvYAi02X+OHGGskMbfh/SuDFZS2Fl385ASY/vW9fq8icJKY
t5R3/Mu39CCAPV83UA09TjQIhlb9AYg3LNSnAIYatI10FvM/ntjrZRkyjO/H2G3p
s1KcKl+R80CrYOJfoUTcTiOjkfBckVLOlfaKhmwS8q4fSg+zMBULsB4JINuEld4O
6QXuOdiK4i8WyQYpOI5a+zZHEGqvPW24ksbZotdBsDyaJFtb5b197FEC0k7Ih8Zh
KIPrSHdsIs4Zg8pBYUDzip7jB6i7v0FyENkl6zMyeJIXGJ4YMJ7qVT45cntNV94K
8PpLrnFh7Ilu7weP61DDkq82NQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:32 2025 by rpki-client