
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/LstQmx0npx1wBzXFQnWiCMni4rU.roa
File: LstQmx0npx1wBzXFQnWiCMni4rU.roa (raw, json)
Hash identifier: P0DAqw5mgnz/NGIMrf6y81li0lGZ6anTPEV88CrVJ8o=
Subject key identifier: 2E:CB:50:9B:1D:27:A7:1D:70:07:35:C5:42:75:A2:08:C9:E2:E2:B5
Certificate issuer: /CN=810e50f8be21e6556a2a3b5e60e1de765ae02d4e
Certificate serial: 01994CD336929AD41E4B5FCECDFF280F2DA4
Authority key identifier: 81:0E:50:F8:BE:21:E6:55:6A:2A:3B:5E:60:E1:DE:76:5A:E0:2D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQ5Q-L4h5lVqKjteYOHedlrgLU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/LstQmx0npx1wBzXFQnWiCMni4rU.roa
Signing time: Mon 15 Sep 2025 10:02:14 +0000
ROA not before: Mon 15 Sep 2025 10:02:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.87.134.0/24 maxlen: 24
185.87.135.0/24 maxlen: 24
2a05:c341::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/gQ5Q-L4h5lVqKjteYOHedlrgLU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/gQ5Q-L4h5lVqKjteYOHedlrgLU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/gQ5Q-L4h5lVqKjteYOHedlrgLU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:d3:36:92:9a:d4:1e:4b:5f:ce:cd:ff:28:0f:2d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810e50f8be21e6556a2a3b5e60e1de765ae02d4e
Validity
Not Before: Sep 15 10:02:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ecb509b1d27a71d700735c54275a208c9e2e2b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9f:52:92:4c:33:e4:66:21:32:cc:94:5b:5e:
fa:be:7d:b3:15:50:13:89:b4:e9:93:6b:77:66:32:
54:9d:59:fa:3d:28:62:b5:8a:19:dc:4a:8a:00:08:
c4:f7:16:d9:81:d8:86:c7:d0:c9:b8:5c:7d:e6:ac:
da:54:04:fb:22:e3:f1:16:84:72:60:c3:5a:2c:57:
f0:db:14:80:b2:d8:d0:11:c6:9e:a1:f0:b8:91:c1:
14:d3:c3:3a:bd:59:d3:cb:9f:2e:f8:44:75:e9:e3:
27:b6:54:e9:3c:cc:bf:4d:d7:c3:d6:ff:69:37:24:
b5:e0:5e:a0:e0:8c:fc:db:7a:d6:3e:3b:31:ce:a2:
cc:51:13:c2:96:a3:d5:f2:24:1c:59:49:e3:a0:23:
68:0c:28:ca:d0:3c:15:43:00:bc:4d:42:e9:77:a6:
a3:fa:0b:09:57:1a:b1:1e:ba:2b:74:25:69:ff:0f:
20:8f:13:40:b2:2a:ec:6d:9d:67:f4:f9:f4:ee:c8:
5a:e3:5c:97:e6:0f:ea:b4:63:25:a4:64:b3:1d:4e:
ae:d1:62:5b:95:94:28:d6:79:d5:83:c7:f7:a6:15:
d4:9e:3f:13:3a:14:cc:93:9b:d1:36:36:6a:db:cb:
a1:e5:06:89:78:ca:96:83:f1:49:20:ac:3e:bd:7d:
e1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CB:50:9B:1D:27:A7:1D:70:07:35:C5:42:75:A2:08:C9:E2:E2:B5
X509v3 Authority Key Identifier:
keyid:81:0E:50:F8:BE:21:E6:55:6A:2A:3B:5E:60:E1:DE:76:5A:E0:2D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQ5Q-L4h5lVqKjteYOHedlrgLU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/LstQmx0npx1wBzXFQnWiCMni4rU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/880df4-e334-4a77-8f4a-7dfde8b12e2c/1/gQ5Q-L4h5lVqKjteYOHedlrgLU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.134.0/23
IPv6:
2a05:c341::/48
Signature Algorithm: sha256WithRSAEncryption
77:8d:5d:95:ad:dd:36:ae:25:9d:bd:06:83:f7:ee:70:60:21:
39:5b:fb:6a:d1:15:eb:d2:e1:b9:0a:8c:de:aa:2f:7f:5a:61:
c6:25:22:7f:69:a1:9c:3d:51:c4:35:2e:9c:6c:42:95:fe:1a:
3c:3c:ca:52:b0:87:eb:a8:c3:47:8c:44:e8:be:b0:20:a9:8f:
ea:9f:aa:99:88:f4:c2:a4:63:19:2d:74:85:be:ae:5d:f4:76:
fc:34:db:08:76:70:ac:bd:bc:93:43:07:3d:46:51:55:03:bc:
46:67:4f:2b:a7:fe:53:bc:3d:77:fe:a8:ed:3d:95:81:01:f8:
33:ee:05:0e:42:1a:86:5c:1a:7b:59:bc:d4:58:19:7b:3c:7c:
35:74:bb:77:94:c2:af:ba:45:8f:1a:48:a5:73:a3:15:4c:e7:
02:ea:5b:cf:62:39:88:07:d6:e4:20:05:5b:a8:ac:ce:43:c1:
65:bd:ce:3a:db:9c:3d:bd:89:26:62:7c:a2:3f:75:f0:6f:93:
fd:8c:b3:29:ba:8a:57:c9:3b:87:fe:5d:3a:4d:45:c8:d4:9d:
6b:90:dc:c6:22:20:32:03:7c:b8:30:be:2f:05:b4:3b:f6:62:
28:41:18:f1:22:7b:b8:83:74:ac:1e:11:1e:4e:e6:2c:38:02:
4a:57:5e:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZlM0zaSmtQeS1/Ozf8oDy2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMGU1MGY4YmUyMWU2NTU2YTJhM2I1ZTYwZTFkZTc2NWFl
MDJkNGUwHhcNMjUwOTE1MTAwMjE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNiNTA5YjFkMjdhNzFkNzAwNzM1YzU0Mjc1YTIwOGM5ZTJlMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx59Skkwz5GYhMsyUW176vn2zFVAT
ibTpk2t3ZjJUnVn6PShitYoZ3EqKAAjE9xbZgdiGx9DJuFx95qzaVAT7IuPxFoRy
YMNaLFfw2xSAstjQEcaeofC4kcEU08M6vVnTy58u+ER16eMntlTpPMy/TdfD1v9p
NyS14F6g4Iz823rWPjsxzqLMURPClqPV8iQcWUnjoCNoDCjK0DwVQwC8TULpd6aj
+gsJVxqxHrordCVp/w8gjxNAsirsbZ1n9Pn07sha41yX5g/qtGMlpGSzHU6u0WJb
lZQo1nnVg8f3phXUnj8TOhTMk5vRNjZq28uh5QaJeMqWg/FJIKw+vX3hnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7LUJsdJ6cdcAc1xUJ1ogjJ4uK1MB8GA1UdIwQY
MBaAFIEOUPi+IeZVaio7XmDh3nZa4C1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1E1US1MNGg1bFZxS2p0ZVlPSGVkbHJnTFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ODBkZjQtZTMzNC00YTc3LThmNGEt
N2RmZGU4YjEyZTJjLzEvTHN0UW14MG5weDF3QnpYRlFuV2lDTW5pNHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ODBkZjQtZTMzNC00YTc3LThmNGEtN2RmZGU4YjEyZTJj
LzEvZ1E1US1MNGg1bFZxS2p0ZVlPSGVkbHJnTFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuVeGMA8E
AgACMAkDBwAqBcNBAAAwDQYJKoZIhvcNAQELBQADggEBAHeNXZWt3TauJZ29BoP3
7nBgITlb+2rRFevS4bkKjN6qL39aYcYlIn9poZw9UcQ1LpxsQpX+Gjw8ylKwh+uo
w0eMROi+sCCpj+qfqpmI9MKkYxktdIW+rl30dvw02wh2cKy9vJNDBz1GUVUDvEZn
Tyun/lO8PXf+qO09lYEB+DPuBQ5CGoZcGntZvNRYGXs8fDV0u3eUwq+6RY8aSKVz
oxVM5wLqW89iOYgH1uQgBVuorM5DwWW9zjrbnD29iSZifKI/dfBvk/2Msym6ilfJ
O4f+XTpNRcjUnWuQ3MYiIDIDfLgwvi8FtDv2YihBGPEie7iDdKweER5O5iw4AkpX
Xh0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:47 2025 by rpki-client