Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ITb_XVl2tA11J6nAknkJ07xuM_A.roa
File: ITb_XVl2tA11J6nAknkJ07xuM_A.roa (raw, json)
Hash identifier: Te0z4RiC3nV17xojwnpgYVjVq9us6VbZr6q0RMM9u2o=
Subject key identifier: 21:36:FF:5D:59:76:B4:0D:75:27:A9:C0:92:79:09:D3:BC:6E:33:F0
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 0199C8E9A02E5D810B5CCCCA3E42E45E855B
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ITb_XVl2tA11J6nAknkJ07xuM_A.roa
Signing time: Thu 09 Oct 2025 12:19:37 +0000
ROA not before: Thu 09 Oct 2025 12:19:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
213.232.204.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
2a13:7c00:3::/48 maxlen: 48
2a13:7c00:4::/48 maxlen: 48
2a13:7c00:5::/48 maxlen: 48
2a13:7c00:6::/48 maxlen: 48
2a13:7c00:7::/48 maxlen: 48
2a13:7c00:8::/48 maxlen: 48
2a13:7c00:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:e9:a0:2e:5d:81:0b:5c:cc:ca:3e:42:e4:5e:85:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Oct 9 12:19:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2136ff5d5976b40d7527a9c0927909d3bc6e33f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bc:9f:61:5e:4b:24:49:a2:5a:e1:57:17:b0:
e2:a1:63:fe:bd:51:c2:1b:f6:47:b6:8f:fa:81:ec:
aa:97:ec:06:c9:a8:bc:e1:c1:0d:80:16:02:b1:2b:
f0:cb:0d:36:3c:34:68:50:8f:08:c4:e2:be:86:e5:
7d:02:f3:03:94:1f:87:5e:0a:1b:70:2b:fb:91:d9:
78:12:9a:88:2a:1a:5b:9e:ba:ae:85:82:b2:5c:35:
56:91:ed:0b:61:1b:07:96:d6:41:c2:41:5e:01:a1:
59:a9:48:76:b3:f4:ff:3d:48:15:d9:97:ab:c9:4e:
d2:36:c6:2a:ef:29:bd:e5:1a:4a:46:a0:46:37:16:
8c:da:25:94:4a:d1:a7:d5:f8:ca:17:17:81:3b:ed:
ab:6a:85:4e:5f:25:d0:5a:e5:4b:65:f5:bc:32:fa:
e1:4c:9a:e4:a1:a2:47:16:f2:97:d2:02:08:f4:70:
ba:30:cb:e8:b7:66:d3:33:2e:0c:9a:d9:da:8a:76:
71:1c:c8:48:2a:12:d6:1c:e1:61:0b:4c:36:e0:b1:
76:6d:04:35:4f:b0:f3:d0:ca:75:1f:1e:01:a5:38:
fb:17:22:07:40:f0:e9:e9:04:69:b0:a8:78:a7:0a:
85:06:b4:94:9e:35:f8:2f:13:b0:f6:10:eb:63:4c:
5e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:36:FF:5D:59:76:B4:0D:75:27:A9:C0:92:79:09:D3:BC:6E:33:F0
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ITb_XVl2tA11J6nAknkJ07xuM_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.222.0/24
185.92.180.0/22
213.232.204.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
10:86:69:fb:bb:9d:ba:72:25:b2:fc:f1:16:92:02:18:21:c6:
a2:e0:4e:9c:6c:95:9f:df:37:d5:7d:e9:41:cb:78:4b:20:82:
ee:9f:8a:53:82:91:aa:64:4c:46:b4:82:04:0d:e8:b1:6e:58:
66:b5:6f:fb:d1:8c:87:4e:01:2e:48:eb:58:dd:eb:b7:64:22:
86:04:60:b5:de:95:8b:44:fc:d4:1a:3f:a5:43:19:c8:f5:d4:
ba:6d:36:a8:21:4d:c8:f8:93:0e:8f:73:0c:11:9b:f0:80:76:
d1:91:2e:23:5c:a9:a9:e8:9c:8d:b6:ee:3d:9b:9d:ab:b8:a6:
9c:b6:9f:3f:27:62:0c:cf:2e:82:03:94:87:da:14:ec:9a:7e:
cf:14:86:55:4d:33:0c:31:05:a0:cd:6c:10:fd:c9:2f:7d:fe:
47:d5:4a:ec:7d:30:ce:58:2d:76:08:5b:02:a9:11:5b:48:0e:
67:46:c6:fe:c3:43:3b:11:e0:b4:63:b6:fc:02:b1:f1:17:96:
80:85:ca:f5:66:c5:35:e5:ce:14:08:56:3d:f1:d8:ea:8a:e1:
49:3e:a4:85:df:29:95:ee:4f:84:c1:3d:c7:0f:9a:6a:19:31:
1d:d5:23:21:63:e1:20:cb:f0:ac:72:c0:8b:24:aa:22:0f:a4:
9b:a5:e3:17
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZnI6aAuXYELXMzKPkLkXoVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUxMDA5MTIxOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM2ZmY1ZDU5NzZiNDBkNzUyN2E5YzA5Mjc5MDlkM2JjNmUzM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlryfYV5LJEmiWuFXF7DioWP+vVHC
G/ZHto/6geyql+wGyai84cENgBYCsSvwyw02PDRoUI8IxOK+huV9AvMDlB+HXgob
cCv7kdl4EpqIKhpbnrquhYKyXDVWke0LYRsHltZBwkFeAaFZqUh2s/T/PUgV2Zer
yU7SNsYq7ym95RpKRqBGNxaM2iWUStGn1fjKFxeBO+2raoVOXyXQWuVLZfW8Mvrh
TJrkoaJHFvKX0gII9HC6MMvot2bTMy4MmtnainZxHMhIKhLWHOFhC0w24LF2bQQ1
T7Dz0Mp1Hx4BpTj7FyIHQPDp6QRpsKh4pwqFBrSUnjX4LxOw9hDrY0xejwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCE2/11ZdrQNdSepwJJ5CdO8bjPwMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvSVRiX1hWbDJ0QTExSjZuQWtua0owN3h1TV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAsv/eAwQC
uVy0AwQA1ejMMA0EAgACMAcDBQAqE3wAMA0GCSqGSIb3DQEBCwUAA4IBAQAQhmn7
u526ciWy/PEWkgIYIcai4E6cbJWf3zfVfelBy3hLIILun4pTgpGqZExGtIIEDeix
blhmtW/70YyHTgEuSOtY3eu3ZCKGBGC13pWLRPzUGj+lQxnI9dS6bTaoIU3I+JMO
j3MMEZvwgHbRkS4jXKmp6JyNtu49m52ruKactp8/J2IMzy6CA5SH2hTsmn7PFIZV
TTMMMQWgzWwQ/ckvff5H1UrsfTDOWC12CFsCqRFbSA5nRsb+w0M7EeC0Y7b8ArHx
F5aAhcr1ZsU15c4UCFY98djqiuFJPqSF3ymV7k+EwT3HD5pqGTEd1SMhY+Egy/Cs
csCLJKoiD6SbpeMX
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:08 2025 by rpki-client