Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/cpfSzQsU6bXhLoYlLCepUpPhGUA.roa
File: cpfSzQsU6bXhLoYlLCepUpPhGUA.roa (raw, json)
Hash identifier: I8cvRLDssMsd0UHP/4nXy9rkIVrQ1W/PN2dEJTBJ8Vc=
Subject key identifier: 72:97:D2:CD:0B:14:E9:B5:E1:2E:86:25:2C:27:A9:52:93:E1:19:40
Certificate issuer: /CN=b53005619688efbaffd06e108a43bdf20643e0d6
Certificate serial: 01992E66F1432A820A9995AC8CD947D8A834
Authority key identifier: B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/cpfSzQsU6bXhLoYlLCepUpPhGUA.roa
Signing time: Tue 09 Sep 2025 12:15:22 +0000
ROA not before: Tue 09 Sep 2025 12:15:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39759
IP address blocks: 89.186.32.0/19 maxlen: 19
89.186.32.0/20 maxlen: 20
89.186.32.0/21 maxlen: 21
89.186.40.0/21 maxlen: 21
89.186.42.0/24 maxlen: 24
89.186.43.0/24 maxlen: 24
89.186.48.0/20 maxlen: 20
89.186.48.0/24 maxlen: 24
89.186.49.0/24 maxlen: 24
89.186.50.0/24 maxlen: 24
89.186.55.0/24 maxlen: 24
89.186.56.0/24 maxlen: 24
89.186.57.0/24 maxlen: 24
89.186.58.0/24 maxlen: 24
89.186.59.0/24 maxlen: 24
89.186.60.0/24 maxlen: 24
89.186.61.0/24 maxlen: 24
89.186.62.0/24 maxlen: 24
89.186.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/tTAFYZaI77r_0G4QikO98gZD4NY.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/tTAFYZaI77r_0G4QikO98gZD4NY.mft
rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:66:f1:43:2a:82:0a:99:95:ac:8c:d9:47:d8:a8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53005619688efbaffd06e108a43bdf20643e0d6
Validity
Not Before: Sep 9 12:15:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7297d2cd0b14e9b5e12e86252c27a95293e11940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:24:59:0c:80:fc:72:a7:aa:76:50:8c:f8:12:
57:b4:e8:e9:4d:9b:19:29:2b:50:5f:64:67:b2:07:
e7:44:79:53:61:91:d3:09:22:f1:68:49:5d:d5:ef:
a4:e8:8d:77:44:2e:be:6f:46:d8:90:cb:0f:f9:52:
6d:84:89:f3:65:3e:8d:36:97:df:61:45:a6:61:b2:
ee:5e:5b:6a:44:ad:6b:cc:0a:c6:6c:ba:f8:db:81:
51:39:b6:ba:68:29:e3:64:eb:10:01:9c:e0:5e:16:
79:18:06:44:55:85:b1:31:cb:f7:6d:57:78:63:f0:
d4:3b:78:14:6e:94:9d:44:42:ba:17:71:85:17:56:
07:69:d3:16:2b:f5:12:ec:cf:39:b5:4c:59:1f:16:
7d:a4:ce:a2:31:9a:19:95:ec:97:67:98:22:40:42:
87:51:f9:ed:63:b4:4e:eb:f7:88:9e:67:9f:41:a4:
2d:f4:c3:c8:f9:ef:81:f3:81:66:f2:66:17:df:3b:
ac:ac:65:60:8b:a8:65:53:13:61:3c:f1:52:67:e5:
1f:5b:74:d6:2f:5c:4c:ba:7f:65:9d:0d:f1:1d:6d:
91:8c:c8:23:96:95:af:36:ae:22:2a:b6:fe:db:51:
b5:66:fe:f3:7d:b9:c0:f5:34:d1:97:d0:d2:1e:15:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:97:D2:CD:0B:14:E9:B5:E1:2E:86:25:2C:27:A9:52:93:E1:19:40
X509v3 Authority Key Identifier:
keyid:B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/cpfSzQsU6bXhLoYlLCepUpPhGUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/tTAFYZaI77r_0G4QikO98gZD4NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.186.32.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:09:3e:39:34:a9:e9:78:34:ae:88:c5:03:25:fc:65:7a:4b:
5b:59:04:98:56:44:36:bb:28:28:c5:e9:91:a8:a9:0b:f9:76:
70:cf:c8:cd:4e:e1:a5:1b:53:41:d4:bd:4b:9d:de:68:f7:d5:
af:66:af:4a:cd:05:3b:08:10:3f:d1:c7:4b:36:5f:8d:f9:29:
b8:09:79:2e:cb:98:de:0f:f5:2c:0d:3d:74:7b:43:d3:29:c1:
54:ae:1b:a0:1f:c5:c7:69:7d:98:29:4b:ec:86:42:f7:a0:d7:
dd:d3:98:1d:96:96:d6:d0:8a:83:d3:a0:47:0e:a0:6a:dc:5b:
49:b9:0e:cb:c8:40:d5:55:62:6c:af:8c:06:f4:68:5e:37:4a:
83:af:f1:e3:1b:30:03:e4:a5:b5:9c:f4:7f:2f:50:03:72:d5:
eb:a0:8c:cf:65:50:1c:c4:2f:2b:4f:c3:8f:d7:e6:36:e4:1a:
bc:76:18:3f:cb:0d:c1:32:61:4f:76:84:4e:bc:b1:ed:38:d2:
60:3e:05:11:40:77:39:2f:fb:0d:d4:e1:80:d4:cb:f9:f5:fa:
72:f6:72:1e:64:a5:e5:a6:8a:71:43:ea:bc:78:e2:17:43:cf:
18:09:8b:52:cc:a7:a4:b7:06:f0:ca:26:36:90:4e:9f:49:5e:
40:d3:b0:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkuZvFDKoIKmZWsjNlH2Kg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzAwNTYxOTY4OGVmYmFmZmQwNmUxMDhhNDNiZGYyMDY0
M2UwZDYwHhcNMjUwOTA5MTIxNTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk3ZDJjZDBiMTRlOWI1ZTEyZTg2MjUyYzI3YTk1MjkzZTExOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiRZDID8cqeqdlCM+BJXtOjpTZsZ
KStQX2RnsgfnRHlTYZHTCSLxaEld1e+k6I13RC6+b0bYkMsP+VJthInzZT6NNpff
YUWmYbLuXltqRK1rzArGbLr424FROba6aCnjZOsQAZzgXhZ5GAZEVYWxMcv3bVd4
Y/DUO3gUbpSdREK6F3GFF1YHadMWK/US7M85tUxZHxZ9pM6iMZoZleyXZ5giQEKH
UfntY7RO6/eInmefQaQt9MPI+e+B84Fm8mYX3zusrGVgi6hlUxNhPPFSZ+UfW3TW
L1xMun9lnQ3xHW2RjMgjlpWvNq4iKrb+21G1Zv7zfbnA9TTRl9DSHhVrywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKX0s0LFOm14S6GJSwnqVKT4RlAMB8GA1UdIwQY
MBaAFLUwBWGWiO+6/9BuEIpDvfIGQ+DWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYt
Y2Q0YmQ0NDI3NWM1LzEvY3BmU3pRc1U2YlhoTG9ZbExDZXBVcFBoR1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYtY2Q0YmQ0NDI3NWM1
LzEvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWbogMA0G
CSqGSIb3DQEBCwUAA4IBAQBeCT45NKnpeDSuiMUDJfxlektbWQSYVkQ2uygoxemR
qKkL+XZwz8jNTuGlG1NB1L1Lnd5o99WvZq9KzQU7CBA/0cdLNl+N+Sm4CXkuy5je
D/UsDT10e0PTKcFUrhugH8XHaX2YKUvshkL3oNfd05gdlpbW0IqD06BHDqBq3FtJ
uQ7LyEDVVWJsr4wG9GheN0qDr/HjGzAD5KW1nPR/L1ADctXroIzPZVAcxC8rT8OP
1+Y25Bq8dhg/yw3BMmFPdoROvLHtONJgPgURQHc5L/sN1OGA1Mv59fpy9nIeZKXl
popxQ+q8eOIXQ88YCYtSzKektwbwyiY2kE6fSV5A07AE
-----END CERTIFICATE-----
Generated at Thu Oct 9 06:00:20 2025 by rpki-client