Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/DKwuyeTzcXlsjfEEUBHaEvjmjlY.roa
File: DKwuyeTzcXlsjfEEUBHaEvjmjlY.roa (raw, json)
Hash identifier: xehl5t/wnL1MYEirEc3rgYVSjSjy0B0WsVEtPaCVdVQ=
Subject key identifier: 0C:AC:2E:C9:E4:F3:71:79:6C:8D:F1:04:50:11:DA:12:F8:E6:8E:56
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 0199B8C3F068637E729B7A019D647530BA2A
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/DKwuyeTzcXlsjfEEUBHaEvjmjlY.roa
Signing time: Mon 06 Oct 2025 09:04:32 +0000
ROA not before: Mon 06 Oct 2025 09:04:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34914
IP address blocks: 89.222.0.0/20 maxlen: 24
89.222.2.0/23 maxlen: 23
89.222.32.0/20 maxlen: 24
89.222.32.0/23 maxlen: 23
89.222.34.0/23 maxlen: 23
89.222.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 15:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:c3:f0:68:63:7e:72:9b:7a:01:9d:64:75:30:ba:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Oct 6 09:04:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cac2ec9e4f371796c8df1045011da12f8e68e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:f5:cf:84:0f:04:88:ec:44:a3:2a:40:9f:
ee:7c:cd:5f:38:86:68:f5:af:6a:99:32:56:03:3e:
f8:d2:a5:d0:03:1e:ba:1b:a4:da:f1:6f:77:e1:ba:
1a:72:bc:ed:f0:01:ae:27:7e:51:ce:ee:7d:a7:ac:
ec:ef:66:17:ae:bb:5d:fe:c4:0f:b2:61:ff:2c:3a:
8f:8b:74:83:1d:0d:aa:19:03:66:f1:d4:01:d8:d9:
cf:d1:1e:56:23:21:b5:21:09:25:ab:c3:d3:40:d9:
32:14:79:31:44:bb:0e:9c:3a:03:20:45:e0:22:12:
0f:20:87:29:df:18:50:6b:a1:59:7e:87:27:31:f0:
35:b0:af:01:f9:bb:39:c4:34:85:0a:f0:57:9f:3e:
6c:25:08:e3:03:48:d5:d2:53:da:da:5b:2f:f1:f7:
e9:4c:1e:f9:4c:e2:76:35:86:7a:b4:ac:75:70:08:
b9:3e:d2:70:63:e1:ac:ca:39:64:91:dc:f9:4f:a2:
74:72:51:48:85:14:25:c7:e0:a8:86:ab:96:0e:d2:
f6:f7:bd:3d:c6:e0:b2:76:e9:fa:bc:27:11:f4:aa:
3a:f1:98:c6:4c:19:7a:40:46:2d:b5:ab:5f:f8:2f:
51:82:7a:87:a2:6b:93:1d:6a:fd:d9:94:8a:65:b1:
a4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AC:2E:C9:E4:F3:71:79:6C:8D:F1:04:50:11:DA:12:F8:E6:8E:56
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/DKwuyeTzcXlsjfEEUBHaEvjmjlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.0.0/20
89.222.32.0/19
Signature Algorithm: sha256WithRSAEncryption
70:67:40:73:09:05:b8:9b:26:f7:13:2c:0a:1c:ea:e3:e7:86:
1f:df:d5:9c:cf:ec:03:19:56:51:c5:3d:48:21:dd:56:7b:c3:
37:c8:ae:c7:12:65:bb:4e:e4:a4:25:f9:32:fb:e9:d5:49:8c:
b7:03:0d:37:c5:e6:62:17:29:ba:d1:43:24:e9:c6:19:18:b3:
e1:69:df:e9:27:d7:ad:3f:73:fa:0f:af:e1:fa:69:fe:d4:da:
d1:a9:89:aa:54:59:f1:31:59:2e:cd:3f:2d:b6:6c:b2:61:4e:
10:3c:59:28:7e:f1:f6:92:40:d8:64:1d:cb:f1:45:29:f8:c8:
84:72:2b:be:d9:2a:f4:03:4b:23:60:49:cd:19:ab:a6:a0:b8:
21:c2:76:4f:1b:b5:c1:82:f5:53:b3:b5:dd:74:fe:81:7a:ac:
e3:de:d7:60:be:6c:71:ac:1e:05:e2:b5:02:fb:a9:91:b4:63:
c2:f0:3f:77:cf:da:1a:fd:58:d6:95:58:bf:a7:49:6c:16:5c:
d7:06:d5:a9:e5:17:90:99:39:31:1c:2c:37:fa:7e:cc:b0:b9:
ef:a3:d3:71:52:82:91:89:0d:83:94:a2:a0:86:86:c7:ed:0f:
16:b2:6d:c3:ff:35:ef:7e:18:0a:5c:22:e5:19:66:d9:d3:eb:
e9:09:45:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm4w/BoY35ym3oBnWR1MLoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjUxMDA2MDkwNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2FjMmVjOWU0ZjM3MTc5NmM4ZGYxMDQ1MDExZGExMmY4ZTY4ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7b1z4QPBIjsRKMqQJ/ufM1fOIZo
9a9qmTJWAz740qXQAx66G6Ta8W934boacrzt8AGuJ35Rzu59p6zs72YXrrtd/sQP
smH/LDqPi3SDHQ2qGQNm8dQB2NnP0R5WIyG1IQklq8PTQNkyFHkxRLsOnDoDIEXg
IhIPIIcp3xhQa6FZfocnMfA1sK8B+bs5xDSFCvBXnz5sJQjjA0jV0lPa2lsv8ffp
TB75TOJ2NYZ6tKx1cAi5PtJwY+Gsyjlkkdz5T6J0clFIhRQlx+CohquWDtL29709
xuCydun6vCcR9Ko68ZjGTBl6QEYttatf+C9RgnqHomuTHWr92ZSKZbGkaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAysLsnk83F5bI3xBFAR2hL45o5WMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvREt3dXllVHpjWGxzamZFRVVCSGFFdmptamxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWd4AAwQF
Wd4gMA0GCSqGSIb3DQEBCwUAA4IBAQBwZ0BzCQW4myb3EywKHOrj54Yf39Wcz+wD
GVZRxT1IId1We8M3yK7HEmW7TuSkJfky++nVSYy3Aw03xeZiFym60UMk6cYZGLPh
ad/pJ9etP3P6D6/h+mn+1NrRqYmqVFnxMVkuzT8ttmyyYU4QPFkofvH2kkDYZB3L
8UUp+MiEciu+2Sr0A0sjYEnNGaumoLghwnZPG7XBgvVTs7XddP6Beqzj3tdgvmxx
rB4F4rUC+6mRtGPC8D93z9oa/VjWlVi/p0lsFlzXBtWp5ReQmTkxHCw3+n7MsLnv
o9NxUoKRiQ2DlKKghobH7Q8Wsm3D/zXvfhgKXCLlGWbZ0+vpCUWe
-----END CERTIFICATE-----
Generated at Wed Oct 8 23:39:38 2025 by rpki-client