Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ro0BJtUX9Py7-nwF9PZGTlkxD8Q.roa
File: ro0BJtUX9Py7-nwF9PZGTlkxD8Q.roa (raw, json)
Hash identifier: kym42QPOnyO2r3M4RbWd6NgVZMSowMmWfOpBK++DNqQ=
Subject key identifier: AE:8D:01:26:D5:17:F4:FC:BB:FA:7C:05:F4:F6:46:4E:59:31:0F:C4
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0199944DD6BB692C7C638C87654F46F33DDF
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ro0BJtUX9Py7-nwF9PZGTlkxD8Q.roa
Signing time: Mon 29 Sep 2025 07:09:13 +0000
ROA not before: Mon 29 Sep 2025 07:09:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 194.154.24.0/22 maxlen: 22
217.177.8.0/22 maxlen: 24
217.177.40.0/22 maxlen: 24
217.180.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:4d:d6:bb:69:2c:7c:63:8c:87:65:4f:46:f3:3d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 29 07:09:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae8d0126d517f4fcbbfa7c05f4f6464e59310fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:32:ee:92:6e:78:d0:53:bf:8c:32:e7:68:
bf:e8:ca:a0:0e:d9:d6:49:8f:15:0b:29:b0:9f:61:
89:18:dc:c8:a4:76:a6:90:fe:0d:a6:34:a6:08:a0:
fe:96:1d:e4:60:4b:a3:f8:09:c4:db:5e:c5:3e:7b:
5f:df:43:21:d0:91:df:c7:46:49:00:8d:7e:01:7b:
d9:f8:b0:1f:6b:45:eb:2b:82:b0:65:d2:1f:62:2d:
87:23:f0:7d:30:2c:6e:15:14:fc:2b:4d:9d:25:b3:
3f:90:3c:82:ed:3c:0f:82:c1:fa:7c:40:fc:1c:c5:
45:b1:fe:20:bf:a9:ff:08:c9:64:45:5e:52:51:53:
ea:9a:d9:55:a3:47:5c:92:56:1b:30:ad:6e:9b:cd:
05:61:9b:1e:e2:de:ef:23:5f:bd:b6:62:d0:ba:df:
69:f5:a3:df:ea:03:6b:5b:e7:6a:69:b7:44:7f:92:
0e:93:f7:3d:ef:65:5e:88:fe:bc:e0:b5:12:ec:2b:
60:7b:ff:85:21:ef:90:29:89:1e:e3:2c:69:46:84:
50:4c:15:09:0c:8d:ba:c6:d3:db:4d:70:22:f2:a4:
a1:01:a3:44:5c:47:7a:b8:45:06:89:52:6b:6f:81:
a3:8c:2d:fc:ff:d7:88:cd:b4:6f:c7:93:ed:02:d3:
b3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8D:01:26:D5:17:F4:FC:BB:FA:7C:05:F4:F6:46:4E:59:31:0F:C4
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ro0BJtUX9Py7-nwF9PZGTlkxD8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.154.24.0/22
217.177.8.0/22
217.177.40.0/22
217.180.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:a7:db:db:a4:76:02:73:7b:00:16:ea:52:ab:c6:04:63:e9:
c9:47:bd:24:01:bd:52:1d:32:4e:09:bd:83:de:f8:fa:82:da:
ab:8d:e5:1f:7e:52:93:11:8f:d1:b9:4d:80:f9:82:31:b9:40:
08:39:87:5e:9c:13:96:d9:5d:c8:4d:a2:9b:1f:96:00:49:5a:
ef:e6:2f:4d:29:42:14:51:55:32:a6:68:4e:7b:47:d9:ee:07:
f4:6b:b0:31:95:88:91:13:96:0f:99:43:05:40:ba:b9:8d:98:
eb:bb:5c:6a:6d:49:2b:34:6d:73:ef:d6:19:e6:45:b5:44:96:
a2:9b:8a:47:3b:a7:fc:12:e6:93:06:50:89:11:39:11:a3:48:
5c:96:97:a4:53:56:05:02:74:79:f6:e1:7f:69:3c:8e:4b:6b:
a8:24:c7:93:54:fe:d3:b0:fa:89:12:4d:1a:d1:3e:80:86:3d:
fc:b4:d5:fd:ce:14:4e:e1:80:ee:2e:5c:76:9a:59:76:bd:77:
e4:3d:3c:75:97:d9:82:53:63:9f:1d:df:5e:e2:c3:8d:69:10:
cc:2f:78:be:ea:2d:a1:73:1b:06:d5:c7:a3:ae:bc:d7:6c:ca:
12:2b:26:a6:86:e5:eb:fa:67:42:4d:fa:57:39:16:1f:48:9d:
60:f6:22:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmUTda7aSx8Y4yHZU9G8z3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwOTI5MDcwOTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThkMDEyNmQ1MTdmNGZjYmJmYTdjMDVmNGY2NDY0ZTU5MzEwZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmIy7pJueNBTv4wy52i/6MqgDtnW
SY8VCymwn2GJGNzIpHamkP4NpjSmCKD+lh3kYEuj+AnE217FPntf30Mh0JHfx0ZJ
AI1+AXvZ+LAfa0XrK4KwZdIfYi2HI/B9MCxuFRT8K02dJbM/kDyC7TwPgsH6fED8
HMVFsf4gv6n/CMlkRV5SUVPqmtlVo0dcklYbMK1um80FYZse4t7vI1+9tmLQut9p
9aPf6gNrW+dqabdEf5IOk/c972VeiP684LUS7Ctge/+FIe+QKYke4yxpRoRQTBUJ
DI26xtPbTXAi8qShAaNEXEd6uEUGiVJrb4GjjC38/9eIzbRvx5PtAtOzewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK6NASbVF/T8u/p8BfT2Rk5ZMQ/EMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvcm8wQkp0VVg5UHk3LW53RjlQWkdUbGt4RDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwpoYAwQC
2bEIAwQC2bEoAwQC2bQoMA0GCSqGSIb3DQEBCwUAA4IBAQAbp9vbpHYCc3sAFupS
q8YEY+nJR70kAb1SHTJOCb2D3vj6gtqrjeUfflKTEY/RuU2A+YIxuUAIOYdenBOW
2V3ITaKbH5YASVrv5i9NKUIUUVUypmhOe0fZ7gf0a7AxlYiRE5YPmUMFQLq5jZjr
u1xqbUkrNG1z79YZ5kW1RJaim4pHO6f8EuaTBlCJETkRo0hclpekU1YFAnR59uF/
aTyOS2uoJMeTVP7TsPqJEk0a0T6Ahj38tNX9zhRO4YDuLlx2mll2vXfkPTx1l9mC
U2OfHd9e4sONaRDML3i+6i2hcxsG1cejrrzXbMoSKyamhuXr+mdCTfpXORYfSJ1g
9iIb
-----END CERTIFICATE-----
Generated at Wed Oct 8 12:01:34 2025 by rpki-client