Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I61xnKqR2mGhz0ERa13Q-Zg-23s.roa
File: I61xnKqR2mGhz0ERa13Q-Zg-23s.roa (raw, json)
Hash identifier: oWNPedhlDOMBtOygsGyRThk7XgkLj5hdQGjjTb4tgQ8=
Subject key identifier: 23:AD:71:9C:AA:91:DA:61:A1:CF:41:11:6B:5D:D0:F9:98:3E:DB:7B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019910631E7FD916C4F07E19F139ABADD2A7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I61xnKqR2mGhz0ERa13Q-Zg-23s.roa
Signing time: Wed 03 Sep 2025 16:22:35 +0000
ROA not before: Wed 03 Sep 2025 16:22:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215730
IP address blocks: 2.59.253.0/24 maxlen: 24
81.31.192.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 05:55:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:10:63:1e:7f:d9:16:c4:f0:7e:19:f1:39:ab:ad:d2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 3 16:22:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23ad719caa91da61a1cf41116b5dd0f9983edb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:51:2b:ef:62:b8:a2:0f:cb:70:ec:28:75:98:
29:f2:c6:ad:a5:63:8d:31:94:a7:8a:d8:27:96:9e:
13:bd:a6:2e:2b:6f:e7:11:05:4a:e0:5e:97:a9:94:
26:94:47:5b:80:fc:07:88:fc:c7:d5:22:81:78:04:
57:fc:7c:81:40:d6:39:dc:6e:4f:1a:c5:f5:d3:8b:
39:f8:4f:5e:44:17:76:16:8d:52:f4:dd:df:97:6b:
0c:a7:bb:11:05:f7:61:a6:fb:8f:ae:15:c8:e2:77:
04:d9:0a:90:1e:32:6c:0a:2f:7f:45:d4:c2:83:5a:
93:2b:6f:d1:c9:07:82:4a:5c:1c:cc:06:8d:98:3b:
08:e6:c6:8d:95:3c:c2:bc:67:45:e5:b6:9c:b1:22:
7f:b2:af:78:de:80:7e:db:04:7c:44:e6:6f:44:ed:
26:ca:14:6e:42:98:44:82:1b:a5:19:4a:7d:69:c1:
8c:98:38:75:85:de:63:a8:40:07:37:6c:d0:2c:12:
18:f1:c1:a4:1e:f2:de:68:ec:eb:bb:27:c3:75:06:
15:33:22:ee:5b:3e:46:f4:b5:b9:a8:f7:98:f7:69:
79:20:3a:ee:13:49:88:54:94:28:c0:d2:53:4e:fc:
92:b1:d5:ec:07:2a:9f:e6:55:9b:10:05:32:d6:36:
d0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AD:71:9C:AA:91:DA:61:A1:CF:41:11:6B:5D:D0:F9:98:3E:DB:7B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I61xnKqR2mGhz0ERa13Q-Zg-23s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
81.31.192.0/24
87.120.93.0/24
87.120.126.0/24
94.156.232.0/24
Signature Algorithm: sha256WithRSAEncryption
10:4d:c9:71:75:b4:81:e4:28:e1:da:34:ab:2e:91:c1:fb:7a:
35:36:d2:43:66:54:29:6c:0d:58:20:5c:0e:db:db:9f:f4:9c:
11:b7:82:f0:c4:7a:2c:cd:b6:c1:f0:03:f8:d5:a7:10:0c:8b:
2e:95:49:c4:03:0b:ce:42:45:6b:f5:9c:16:a8:d8:9f:dd:4d:
84:38:13:53:ed:30:8d:15:2d:42:a7:71:64:65:2b:74:6d:bd:
86:08:eb:fa:3a:2d:4b:7b:4a:e7:c2:c0:4f:76:4c:2b:71:a5:
60:31:07:ef:5f:c2:c7:ed:f1:52:3a:0b:79:e2:05:29:79:a6:
8c:cd:82:02:7a:06:1d:d4:4d:9b:4d:7d:0a:cb:8d:9d:33:fb:
8f:a4:d8:56:f9:88:0a:ba:bb:eb:86:1b:a9:33:b9:42:6b:e5:
73:ce:35:34:73:47:62:5e:37:f4:1a:fb:75:85:f6:52:c4:85:
fe:72:41:df:b1:5a:97:f8:db:6f:d7:d1:3a:4e:82:cc:77:a5:
d1:6d:ca:da:8f:b6:37:b9:ab:58:8d:83:0a:34:41:28:c3:b1:
d7:48:e9:68:f4:e6:78:e5:30:b5:74:e8:77:c7:96:b5:4d:cc:
b0:ee:2a:c3:01:5c:67:9d:be:e6:b1:eb:c4:a5:d2:fd:1b:f9:
1b:e5:00:1c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZkQYx5/2RbE8H4Z8TmrrdKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTAzMTYyMjM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FkNzE5Y2FhOTFkYTYxYTFjZjQxMTE2YjVkZDBmOTk4M2VkYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1Er72K4og/LcOwodZgp8satpWON
MZSnitgnlp4TvaYuK2/nEQVK4F6XqZQmlEdbgPwHiPzH1SKBeARX/HyBQNY53G5P
GsX104s5+E9eRBd2Fo1S9N3fl2sMp7sRBfdhpvuPrhXI4ncE2QqQHjJsCi9/RdTC
g1qTK2/RyQeCSlwczAaNmDsI5saNlTzCvGdF5bacsSJ/sq943oB+2wR8ROZvRO0m
yhRuQphEghulGUp9acGMmDh1hd5jqEAHN2zQLBIY8cGkHvLeaOzruyfDdQYVMyLu
Wz5G9LW5qPeY92l5IDruE0mIVJQowNJTTvySsdXsByqf5lWbEAUy1jbQHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCOtcZyqkdphoc9BEWtd0PmYPtt7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTYxeG5LcVIybUdoejBFUmExM1EtWmctMjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjv9AwQA
UR/AAwQAV3hdAwQAV3h+AwQAXpzoMA0GCSqGSIb3DQEBCwUAA4IBAQAQTclxdbSB
5Cjh2jSrLpHB+3o1NtJDZlQpbA1YIFwO29uf9JwRt4LwxHoszbbB8AP41acQDIsu
lUnEAwvOQkVr9ZwWqNif3U2EOBNT7TCNFS1Cp3FkZSt0bb2GCOv6Oi1Le0rnwsBP
dkwrcaVgMQfvX8LH7fFSOgt54gUpeaaMzYICegYd1E2bTX0Ky42dM/uPpNhW+YgK
urvrhhupM7lCa+VzzjU0c0diXjf0Gvt1hfZSxIX+ckHfsVqX+Ntv19E6ToLMd6XR
bcraj7Y3uatYjYMKNEEow7HXSOlo9OZ45TC1dOh3x5a1Tcyw7irDAVxnnb7msevE
pdL9G/kb5QAc
-----END CERTIFICATE-----
Generated at Tue Sep 9 11:56:18 2025 by rpki-client