Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RxT3s-0d1KpcvRIdiCE2hSlp2Hg.roa
File: RxT3s-0d1KpcvRIdiCE2hSlp2Hg.roa (raw, json)
Hash identifier: +i2bLYnnnwcJK0zygVHH3J2h0CGJ9+vyZbIcklVEnwc=
Subject key identifier: 47:14:F7:B3:ED:1D:D4:AA:5C:BD:12:1D:88:21:36:85:29:69:D8:78
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01994D370AF32B126A8589E005C9FF2DE018
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RxT3s-0d1KpcvRIdiCE2hSlp2Hg.roa
Signing time: Mon 15 Sep 2025 11:51:16 +0000
ROA not before: Mon 15 Sep 2025 11:51:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39368
IP address blocks: 185.218.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 11:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:37:0a:f3:2b:12:6a:85:89:e0:05:c9:ff:2d:e0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 15 11:51:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4714f7b3ed1dd4aa5cbd121d882136852969d878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:d7:63:f8:7d:48:4e:33:30:df:e3:eb:9e:
aa:df:26:9a:68:bf:c1:52:05:54:5f:c0:d1:fe:30:
3d:aa:8a:de:96:b2:54:c4:e4:1a:56:6b:35:8c:18:
93:2c:53:09:44:c1:bc:08:85:5f:9a:fd:6f:92:85:
42:23:de:bd:43:8d:7c:4b:9a:6b:a2:88:42:bd:a4:
a7:ed:7c:2a:be:b5:5d:53:59:bc:b1:22:2f:d4:1e:
4c:8b:93:65:81:fd:8b:8c:d9:99:5b:7b:ca:d1:ba:
3c:8e:65:4d:64:d2:b9:47:e7:de:7c:0d:2d:9e:c6:
92:3b:64:cc:b6:0e:b0:10:6a:d1:90:92:40:d1:b1:
64:7c:ac:83:eb:46:4b:97:c6:45:b8:2a:78:5e:74:
b7:fb:08:48:42:7b:39:0b:1a:e2:0b:16:af:90:a6:
5e:d1:cb:70:54:8e:af:ad:a6:6c:0d:38:d0:89:f6:
52:a0:a2:ff:9f:a1:a3:ca:64:48:e5:12:13:02:5e:
38:41:29:91:99:39:6e:7a:9a:4a:04:b6:2a:be:95:
0a:11:1a:84:a0:38:a4:ea:c9:20:84:5a:51:a7:60:
c8:fc:af:44:0b:23:06:27:5a:f0:2c:bb:97:b7:d2:
8e:f6:3f:f2:78:01:a0:2c:dc:80:93:aa:af:bc:23:
07:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:14:F7:B3:ED:1D:D4:AA:5C:BD:12:1D:88:21:36:85:29:69:D8:78
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RxT3s-0d1KpcvRIdiCE2hSlp2Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.139.0/24
Signature Algorithm: sha256WithRSAEncryption
88:b5:7a:d9:3f:ae:81:ff:ca:43:d3:33:b2:18:6a:ba:4c:61:
24:4f:eb:96:b0:8d:5f:66:c0:85:3c:f1:35:e5:da:8e:43:42:
f8:51:a1:9e:db:e0:c6:b9:b9:1c:32:02:52:93:94:ca:54:e2:
0a:f5:a2:01:f9:4e:3b:51:2c:85:1c:fb:d0:93:7d:14:a2:14:
bc:e9:dc:95:1d:4b:5c:2e:6d:93:58:06:19:d8:53:94:48:83:
ae:9e:b0:0e:2f:de:55:51:64:97:1a:0e:4f:f5:4c:2f:ec:79:
72:cc:6d:75:c0:0e:05:b2:c3:48:bb:8d:3b:0c:fe:b2:bd:47:
cc:98:ff:ad:20:26:56:9d:ac:65:e2:ff:1e:84:83:39:f5:5e:
52:27:cd:9c:4e:0d:82:39:a1:f5:b9:03:f7:e5:6b:92:50:c6:
7b:b1:d3:e7:3f:28:39:8c:c4:84:5a:0e:96:f2:ab:fa:2e:71:
0e:72:ef:00:eb:8d:73:f1:ca:71:fb:71:c7:9e:34:c4:ac:56:
e0:fb:ec:6e:d8:ab:31:1f:5b:fa:7b:dd:3e:33:63:2a:09:24:
8f:8f:8a:b4:55:dc:1f:57:78:12:ce:41:ec:ff:f6:67:26:f5:
84:b4:6c:8c:89:bc:bf:61:fc:91:31:5d:51:61:e4:b5:b2:4e:
37:1a:b3:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlNNwrzKxJqhYngBcn/LeAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTE1MTE1MTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzE0ZjdiM2VkMWRkNGFhNWNiZDEyMWQ4ODIxMzY4NTI5NjlkODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsivXY/h9SE4zMN/j656q3yaaaL/B
UgVUX8DR/jA9qorelrJUxOQaVms1jBiTLFMJRMG8CIVfmv1vkoVCI969Q418S5pr
oohCvaSn7XwqvrVdU1m8sSIv1B5Mi5Nlgf2LjNmZW3vK0bo8jmVNZNK5R+fefA0t
nsaSO2TMtg6wEGrRkJJA0bFkfKyD60ZLl8ZFuCp4XnS3+whIQns5CxriCxavkKZe
0ctwVI6vraZsDTjQifZSoKL/n6GjymRI5RITAl44QSmRmTlueppKBLYqvpUKERqE
oDik6skghFpRp2DI/K9ECyMGJ1rwLLuXt9KO9j/yeAGgLNyAk6qvvCMHpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcU97PtHdSqXL0SHYghNoUpadh4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUnhUM3MtMGQxS3BjdlJJZGlDRTJoU2xwMkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudqLMA0G
CSqGSIb3DQEBCwUAA4IBAQCItXrZP66B/8pD0zOyGGq6TGEkT+uWsI1fZsCFPPE1
5dqOQ0L4UaGe2+DGubkcMgJSk5TKVOIK9aIB+U47USyFHPvQk30UohS86dyVHUtc
Lm2TWAYZ2FOUSIOunrAOL95VUWSXGg5P9Uwv7HlyzG11wA4FssNIu407DP6yvUfM
mP+tICZWnaxl4v8ehIM59V5SJ82cTg2COaH1uQP35WuSUMZ7sdPnPyg5jMSEWg6W
8qv6LnEOcu8A641z8cpx+3HHnjTErFbg++xu2KsxH1v6e90+M2MqCSSPj4q0Vdwf
V3gSzkHs//ZnJvWEtGyMiby/YfyRMV1RYeS1sk43GrMc
-----END CERTIFICATE-----
Generated at Mon Sep 15 16:51:15 2025 by rpki-client