Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/PrRGaFLPXBxBYOXraz8nx2Zv-Uo.roa
File: PrRGaFLPXBxBYOXraz8nx2Zv-Uo.roa (raw, json)
Hash identifier: d4brDjq0VND/Iy+6ZmnnMFSJxquKernTk88xGtm16DQ=
Subject key identifier: 3E:B4:46:68:52:CF:5C:1C:41:60:E5:EB:6B:3F:27:C7:66:6F:F9:4A
Certificate issuer: /CN=e4d53c47f21dd6652b67fef495c94fdfd1528ceb
Certificate serial: 0198F5D72C51E00A7241982355DE85F3A508
Authority key identifier: E4:D5:3C:47:F2:1D:D6:65:2B:67:FE:F4:95:C9:4F:DF:D1:52:8C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5NU8R_Id1mUrZ_70lclP39FSjOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/PrRGaFLPXBxBYOXraz8nx2Zv-Uo.roa
Signing time: Fri 29 Aug 2025 12:39:36 +0000
ROA not before: Fri 29 Aug 2025 12:39:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47264
IP address blocks: 93.191.32.0/21 maxlen: 21
93.191.32.0/23 maxlen: 23
93.191.34.0/23 maxlen: 23
93.191.36.0/23 maxlen: 23
93.191.38.0/23 maxlen: 23
178.248.104.0/21 maxlen: 21
178.248.106.0/23 maxlen: 23
178.248.108.0/23 maxlen: 23
178.248.110.0/23 maxlen: 23
185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/5NU8R_Id1mUrZ_70lclP39FSjOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/5NU8R_Id1mUrZ_70lclP39FSjOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5NU8R_Id1mUrZ_70lclP39FSjOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:d7:2c:51:e0:0a:72:41:98:23:55:de:85:f3:a5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4d53c47f21dd6652b67fef495c94fdfd1528ceb
Validity
Not Before: Aug 29 12:39:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3eb4466852cf5c1c4160e5eb6b3f27c7666ff94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:21:f8:1b:60:f9:df:73:7e:9c:22:25:f2:0d:
1a:b4:3a:de:d7:82:21:32:a5:08:67:7a:91:9f:5b:
e0:d0:11:6f:ed:86:02:90:a4:ae:55:96:06:b1:4e:
a0:59:28:57:5d:48:3f:63:dc:1c:77:ee:25:27:c3:
00:b5:0c:15:9f:56:6e:4e:4f:fc:f8:bf:8c:c3:26:
ad:d5:e7:4a:82:d1:44:95:fb:b2:c9:45:af:07:6d:
ef:49:7d:73:f5:5b:ae:93:41:ef:cd:a1:80:7a:b7:
de:2d:38:6e:8f:39:c2:54:01:31:f4:d7:76:59:1a:
f9:71:75:6d:b6:ce:e8:ff:cb:e4:b1:4a:b6:f4:6b:
5a:f5:e8:ce:3b:04:c4:5b:49:87:c8:0e:85:f2:5d:
47:21:4c:db:8c:25:ca:d9:32:84:eb:8e:d7:31:c3:
f7:44:7a:a4:9c:08:2f:dd:5f:4d:80:03:75:e3:eb:
5a:d7:7e:95:c6:e8:b1:0b:9c:0a:98:e4:47:e3:1f:
e0:df:2d:ca:61:52:c4:63:da:6d:65:43:56:1a:4f:
36:e6:64:00:a5:ca:c2:ce:6a:c3:e7:c3:f7:20:ce:
5a:7c:9b:d0:66:ea:11:3f:28:a7:e5:02:92:2c:64:
0f:43:9b:89:dd:1d:58:42:17:65:ee:80:a0:db:97:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B4:46:68:52:CF:5C:1C:41:60:E5:EB:6B:3F:27:C7:66:6F:F9:4A
X509v3 Authority Key Identifier:
keyid:E4:D5:3C:47:F2:1D:D6:65:2B:67:FE:F4:95:C9:4F:DF:D1:52:8C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NU8R_Id1mUrZ_70lclP39FSjOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/PrRGaFLPXBxBYOXraz8nx2Zv-Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d66af3-28b5-42eb-ad01-95d53b531545/1/5NU8R_Id1mUrZ_70lclP39FSjOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
Signature Algorithm: sha256WithRSAEncryption
54:f6:8a:a6:51:21:ec:d1:8b:67:e4:03:e1:96:a9:10:5a:c0:
3d:60:bc:e7:57:2d:a2:75:83:4f:c8:a6:62:b6:84:78:09:e1:
04:2b:24:14:af:b2:2d:e5:8b:aa:de:a9:b3:e0:b2:8f:16:f1:
8d:ab:40:e8:de:9a:a3:6f:fc:41:af:28:01:3d:99:84:bc:f2:
37:3a:20:43:68:28:4f:0b:0a:b8:d8:0e:cc:63:ed:40:25:2a:
d1:bc:8c:82:4f:fa:38:a9:46:62:95:85:46:86:9d:e6:3d:6b:
8b:ab:f2:d8:d3:38:cd:6d:e1:fa:e4:fe:46:c7:9b:51:8c:91:
f9:5c:d3:ed:17:83:c3:b9:f9:c2:6e:25:43:d6:39:1d:0e:bc:
6a:2f:8c:66:56:20:2c:64:d7:e8:85:35:e8:48:0d:8a:e9:c7:
f4:c9:89:bb:a3:86:2a:91:3d:82:3b:56:76:89:9e:a7:0d:b9:
5b:ac:7a:aa:c6:55:b7:a6:de:5a:e3:72:30:bb:58:e3:ef:ba:
ce:95:f1:e3:19:4c:78:29:16:81:97:66:32:87:2f:bf:2c:f6:
a4:03:c1:53:f0:87:dc:43:53:03:7d:fa:31:20:2f:5f:b4:e8:
bc:2e:3e:40:0b:75:d2:12:53:b4:60:08:64:cd:f9:cf:9b:81:
f2:82:b8:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZj11yxR4ApyQZgjVd6F86UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDUzYzQ3ZjIxZGQ2NjUyYjY3ZmVmNDk1Yzk0ZmRmZDE1
MjhjZWIwHhcNMjUwODI5MTIzOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI0NDY2ODUyY2Y1YzFjNDE2MGU1ZWI2YjNmMjdjNzY2NmZmOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCH4G2D533N+nCIl8g0atDre14Ih
MqUIZ3qRn1vg0BFv7YYCkKSuVZYGsU6gWShXXUg/Y9wcd+4lJ8MAtQwVn1ZuTk/8
+L+Mwyat1edKgtFElfuyyUWvB23vSX1z9Vuuk0HvzaGAerfeLThujznCVAEx9Nd2
WRr5cXVtts7o/8vksUq29Gta9ejOOwTEW0mHyA6F8l1HIUzbjCXK2TKE647XMcP3
RHqknAgv3V9NgAN14+ta136VxuixC5wKmORH4x/g3y3KYVLEY9ptZUNWGk825mQA
pcrCzmrD58P3IM5afJvQZuoRPyin5QKSLGQPQ5uJ3R1YQhdl7oCg25e/dwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD60RmhSz1wcQWDl62s/J8dmb/lKMB8GA1UdIwQY
MBaAFOTVPEfyHdZlK2f+9JXJT9/RUozrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5VOFJfSWQxbVVyWl83MGxjbFAzOUZTak9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kNjZhZjMtMjhiNS00MmViLWFkMDEt
OTVkNTNiNTMxNTQ1LzEvUHJSR2FGTFBYQnhCWU9YcmF6OG54Mlp2LVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kNjZhZjMtMjhiNS00MmViLWFkMDEtOTVkNTNiNTMxNTQ1
LzEvNU5VOFJfSWQxbVVyWl83MGxjbFAzOUZTak9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXb8gAwQD
svhoAwQCuUJwMA0GCSqGSIb3DQEBCwUAA4IBAQBU9oqmUSHs0Ytn5APhlqkQWsA9
YLznVy2idYNPyKZitoR4CeEEKyQUr7It5Yuq3qmz4LKPFvGNq0Do3pqjb/xBrygB
PZmEvPI3OiBDaChPCwq42A7MY+1AJSrRvIyCT/o4qUZilYVGhp3mPWuLq/LY0zjN
beH65P5Gx5tRjJH5XNPtF4PDufnCbiVD1jkdDrxqL4xmViAsZNfohTXoSA2K6cf0
yYm7o4YqkT2CO1Z2iZ6nDblbrHqqxlW3pt5a43Iwu1jj77rOlfHjGUx4KRaBl2Yy
hy+/LPakA8FT8IfcQ1MDffoxIC9ftOi8Lj5AC3XSElO0YAhkzfnPm4HygrgS
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:18:04 2025 by rpki-client