Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/PnDAeBphB2kiD9o4b1TlFW_oiEw.roa
File: PnDAeBphB2kiD9o4b1TlFW_oiEw.roa (raw, json)
Hash identifier: 80HIEeMh1J7mTJAl8xWdqZV3GTcdBhba2s3G/UCvDhk=
Subject key identifier: 3E:70:C0:78:1A:61:07:69:22:0F:DA:38:6F:54:E5:15:6F:E8:88:4C
Certificate issuer: /CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Certificate serial: 019909B31887989130818F99642A1589BDC8
Authority key identifier: 5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/PnDAeBphB2kiD9o4b1TlFW_oiEw.roa
Signing time: Tue 02 Sep 2025 09:12:36 +0000
ROA not before: Tue 02 Sep 2025 09:12:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12676
IP address blocks: 88.205.0.0/20 maxlen: 24
88.205.32.0/19 maxlen: 24
88.205.64.0/19 maxlen: 24
88.205.96.0/19 maxlen: 24
185.90.228.0/22 maxlen: 24
212.46.96.0/19 maxlen: 24
213.9.0.0/17 maxlen: 24
2a02:4c00::/32 maxlen: 40
2a02:4c00::/40 maxlen: 40
2a02:4c00:100::/40 maxlen: 40
2a02:4c01::/32 maxlen: 32
2a02:4c02::/32 maxlen: 32
2a02:4c03::/32 maxlen: 32
2a02:4c04::/32 maxlen: 32
2a02:4c05::/32 maxlen: 32
2a02:4c06::/32 maxlen: 32
2a02:4c07::/32 maxlen: 34
2a02:4c07:4000::/34 maxlen: 34
2a02:4c07:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:09:b3:18:87:98:91:30:81:8f:99:64:2a:15:89:bd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Validity
Not Before: Sep 2 09:12:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e70c0781a610769220fda386f54e5156fe8884c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:d6:38:8c:df:e0:49:e9:5b:93:e4:df:a6:
f3:1b:44:ab:31:e3:4d:88:06:33:dc:00:99:79:d2:
70:a5:33:82:27:9e:e6:9d:3a:3c:03:4a:51:25:25:
8f:c7:50:f3:e1:72:35:95:37:9f:2f:ed:aa:1f:cd:
86:39:04:9d:05:b1:48:87:e1:26:b0:8a:70:0d:35:
f9:fd:88:2d:53:2d:ae:f0:e9:38:c1:c0:9f:c7:ff:
04:1e:fa:f1:12:6a:20:81:ac:a3:12:21:de:43:75:
95:4b:b8:64:a5:83:4e:05:c1:dc:67:f8:b5:2e:8a:
1d:24:25:da:5a:c4:b5:7d:46:98:02:40:6e:fb:e7:
e3:88:c0:71:e4:52:26:96:8a:a2:21:2f:76:cb:89:
1c:79:86:97:2f:27:88:3a:0f:25:40:27:4c:18:66:
e9:72:04:98:6f:7f:ed:c0:13:16:fa:97:61:31:04:
78:76:c7:ce:a2:3f:2c:7b:c2:d2:13:83:e5:5d:7a:
bc:29:8a:91:35:e7:20:50:d6:b9:9c:8f:42:56:f5:
1b:3a:b7:06:71:e0:5b:bf:3d:93:67:63:22:48:42:
d5:09:ed:5e:6e:be:09:3e:2b:9e:4d:fa:c6:d6:6f:
bf:bf:37:80:bf:ea:7e:ff:9f:dd:8b:75:b5:33:45:
ac:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:70:C0:78:1A:61:07:69:22:0F:DA:38:6F:54:E5:15:6F:E8:88:4C
X509v3 Authority Key Identifier:
keyid:5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/PnDAeBphB2kiD9o4b1TlFW_oiEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.205.0.0/20
88.205.32.0-88.205.127.255
185.90.228.0/22
212.46.96.0/19
213.9.0.0/17
IPv6:
2a02:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
20:2d:0c:00:80:e0:e2:c7:b2:7b:13:b2:c4:8a:3b:81:3e:64:
6e:b4:d5:ae:dd:22:17:18:82:a7:13:28:21:60:d5:1d:fc:4f:
8d:da:c3:3f:7a:62:e3:d8:04:d3:de:6e:4a:ba:4c:11:fe:1c:
1d:c6:12:68:04:da:fc:ac:22:ab:33:b0:2a:d9:c8:2c:9f:d0:
ad:1c:34:77:ac:90:90:d6:fc:73:09:58:d3:23:f3:48:96:ce:
ec:33:84:37:95:69:fa:d4:70:d0:f3:02:6b:10:d3:8f:4b:d3:
0d:f6:9d:6f:2b:4a:c1:df:b9:af:b6:d4:de:85:32:2a:60:16:
3c:25:50:14:d7:34:67:0e:b5:72:b9:d4:79:dc:13:44:19:1d:
30:25:fb:25:f0:cc:00:45:61:31:4f:62:d3:10:15:46:9e:c8:
80:7d:fc:25:93:c0:3e:61:17:3d:3c:85:2d:8c:7e:86:3e:9c:
97:76:1c:c9:e7:f3:54:98:e3:85:7c:86:14:bd:5a:df:dc:74:
51:c4:cb:34:86:b2:02:2d:70:64:1a:96:13:c5:6f:ef:b1:da:
0b:db:23:7b:20:de:83:92:30:47:36:3c:d9:7e:54:11:2a:70:
56:e9:51:87:93:20:61:53:cc:59:fb:fb:52:93:ad:96:66:77:
1d:26:27:6f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZkJsxiHmJEwgY+ZZCoVib3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjhkNjk5ZDFhOTQ1N2M3OGFjZmJlYzAwNGY5ODY3N2Fh
NGNjMTYwHhcNMjUwOTAyMDkxMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTcwYzA3ODFhNjEwNzY5MjIwZmRhMzg2ZjU0ZTUxNTZmZTg4ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KjWOIzf4EnpW5Pk36bzG0SrMeNN
iAYz3ACZedJwpTOCJ57mnTo8A0pRJSWPx1Dz4XI1lTefL+2qH82GOQSdBbFIh+Em
sIpwDTX5/YgtUy2u8Ok4wcCfx/8EHvrxEmoggayjEiHeQ3WVS7hkpYNOBcHcZ/i1
LoodJCXaWsS1fUaYAkBu++fjiMBx5FImloqiIS92y4kceYaXLyeIOg8lQCdMGGbp
cgSYb3/twBMW+pdhMQR4dsfOoj8se8LSE4PlXXq8KYqRNecgUNa5nI9CVvUbOrcG
ceBbvz2TZ2MiSELVCe1ebr4JPiueTfrG1m+/vzeAv+p+/5/di3W1M0Ws3wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD5wwHgaYQdpIg/aOG9U5RVv6IhMMB8GA1UdIwQY
MBaAFFpo1pnRqUV8eKz77ABPmGd6pMwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMt
MGFlZTM2MGIwYmE0LzEvUG5EQWVCcGhCMmtpRDlvNGIxVGxGV19vaUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMtMGFlZTM2MGIwYmE0
LzEvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQEWM0AMAwD
BAVYzSADBAdYzQADBAK5WuQDBAXULmADBAfVCQAwDQQCAAIwBwMFAyoCTAAwDQYJ
KoZIhvcNAQELBQADggEBACAtDACA4OLHsnsTssSKO4E+ZG601a7dIhcYgqcTKCFg
1R38T43awz96YuPYBNPebkq6TBH+HB3GEmgE2vysIqszsCrZyCyf0K0cNHeskJDW
/HMJWNMj80iWzuwzhDeVafrUcNDzAmsQ049L0w32nW8rSsHfua+21N6FMipgFjwl
UBTXNGcOtXK51HncE0QZHTAl+yXwzABFYTFPYtMQFUaeyIB9/CWTwD5hFz08hS2M
foY+nJd2HMnn81SY44V8hhS9Wt/cdFHEyzSGsgItcGQalhPFb++x2gvbI3sg3oOS
MEc2PNl+VBEqcFbpUYeTIGFTzFn7+1KTrZZmdx0mJ28=
-----END CERTIFICATE-----
Generated at Tue Sep 9 14:14:05 2025 by rpki-client