Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-uNKE81Lzf2WQ01U3FyE6o3Trkk.roa
File: 1-uNKE81Lzf2WQ01U3FyE6o3Trkk.roa (raw, json)
Hash identifier: n/tBS76WlfkcFnuQM7LXSxm4LmlAnaRxrRZDe60YAX4=
Subject key identifier: FA:E3:4A:13:CD:4B:CD:FD:96:43:4D:54:DC:5C:84:EA:8D:D3:AE:49
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0199570E8E0758AABA070C4CFB7DEF6CA464
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-uNKE81Lzf2WQ01U3FyE6o3Trkk.roa
Signing time: Wed 17 Sep 2025 09:43:15 +0000
ROA not before: Wed 17 Sep 2025 09:43:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:0e:8e:07:58:aa:ba:07:0c:4c:fb:7d:ef:6c:a4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 17 09:43:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fae34a13cd4bcdfd96434d54dc5c84ea8dd3ae49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:cd:79:09:11:c4:ca:a3:98:12:f1:e8:98:
8f:8c:c9:63:58:9a:c9:0d:80:b1:57:b3:29:06:58:
47:46:09:e0:26:7b:95:9e:25:33:c7:e5:41:c1:73:
72:1c:16:5f:70:cd:19:fb:18:cb:5b:45:a4:73:5a:
5c:c7:27:b9:b6:99:b0:34:ab:b9:43:68:cf:0b:34:
18:dc:9a:ed:e1:03:32:1d:b0:ef:b3:1f:bc:12:1d:
90:7c:ed:33:12:c0:2d:13:4e:4c:b8:a5:7b:79:28:
9a:37:45:1a:4f:8e:f2:c7:d7:0d:5c:7c:4c:87:ae:
10:f1:12:bf:ac:b8:d9:2b:d5:f2:29:a1:d5:a6:14:
8c:6a:53:3f:5a:bc:90:4a:c0:6f:a5:e2:bf:95:71:
8a:98:c8:a8:6e:93:20:4e:1c:c6:21:0f:2a:43:52:
c0:3e:34:00:f0:e7:dc:f2:bb:15:2a:01:ac:c9:2e:
01:80:e9:31:0e:bb:80:cb:6f:5f:9c:d5:33:48:f6:
14:a2:0d:cd:d9:53:75:07:c9:11:68:bb:2f:a7:84:
0d:39:18:91:6c:de:64:7a:dc:35:ee:50:67:4b:83:
f9:74:41:df:33:b5:69:fd:24:fe:a8:21:9f:f6:a0:
d3:f0:6e:30:01:a1:46:b0:e4:c7:f1:40:36:77:b9:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E3:4A:13:CD:4B:CD:FD:96:43:4D:54:DC:5C:84:EA:8D:D3:AE:49
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-uNKE81Lzf2WQ01U3FyE6o3Trkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
86.106.80.0/24
86.106.104.0/24
89.34.8.0/21
89.37.136.0/24
89.44.209.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
ab:98:3e:f2:19:66:f4:fb:6a:c4:98:34:e4:86:64:7e:4a:47:
25:fa:41:35:6e:a5:67:8d:93:6a:78:75:4f:1c:9f:9e:df:3d:
c1:51:1e:2f:55:d1:60:53:d7:01:4a:43:a2:93:67:66:f4:54:
27:24:8d:84:36:33:54:59:d6:a0:25:0d:ec:07:08:38:51:66:
25:ad:d8:47:65:ad:b5:94:22:b2:a1:a0:3d:7a:1b:42:d2:ee:
ac:20:6b:cd:8e:89:25:ac:40:91:db:db:f3:e8:15:da:79:f9:
ed:d0:71:60:64:11:3c:b3:b7:45:b8:1c:26:be:1d:39:9c:a8:
61:96:9b:18:25:d3:5d:86:fd:0d:aa:86:b0:b2:2f:37:98:b2:
77:7d:cd:7a:72:a9:e3:55:82:6d:87:db:19:bd:52:65:13:72:
c0:4f:48:1e:51:4b:52:c9:16:08:9e:b9:7f:ae:c5:92:5a:26:
ac:16:7c:4b:3e:55:0d:35:bc:8e:e0:54:85:ba:67:e3:ee:55:
95:18:3e:69:28:25:90:e4:67:85:1e:1f:26:0f:89:b0:e7:39:
bf:fd:8e:8d:95:39:08:46:f6:06:fe:00:e1:0f:7d:31:ca:dc:
58:14:7d:d8:4b:54:19:19:f9:96:c7:00:39:72:eb:cb:5b:fd:
2c:bc:30:35
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZlXDo4HWKq6BwxM+33vbKRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwOTE3MDk0MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUzNGExM2NkNGJjZGZkOTY0MzRkNTRkYzVjODRlYThkZDNhZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3azNeQkRxMqjmBLx6JiPjMljWJrJ
DYCxV7MpBlhHRgngJnuVniUzx+VBwXNyHBZfcM0Z+xjLW0Wkc1pcxye5tpmwNKu5
Q2jPCzQY3Jrt4QMyHbDvsx+8Eh2QfO0zEsAtE05MuKV7eSiaN0UaT47yx9cNXHxM
h64Q8RK/rLjZK9XyKaHVphSMalM/WryQSsBvpeK/lXGKmMiobpMgThzGIQ8qQ1LA
PjQA8Ofc8rsVKgGsyS4BgOkxDruAy29fnNUzSPYUog3N2VN1B8kRaLsvp4QNORiR
bN5ketw17lBnS4P5dEHfM7Vp/ST+qCGf9qDT8G4wAaFGsOTH8UA2d7ncnQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFPrjShPNS839lkNNVNxchOqN065JMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvMS11TktFODFMemYyV1EwMVUzRnlFNm8zVHJray5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3
My8xL19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB4BggrBgEFBQcBBwEB/wRpMGcwVAQCAAEwTgMEAFXMfQME
AFZqUAMEAFZqaAMEA1kiCAMEAFkliAMEAFks0QMEAF1xngMEAF1yNwMEAF1yYwME
AF1yqwMEALzVEgMEAbzXSAMEALzwDjAPBAIAAjAJAwcAKgW2gAABMA0GCSqGSIb3
DQEBCwUAA4IBAQCrmD7yGWb0+2rEmDTkhmR+Skcl+kE1bqVnjZNqeHVPHJ+e3z3B
UR4vVdFgU9cBSkOik2dm9FQnJI2ENjNUWdagJQ3sBwg4UWYlrdhHZa21lCKyoaA9
ehtC0u6sIGvNjoklrECR29vz6BXaefnt0HFgZBE8s7dFuBwmvh05nKhhlpsYJdNd
hv0Nqoawsi83mLJ3fc16cqnjVYJth9sZvVJlE3LAT0geUUtSyRYInrl/rsWSWias
FnxLPlUNNbyO4FSFumfj7lWVGD5pKCWQ5GeFHh8mD4mw5zm//Y6NlTkIRvYG/gDh
D30xytxYFH3YS1QZGfmWxwA5cuvLW/0svDA1
-----END CERTIFICATE-----
Generated at Fri Sep 19 13:42:44 2025 by rpki-client