Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/loWyCWKKamVhmZmBTQdvK46h7f8.roa
File: loWyCWKKamVhmZmBTQdvK46h7f8.roa (raw, json)
Hash identifier: UbW/jlTh1hoDZzjjp/qkeCrkupzELJrGa1S8PB5NoNI=
Subject key identifier: 96:85:B2:09:62:8A:6A:65:61:99:99:81:4D:07:6F:2B:8E:A1:ED:FF
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019A39454ABF7F2A32178A8A25E9E76AF8A8
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/loWyCWKKamVhmZmBTQdvK46h7f8.roa
Signing time: Fri 31 Oct 2025 07:57:13 +0000
ROA not before: Fri 31 Oct 2025 07:57:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.95.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:39:45:4a:bf:7f:2a:32:17:8a:8a:25:e9:e7:6a:f8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Oct 31 07:57:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9685b209628a6a65619999814d076f2b8ea1edff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:72:10:53:10:58:52:54:c2:ec:0e:4c:69:
b0:c1:74:2e:a3:0e:51:a3:82:9f:58:03:cc:c2:21:
d1:bf:e7:58:c8:24:91:7d:52:2f:5f:98:67:9f:d9:
c4:07:00:a7:8e:72:25:5c:aa:d8:ea:a7:f6:90:9b:
5c:5c:5a:34:1a:2f:35:6e:98:cb:89:b3:9e:77:0b:
36:99:9a:f5:e6:2e:7d:0a:b3:8f:c4:9c:1b:98:3e:
79:75:fc:a0:f3:a6:6b:4f:20:50:6a:b7:10:81:ac:
5f:1f:fa:dd:c8:cc:13:e9:37:d1:cf:82:78:19:ea:
1e:d8:17:56:f6:b0:b5:31:df:24:c8:eb:27:c5:33:
8d:9a:ed:be:42:33:c3:38:eb:82:c6:46:fb:52:b3:
40:ba:31:fe:a2:6e:b2:78:64:71:e7:07:1a:67:5f:
37:40:ca:97:46:99:56:d8:c6:9d:3f:3c:f1:13:24:
a2:17:5c:f2:f7:9f:98:5a:5c:59:10:1c:6a:1c:2c:
6b:3c:42:a9:af:f8:7e:1f:a0:83:ca:fa:8c:b9:f9:
27:3e:60:37:0f:c6:f2:aa:99:6d:fe:01:e1:97:ba:
e8:d0:ca:99:cf:83:2a:3d:c8:77:a9:89:67:d8:19:
d8:3a:6b:0d:3f:a8:92:d0:06:bd:2d:7e:8e:ad:91:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:85:B2:09:62:8A:6A:65:61:99:99:81:4D:07:6F:2B:8E:A1:ED:FF
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/loWyCWKKamVhmZmBTQdvK46h7f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.80.0/24
86.106.104.0/24
89.34.8.0/21
89.37.136.0/24
89.44.209.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.215.95.0/24
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
57:1a:29:e7:88:1b:57:16:4c:ee:f6:5a:9a:29:a5:cb:8f:e5:
d4:19:9a:08:d6:0c:e0:f2:9a:63:e9:a6:39:3c:15:94:9a:42:
a2:b2:58:93:54:83:18:a3:30:b5:bd:b5:a1:39:cc:71:9e:58:
5f:09:68:37:c0:27:d8:33:98:0d:37:98:54:0c:40:a8:ec:72:
96:52:80:77:df:80:15:26:89:a8:94:a6:b4:4d:b8:06:f4:d7:
c2:c0:f4:e8:af:b2:26:76:ac:fa:15:9f:99:b3:41:9b:70:f7:
61:43:1e:7e:b6:a6:c4:c8:01:e0:9f:54:07:a3:80:8f:70:e5:
d0:d6:24:5e:9d:8d:d7:ef:9d:ac:96:a6:da:e7:d6:1b:06:26:
51:1c:71:fc:64:86:7f:ad:b6:d2:36:a1:dc:39:33:06:f0:a6:
b0:d7:b3:93:d2:f8:86:11:7b:7f:ec:74:9e:5e:4e:54:b7:e0:
0b:d8:b7:81:92:45:c4:2e:6d:27:bb:3e:17:72:b7:d7:d7:91:
c4:ef:0d:67:ac:39:16:46:06:a8:7e:79:a1:2a:58:de:f3:76:
07:b4:40:bb:41:e5:a7:42:19:b3:e2:74:7b:30:d7:ab:a2:ff:
fd:ad:47:cc:fb:2b:00:b4:f6:2d:df:5e:73:65:96:11:67:a6:
4f:c2:5c:5b
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZo5RUq/fyoyF4qKJennavioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUxMDMxMDc1NzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg1YjIwOTYyOGE2YTY1NjE5OTk5ODE0ZDA3NmYyYjhlYTFlZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQVyEFMQWFJUwuwOTGmwwXQuow5R
o4KfWAPMwiHRv+dYyCSRfVIvX5hnn9nEBwCnjnIlXKrY6qf2kJtcXFo0Gi81bpjL
ibOedws2mZr15i59CrOPxJwbmD55dfyg86ZrTyBQarcQgaxfH/rdyMwT6TfRz4J4
Geoe2BdW9rC1Md8kyOsnxTONmu2+QjPDOOuCxkb7UrNAujH+om6yeGRx5wcaZ183
QMqXRplW2MadPzzxEySiF1zy95+YWlxZEBxqHCxrPEKpr/h+H6CDyvqMufknPmA3
D8byqplt/gHhl7ro0MqZz4MqPch3qYln2BnYOmsNP6iS0Aa9LX6OrZE7IwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFJaFsgliimplYZmZgU0HbyuOoe3/MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvbG9XeUNXS0thbVZobVptQlRRZHZLNDZoN2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQAVmpQAwQA
VmpoAwQDWSIIAwQAWSWIAwQAWSzRAwQAXXGeAwQAXXI3AwQAXXJjAwQAXXKrAwQA
vNUSAwQBvNdIAwQAvNdfAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBAFcaKeeIG1cWTO72WpoppcuP5dQZmgjWDODymmPppjk8FZSaQqKy
WJNUgxijMLW9taE5zHGeWF8JaDfAJ9gzmA03mFQMQKjscpZSgHffgBUmiaiUprRN
uAb018LA9OivsiZ2rPoVn5mzQZtw92FDHn62psTIAeCfVAejgI9w5dDWJF6djdfv
nayWptrn1hsGJlEccfxkhn+tttI2odw5MwbwprDXs5PS+IYRe3/sdJ5eTlS34AvY
t4GSRcQubSe7Phdyt9fXkcTvDWesORZGBqh+eaEqWN7zdge0QLtB5adCGbPidHsw
16ui//2tR8z7KwC09i3fXnNllhFnpk/CXFs=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:46:10 2025 by rpki-client