Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/_R8JganIA6Y5xqA_CejFzUDFPSs.roa
File: _R8JganIA6Y5xqA_CejFzUDFPSs.roa (raw, json)
Hash identifier: E9VdkNaUTEKvw+Vgp2OrNs1qd+GYgpa3bopcEol5P3A=
Subject key identifier: FD:1F:09:81:A9:C8:03:A6:39:C6:A0:3F:09:E8:C5:CD:40:C5:3D:2B
Certificate issuer: /CN=2b76e1570cad7739fd0bff60632e05bc06f642e3
Certificate serial: 019919C375D2BFBB7B59E61D329C390B6793
Authority key identifier: 2B:76:E1:57:0C:AD:77:39:FD:0B:FF:60:63:2E:05:BC:06:F6:42:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3bhVwytdzn9C_9gYy4FvAb2QuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/_R8JganIA6Y5xqA_CejFzUDFPSs.roa
Signing time: Fri 05 Sep 2025 12:04:23 +0000
ROA not before: Fri 05 Sep 2025 12:04:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208893
IP address blocks: 45.88.64.0/24 maxlen: 24
94.156.64.0/24 maxlen: 24
94.156.65.0/24 maxlen: 24
2a14:e200::/44 maxlen: 44
2a14:e200::/48 maxlen: 48
2a14:e200:1::/48 maxlen: 48
2a14:e200:2::/48 maxlen: 48
2a14:e200:3::/48 maxlen: 48
2a14:e200:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/K3bhVwytdzn9C_9gYy4FvAb2QuM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/K3bhVwytdzn9C_9gYy4FvAb2QuM.mft
rsync://rpki.ripe.net/repository/DEFAULT/K3bhVwytdzn9C_9gYy4FvAb2QuM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:19:c3:75:d2:bf:bb:7b:59:e6:1d:32:9c:39:0b:67:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b76e1570cad7739fd0bff60632e05bc06f642e3
Validity
Not Before: Sep 5 12:04:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd1f0981a9c803a639c6a03f09e8c5cd40c53d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:7e:c5:04:c6:ff:2e:38:f1:f3:72:0b:a9:
2d:93:8d:b6:6a:be:a0:f9:1f:78:aa:90:bf:dd:95:
fb:da:07:b1:f7:bc:6b:eb:5c:d3:6a:30:11:da:47:
91:dd:77:35:c6:ac:42:52:b7:d5:20:80:36:af:1f:
21:37:94:46:ea:db:ff:c2:a9:4e:f5:36:cc:ce:8e:
c8:03:33:d8:33:a4:43:5f:ff:c3:fd:60:0d:f4:c0:
6e:08:8e:5f:f7:65:12:9b:64:4d:ab:09:5c:19:9e:
88:ee:01:63:f5:76:a7:86:67:6a:c0:94:fc:01:9c:
99:0c:de:a9:be:e8:ee:61:78:10:d2:ce:39:78:a9:
f0:97:5b:14:4a:f5:3c:6f:3b:95:b7:f8:9b:73:6c:
63:16:f5:29:36:c4:b1:12:55:5c:5e:e8:01:82:69:
53:9a:79:99:93:2e:61:2b:16:d7:29:61:8b:c7:81:
b5:8b:a6:1b:d5:8a:7c:7b:a8:9d:c5:5d:cb:bf:45:
df:17:2d:4a:38:42:93:ad:07:be:9e:20:39:06:cf:
74:59:f8:4c:c4:53:fd:77:a4:17:7c:76:16:da:28:
70:7f:52:1e:88:b5:37:85:89:e2:48:97:e8:89:24:
75:c9:fe:66:17:a2:a2:a5:64:81:fc:36:24:35:20:
ba:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1F:09:81:A9:C8:03:A6:39:C6:A0:3F:09:E8:C5:CD:40:C5:3D:2B
X509v3 Authority Key Identifier:
keyid:2B:76:E1:57:0C:AD:77:39:FD:0B:FF:60:63:2E:05:BC:06:F6:42:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3bhVwytdzn9C_9gYy4FvAb2QuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/_R8JganIA6Y5xqA_CejFzUDFPSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f0f945-dc3b-4672-942d-7f6ee7a76565/1/K3bhVwytdzn9C_9gYy4FvAb2QuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.64.0/24
94.156.64.0/23
IPv6:
2a14:e200::/43
Signature Algorithm: sha256WithRSAEncryption
94:96:38:c0:9c:50:1b:5a:c2:7e:9d:61:d0:4e:e5:1d:5f:67:
51:4a:4e:ae:9b:49:21:fb:d9:d4:b3:1b:40:98:44:8b:46:3f:
c6:36:49:6b:ae:95:5a:95:9e:20:92:34:22:53:10:30:a8:92:
ee:de:50:ae:39:80:03:41:79:76:fc:28:fa:8b:20:77:0b:8f:
94:59:46:3c:45:ac:dd:d0:6b:70:13:b9:4d:19:a4:ed:2c:3f:
34:b4:17:c2:44:eb:39:49:b4:56:be:a3:cb:d0:91:da:c7:36:
42:41:02:c2:28:31:2e:06:69:0e:2b:c3:a9:0d:49:81:53:98:
33:6e:96:f1:b7:1f:1b:63:b4:77:82:32:64:8d:c1:e5:ae:9c:
cd:7a:02:e0:24:f6:ad:f7:da:bd:41:e1:01:e8:f3:41:e3:95:
ab:26:0a:23:4d:59:ea:ef:7a:69:82:2f:07:a1:67:f5:54:70:
b6:66:cf:4d:60:62:ae:35:ee:b2:aa:59:4a:58:ff:a4:c8:3c:
17:55:28:e9:a3:a8:fb:f4:e9:33:d8:d4:ca:50:95:9d:fe:bf:
92:6c:d9:76:a5:23:0d:e1:cd:c6:02:22:a5:36:e2:54:a5:c7:
e4:cf:0a:c4:56:3a:6b:54:47:4e:44:4c:72:55:e3:c4:db:c7:
44:3a:d5:7b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZkZw3XSv7t7WeYdMpw5C2eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNzZlMTU3MGNhZDc3MzlmZDBiZmY2MDYzMmUwNWJjMDZm
NjQyZTMwHhcNMjUwOTA1MTIwNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFmMDk4MWE5YzgwM2E2MzljNmEwM2YwOWU4YzVjZDQwYzUzZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBh+xQTG/y448fNyC6ktk422ar6g
+R94qpC/3ZX72gex97xr61zTajAR2keR3Xc1xqxCUrfVIIA2rx8hN5RG6tv/wqlO
9TbMzo7IAzPYM6RDX//D/WAN9MBuCI5f92USm2RNqwlcGZ6I7gFj9XanhmdqwJT8
AZyZDN6pvujuYXgQ0s45eKnwl1sUSvU8bzuVt/ibc2xjFvUpNsSxElVcXugBgmlT
mnmZky5hKxbXKWGLx4G1i6Yb1Yp8e6idxV3Lv0XfFy1KOEKTrQe+niA5Bs90WfhM
xFP9d6QXfHYW2ihwf1IeiLU3hYniSJfoiSR1yf5mF6KipWSB/DYkNSC6fwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP0fCYGpyAOmOcagPwnoxc1AxT0rMB8GA1UdIwQY
MBaAFCt24VcMrXc5/Qv/YGMuBbwG9kLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzNiaFZ3eXRkem45Q185Z1l5NEZ2QWIyUXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mMGY5NDUtZGMzYi00NjcyLTk0MmQt
N2Y2ZWU3YTc2NTY1LzEvX1I4SmdhbklBNlk1eHFBX0NlakZ6VURGUFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mMGY5NDUtZGMzYi00NjcyLTk0MmQtN2Y2ZWU3YTc2NTY1
LzEvSzNiaFZ3eXRkem45Q185Z1l5NEZ2QWIyUXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALVhAAwQB
XpxAMA8EAgACMAkDBwUqFOIAAAAwDQYJKoZIhvcNAQELBQADggEBAJSWOMCcUBta
wn6dYdBO5R1fZ1FKTq6bSSH72dSzG0CYRItGP8Y2SWuulVqVniCSNCJTEDCoku7e
UK45gANBeXb8KPqLIHcLj5RZRjxFrN3Qa3ATuU0ZpO0sPzS0F8JE6zlJtFa+o8vQ
kdrHNkJBAsIoMS4GaQ4rw6kNSYFTmDNulvG3HxtjtHeCMmSNweWunM16AuAk9q33
2r1B4QHo80HjlasmCiNNWervemmCLwehZ/VUcLZmz01gYq417rKqWUpY/6TIPBdV
KOmjqPv06TPY1MpQlZ3+v5Js2XalIw3hzcYCIqU24lSlx+TPCsRWOmtUR05ETHJV
48Tbx0Q61Xs=
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:35:39 2025 by rpki-client