Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/sic7I93GRhDt57SAuLWMJM0rRcU.roa
File: sic7I93GRhDt57SAuLWMJM0rRcU.roa (raw, json)
Hash identifier: qQ7zCE3q2zMcN3JY5v3N1hOAaebaA4wsKuaRsrsFUDk=
Subject key identifier: B2:27:3B:23:DD:C6:46:10:ED:E7:B4:80:B8:B5:8C:24:CD:2B:45:C5
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 019929E9105F163F6C03992F24A017563D6B
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/sic7I93GRhDt57SAuLWMJM0rRcU.roa
Signing time: Mon 08 Sep 2025 15:19:23 +0000
ROA not before: Mon 08 Sep 2025 15:19:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205394
IP address blocks: 46.226.72.0/21 maxlen: 24
139.28.100.0/22 maxlen: 22
139.28.100.0/24 maxlen: 24
139.28.101.0/24 maxlen: 24
139.28.103.0/24 maxlen: 24
185.176.124.0/22 maxlen: 24
185.180.172.0/23 maxlen: 24
185.201.164.0/22 maxlen: 24
2a00:5a00::/32 maxlen: 48
2a0a:c840::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:e9:10:5f:16:3f:6c:03:99:2f:24:a0:17:56:3d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Sep 8 15:19:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2273b23ddc64610ede7b480b8b58c24cd2b45c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0f:68:e5:fa:7a:8e:8c:77:e7:1e:81:4e:f7:
63:3f:3a:4c:e9:44:77:4a:66:da:47:10:f2:be:23:
bd:0e:2b:03:42:c6:df:70:50:bc:d3:f6:1b:9d:79:
00:bf:56:51:dc:56:b2:77:0c:15:ce:21:1b:98:58:
7c:8b:12:24:c4:f3:a2:95:59:35:5a:36:95:18:cd:
33:a7:9a:d6:cd:92:53:37:a8:5c:8e:f2:c8:ac:4d:
25:a1:f6:cc:8b:fc:c8:e5:3a:c0:8d:bd:35:28:ac:
11:b0:23:2a:76:2a:01:c1:15:40:64:bd:f8:85:fb:
eb:90:26:65:84:ec:44:cd:28:53:98:48:25:a0:ba:
31:3a:5d:a9:0e:26:5a:b8:5c:da:1b:e8:50:22:05:
bd:bd:02:32:b4:7c:7c:50:d2:45:0d:9d:a3:f2:18:
61:97:87:71:9e:a1:6d:48:e8:94:6a:50:f9:9f:04:
8b:e7:10:f7:46:40:17:82:02:24:40:ba:72:8d:01:
fe:ca:78:8e:ca:f7:e4:3d:df:e4:7f:90:29:ee:9a:
8f:8c:a7:1d:27:63:49:6a:3d:2a:08:22:aa:f3:9c:
42:06:62:e9:d6:b5:0e:b1:b5:90:78:a6:9b:ff:8c:
ab:94:87:eb:90:10:9c:a1:92:c4:fb:3f:6f:c0:bf:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:27:3B:23:DD:C6:46:10:ED:E7:B4:80:B8:B5:8C:24:CD:2B:45:C5
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/sic7I93GRhDt57SAuLWMJM0rRcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
139.28.100.0/22
185.176.124.0/22
185.180.172.0/23
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
b7:71:b7:a0:69:42:34:ba:24:f6:29:84:89:60:44:91:43:00:
dc:7a:49:9c:6d:7d:fe:68:46:f3:43:64:21:14:72:1e:bc:f4:
ce:95:52:41:0c:02:dc:41:3d:96:8c:d8:85:40:51:36:11:84:
3a:1e:23:33:72:c7:60:f2:4b:52:38:b3:be:f3:e7:1c:1e:b5:
03:a5:3c:69:7a:fa:39:9b:60:93:4b:14:e6:71:ad:e9:8c:ec:
d6:35:9c:74:3f:cf:05:a2:fa:2b:5b:c6:9d:b6:a1:eb:0c:cc:
b1:c3:96:21:0d:0a:e9:51:02:ff:d3:18:a8:e3:6e:26:c9:57:
de:9d:24:07:2b:cf:d8:fa:fb:41:c9:15:4f:6f:86:0b:1d:d8:
7c:c5:e0:81:72:d1:42:d9:75:67:d6:18:a2:77:c8:bf:55:37:
3d:00:87:48:d2:96:59:ee:86:1a:e9:d4:e7:a4:0a:5b:23:72:
9a:44:1f:41:b8:ab:4d:80:28:29:0d:95:fc:d4:ae:5b:e4:2e:
fb:6f:3a:3d:df:95:81:e3:b9:c9:a6:a4:3e:1e:2f:02:d5:d7:
73:59:fc:35:50:f5:0c:b9:4e:a2:87:4a:4e:a9:d7:ae:b9:fb:
ab:26:14:0d:7e:a5:05:11:37:01:74:29:0f:c1:af:55:44:53:
34:4f:99:c8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZkp6RBfFj9sA5kvJKAXVj1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjUwOTA4MTUxOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjI3M2IyM2RkYzY0NjEwZWRlN2I0ODBiOGI1OGMyNGNkMmI0NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q9o5fp6jox35x6BTvdjPzpM6UR3
SmbaRxDyviO9DisDQsbfcFC80/YbnXkAv1ZR3FaydwwVziEbmFh8ixIkxPOilVk1
WjaVGM0zp5rWzZJTN6hcjvLIrE0lofbMi/zI5TrAjb01KKwRsCMqdioBwRVAZL34
hfvrkCZlhOxEzShTmEgloLoxOl2pDiZauFzaG+hQIgW9vQIytHx8UNJFDZ2j8hhh
l4dxnqFtSOiUalD5nwSL5xD3RkAXggIkQLpyjQH+yniOyvfkPd/kf5Ap7pqPjKcd
J2NJaj0qCCKq85xCBmLp1rUOsbWQeKab/4yrlIfrkBCcoZLE+z9vwL8KiQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLInOyPdxkYQ7ee0gLi1jCTNK0XFMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvc2ljN0k5M0dSaER0NTdTQXVMV01KTTByUmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDLuJIAwQC
ixxkAwQCubB8AwQBubSsAwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkq
hkiG9w0BAQsFAAOCAQEAt3G3oGlCNLok9imEiWBEkUMA3HpJnG19/mhG80NkIRRy
Hrz0zpVSQQwC3EE9lozYhUBRNhGEOh4jM3LHYPJLUjizvvPnHB61A6U8aXr6OZtg
k0sU5nGt6Yzs1jWcdD/PBaL6K1vGnbah6wzMscOWIQ0K6VEC/9MYqONuJslX3p0k
ByvP2Pr7QckVT2+GCx3YfMXggXLRQtl1Z9YYonfIv1U3PQCHSNKWWe6GGunU56QK
WyNymkQfQbirTYAoKQ2V/NSuW+Qu+286Pd+VgeO5yaakPh4vAtXXc1n8NVD1DLlO
oodKTqnXrrn7qyYUDX6lBRE3AXQpD8GvVURTNE+ZyA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 09:49:28 2025 by rpki-client