Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2Km27W8fymqOiuzJCiJ7PosiHZA.roa
File: 2Km27W8fymqOiuzJCiJ7PosiHZA.roa (raw, json)
Hash identifier: RsJe+vkpxyeW6Rdio3q/+kAD6JADso27wCtLitCxRts=
Subject key identifier: D8:A9:B6:ED:6F:1F:CA:6A:8E:8A:EC:C9:0A:22:7B:3E:8B:22:1D:90
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019918A228F2DB952113F083448ED3E2D56B
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2Km27W8fymqOiuzJCiJ7PosiHZA.roa
Signing time: Fri 05 Sep 2025 06:48:24 +0000
ROA not before: Fri 05 Sep 2025 06:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.81.101.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.119.195.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:18:a2:28:f2:db:95:21:13:f0:83:44:8e:d3:e2:d5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 5 06:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8a9b6ed6f1fca6a8e8aecc90a227b3e8b221d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:12:02:23:08:d9:1a:8d:d1:90:0f:fa:54:51:
97:7e:61:1d:70:9e:8a:81:db:57:6c:dc:ea:39:20:
f8:09:38:8b:1e:55:e8:99:2f:70:69:45:bb:08:f0:
08:77:d9:2b:32:19:23:f3:88:64:c3:86:15:af:c8:
27:fb:a2:67:63:c7:8a:43:ce:90:0f:c1:f1:c0:d3:
35:9d:4b:88:52:d3:58:fd:a0:34:63:1b:34:de:4a:
d1:9b:e6:55:91:96:aa:bb:b3:a9:0f:47:03:bc:f0:
14:4b:35:2a:ad:6d:7a:3c:88:18:0c:ff:d3:38:6f:
81:83:5a:ff:fc:d6:d7:f1:02:fa:94:e9:d1:b3:a6:
14:74:38:5c:5e:0a:10:7d:78:02:b3:50:08:9c:98:
d5:0e:d5:b7:8a:37:a7:d8:9d:81:3e:57:bc:aa:93:
93:5a:91:29:ed:2a:1e:04:04:e2:e8:39:0d:98:a3:
b2:a3:a1:fd:b6:00:33:f0:57:83:02:7a:14:41:55:
5f:c6:a4:86:8c:34:f7:9a:16:8f:67:13:8a:52:e3:
b2:b2:01:49:ff:59:5c:7d:f4:62:b1:39:23:82:a1:
95:7d:9c:e4:5e:b8:ef:ad:b7:c8:10:53:cf:28:e8:
d8:97:b7:83:dd:36:21:9c:74:de:f4:9d:be:f5:93:
f9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A9:B6:ED:6F:1F:CA:6A:8E:8A:EC:C9:0A:22:7B:3E:8B:22:1D:90
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2Km27W8fymqOiuzJCiJ7PosiHZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.101.0/24
89.34.106.0/24
89.37.185.0/24
93.114.183.0/24
93.115.106.0/24
93.119.195.0/24
94.177.13.0/24
94.177.106.0/24
193.124.36.0/24
194.58.47.0/24
Signature Algorithm: sha256WithRSAEncryption
07:32:76:9e:f5:7c:ec:58:64:cb:55:df:45:4d:de:d0:93:4e:
96:65:d7:c1:79:3d:67:4d:90:49:f7:ec:e9:25:44:b7:4a:a5:
d8:61:6c:d4:54:39:bc:bb:22:dd:59:a9:e9:85:e2:86:19:d6:
f0:8f:56:86:fb:87:44:85:fa:c5:7e:c7:31:fd:a0:ae:81:23:
ac:c5:62:9e:3d:17:a3:e7:5c:07:64:51:12:b6:17:c9:fa:92:
e8:b1:d1:9d:a5:43:ea:ab:aa:f7:f5:91:67:55:db:5d:40:f9:
55:0a:22:fa:9b:82:b6:8c:d3:8a:b2:ad:66:87:45:b7:43:58:
53:7d:43:e9:b1:50:22:5f:16:68:33:28:d4:8c:9c:1a:8a:c7:
51:85:60:9a:c8:06:dd:02:7c:34:0d:db:02:0d:2b:73:7d:24:
87:0e:43:07:dd:5f:b4:6d:57:d7:0b:b1:a7:44:6f:9b:74:a5:
c4:eb:72:b5:53:53:c9:a5:60:28:04:b4:fb:ff:0f:c2:39:bd:
d3:80:1d:d4:81:83:fb:05:a6:e7:27:ef:69:f2:df:0d:b1:9a:
87:f4:6b:37:f7:b2:78:3c:ac:1b:7d:95:0c:3a:93:a9:9c:25:
ea:62:c5:e0:bf:25:22:b2:84:0e:e2:cf:9b:0a:2a:04:e4:cc:
d3:11:94:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZkYoijy25UhE/CDRI7T4tVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTA1MDY0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE5YjZlZDZmMWZjYTZhOGU4YWVjYzkwYTIyN2IzZThiMjIxZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBICIwjZGo3RkA/6VFGXfmEdcJ6K
gdtXbNzqOSD4CTiLHlXomS9waUW7CPAId9krMhkj84hkw4YVr8gn+6JnY8eKQ86Q
D8HxwNM1nUuIUtNY/aA0Yxs03krRm+ZVkZaqu7OpD0cDvPAUSzUqrW16PIgYDP/T
OG+Bg1r//NbX8QL6lOnRs6YUdDhcXgoQfXgCs1AInJjVDtW3ijen2J2BPle8qpOT
WpEp7SoeBATi6DkNmKOyo6H9tgAz8FeDAnoUQVVfxqSGjDT3mhaPZxOKUuOysgFJ
/1lcffRisTkjgqGVfZzkXrjvrbfIEFPPKOjYl7eD3TYhnHTe9J2+9ZP5xQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNiptu1vH8pqjorsyQoiez6LIh2QMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMkttMjdXOGZ5bXFPaXV6SkNpSjdQb3NpSFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATVFlAwQA
WSJqAwQAWSW5AwQAXXK3AwQAXXNqAwQAXXfDAwQAXrENAwQAXrFqAwQAwXwkAwQA
wjovMA0GCSqGSIb3DQEBCwUAA4IBAQAHMnae9XzsWGTLVd9FTd7Qk06WZdfBeT1n
TZBJ9+zpJUS3SqXYYWzUVDm8uyLdWanpheKGGdbwj1aG+4dEhfrFfscx/aCugSOs
xWKePRej51wHZFESthfJ+pLosdGdpUPqq6r39ZFnVdtdQPlVCiL6m4K2jNOKsq1m
h0W3Q1hTfUPpsVAiXxZoMyjUjJwaisdRhWCayAbdAnw0DdsCDStzfSSHDkMH3V+0
bVfXC7GnRG+bdKXE63K1U1PJpWAoBLT7/w/COb3TgB3UgYP7BabnJ+9p8t8NsZqH
9Gs397J4PKwbfZUMOpOpnCXqYsXgvyUisoQO4s+bCioE5MzTEZRK
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:45:44 2025 by rpki-client