Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/i0m66lJKEwjku8K2qLBAQ_oh0Tw.roa
File: i0m66lJKEwjku8K2qLBAQ_oh0Tw.roa (raw, json)
Hash identifier: a3BdrMT+vJr+Ngk7fHWk5SVBa8Ekf3aaoW+fXRjcfLE=
Subject key identifier: 8B:49:BA:EA:52:4A:13:08:E4:BB:C2:B6:A8:B0:40:43:FA:21:D1:3C
Certificate issuer: /CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Certificate serial: 0198E2547F21A0ADA4197F27BBCD18AAC000
Authority key identifier: 96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/i0m66lJKEwjku8K2qLBAQ_oh0Tw.roa
Signing time: Mon 25 Aug 2025 17:44:05 +0000
ROA not before: Mon 25 Aug 2025 17:44:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 85.203.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e2:54:7f:21:a0:ad:a4:19:7f:27:bb:cd:18:aa:c0:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Validity
Not Before: Aug 25 17:44:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b49baea524a1308e4bbc2b6a8b04043fa21d13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:71:9b:1d:96:3b:68:98:99:4d:76:2a:17:
90:15:0d:12:34:dc:2e:8d:78:c9:70:92:5c:76:43:
f7:d6:82:23:3d:0a:24:3d:6d:68:79:e1:3c:ab:9f:
2d:8e:9d:39:f3:24:ba:f8:aa:01:32:fc:09:57:05:
50:d9:1f:8c:d3:2c:d6:0d:a8:ad:bf:9a:20:38:f6:
7a:78:67:18:a2:75:4b:24:7d:47:57:b2:91:6f:a7:
2f:5f:e0:46:8b:95:47:17:ef:56:8b:1c:6f:b6:7e:
93:94:8d:df:a4:dc:fb:1e:4b:af:5c:ad:3e:a3:34:
0b:a2:19:bd:b0:39:b2:77:9b:6a:58:5a:39:8f:6d:
a5:83:27:49:2f:e5:e6:8f:94:3c:12:79:4b:a2:2b:
4b:2d:5c:8e:cf:df:6a:6d:1e:ab:c8:23:b3:ea:da:
05:5b:ea:7d:a6:25:27:6c:4b:f5:c0:d0:5d:ce:2b:
81:e4:44:da:25:b1:6a:37:2a:bd:14:90:0a:6a:74:
4b:86:13:a9:3c:4b:b6:33:46:1d:87:a5:51:da:a9:
aa:54:10:71:83:e7:4c:5c:b7:77:35:a8:c7:f9:d3:
44:87:f0:81:3d:70:60:7e:32:ee:f5:13:da:f7:8d:
86:e8:f2:83:fa:20:61:68:c0:74:f6:2c:fe:c7:fc:
87:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:49:BA:EA:52:4A:13:08:E4:BB:C2:B6:A8:B0:40:43:FA:21:D1:3C
X509v3 Authority Key Identifier:
keyid:96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/i0m66lJKEwjku8K2qLBAQ_oh0Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.19.0/24
Signature Algorithm: sha256WithRSAEncryption
05:67:ec:a8:f6:4e:10:8e:51:4a:6b:58:8f:b0:06:1b:91:ae:
2c:a7:87:9f:4b:ee:3c:5b:ad:51:e8:39:b3:f3:4d:85:f1:88:
78:e9:6c:b2:90:1c:32:b6:89:d9:2a:9b:23:5c:2a:9c:55:db:
4c:c0:b7:b3:e2:91:4e:10:05:ce:a0:5d:d6:fe:71:35:0d:57:
59:ba:4b:56:d8:a6:55:41:6d:96:e3:2b:bc:21:08:d5:77:b4:
fd:fa:5f:37:0f:9c:fa:2c:c7:c0:67:3e:87:8d:b7:0c:70:06:
4d:aa:98:2c:f9:f9:f4:e7:e1:aa:b2:80:ae:66:91:62:bc:47:
26:77:42:ef:e3:f6:84:c4:57:bb:a6:f2:49:ad:37:9d:fe:76:
78:28:99:a0:40:80:e6:44:ba:b0:e9:df:72:ed:13:0e:d4:2b:
b2:d8:42:f4:12:33:3c:78:59:1d:4e:ac:de:4e:34:71:47:9e:
c4:a6:51:ac:ee:70:91:42:7b:56:67:6b:94:3a:19:37:ca:6e:
e2:b0:bb:ce:60:a3:1c:4e:d5:5b:4e:c2:8c:ae:d6:76:8f:29:
e0:2d:b1:71:cb:57:ce:03:bd:24:fc:8d:f3:1b:ba:83:1b:91:
46:5a:f4:38:e8:a0:66:f7:5e:20:4d:b4:78:f0:a0:1d:c7:20:
07:33:a9:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjiVH8hoK2kGX8nu80YqsAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmJkNzZhNWNhYzI4M2VjZTBhMGY4ZWFiMmM5NzAyMTQw
MWZiODkwHhcNMjUwODI1MTc0NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ5YmFlYTUyNGExMzA4ZTRiYmMyYjZhOGIwNDA0M2ZhMjFkMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0pxmx2WO2iYmU12KheQFQ0SNNwu
jXjJcJJcdkP31oIjPQokPW1oeeE8q58tjp058yS6+KoBMvwJVwVQ2R+M0yzWDait
v5ogOPZ6eGcYonVLJH1HV7KRb6cvX+BGi5VHF+9Wixxvtn6TlI3fpNz7HkuvXK0+
ozQLohm9sDmyd5tqWFo5j22lgydJL+Xmj5Q8EnlLoitLLVyOz99qbR6ryCOz6toF
W+p9piUnbEv1wNBdziuB5ETaJbFqNyq9FJAKanRLhhOpPEu2M0Ydh6VR2qmqVBBx
g+dMXLd3NajH+dNEh/CBPXBgfjLu9RPa942G6PKD+iBhaMB09iz+x/yHjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItJuupSShMI5LvCtqiwQEP6IdE8MB8GA1UdIwQY
MBaAFJYr12pcrCg+zgoPjqsslwIUAfuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMt
NmFiMTExNTVmNmZiLzEvaTBtNjZsSktFd2prdThLMnFMQkFRX29oMFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMtNmFiMTExNTVmNmZi
LzEvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsTMA0G
CSqGSIb3DQEBCwUAA4IBAQAFZ+yo9k4QjlFKa1iPsAYbka4sp4efS+48W61R6Dmz
802F8Yh46WyykBwytonZKpsjXCqcVdtMwLez4pFOEAXOoF3W/nE1DVdZuktW2KZV
QW2W4yu8IQjVd7T9+l83D5z6LMfAZz6HjbcMcAZNqpgs+fn05+GqsoCuZpFivEcm
d0Lv4/aExFe7pvJJrTed/nZ4KJmgQIDmRLqw6d9y7RMO1Cuy2EL0EjM8eFkdTqze
TjRxR57EplGs7nCRQntWZ2uUOhk3ym7isLvOYKMcTtVbTsKMrtZ2jyngLbFxy1fO
A70k/I3zG7qDG5FGWvQ46KBm914gTbR48KAdxyAHM6l+
-----END CERTIFICATE-----
Generated at Sat Sep 6 03:27:53 2025 by rpki-client