Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/TrNuqWdgLhGTxn5VxoYeyfzOKkg.roa
File: TrNuqWdgLhGTxn5VxoYeyfzOKkg.roa (raw, json)
Hash identifier: Rqi2Sn0fAAAxy2y3ILi9hXub3082liYhSLIo32eP1Fg=
Subject key identifier: 4E:B3:6E:A9:67:60:2E:11:93:C6:7E:55:C6:86:1E:C9:FC:CE:2A:48
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 01993D73609C47AE2B419E2455190EBCDACD
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/TrNuqWdgLhGTxn5VxoYeyfzOKkg.roa
Signing time: Fri 12 Sep 2025 10:23:15 +0000
ROA not before: Fri 12 Sep 2025 10:23:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57073
IP address blocks: 85.198.76.0/22 maxlen: 24
91.230.107.0/24 maxlen: 24
94.141.112.0/22 maxlen: 24
176.101.88.0/21 maxlen: 24
185.62.200.0/23 maxlen: 24
185.62.202.0/24 maxlen: 24
185.138.252.0/22 maxlen: 24
185.138.252.0/24 maxlen: 24
185.138.253.0/24 maxlen: 24
185.138.254.0/24 maxlen: 24
185.138.255.0/24 maxlen: 24
194.1.214.0/24 maxlen: 24
213.184.154.0/23 maxlen: 24
213.184.154.0/24 maxlen: 24
213.184.156.0/22 maxlen: 24
2a03:720::/32 maxlen: 48
2a03:720:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:73:60:9c:47:ae:2b:41:9e:24:55:19:0e:bc:da:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: Sep 12 10:23:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eb36ea967602e1193c67e55c6861ec9fcce2a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bb:b8:38:47:5f:bf:3d:fe:df:75:44:31:82:
a2:fd:71:00:6a:08:91:62:55:ae:51:e7:6d:78:94:
52:56:32:58:99:12:a4:01:00:b1:3d:a1:87:8d:c0:
ec:6a:28:59:46:b1:99:12:e2:56:5e:76:07:11:04:
24:dd:1a:06:d4:cc:36:2f:fd:87:6d:db:78:fa:62:
f5:c3:76:e6:0c:61:6f:5a:ac:b5:44:f3:39:1a:01:
36:48:85:26:49:e9:16:74:ee:59:e6:87:87:cc:61:
a5:58:8f:be:9f:5e:61:0e:58:f5:db:75:d2:b5:35:
bb:1d:a1:9a:f9:13:62:6a:a6:da:a5:54:41:bc:16:
23:8e:e9:62:72:77:84:6e:0c:eb:fd:09:ac:86:cb:
75:a6:03:c0:b3:6a:2f:99:e3:14:21:a0:ff:11:2a:
a0:6d:5e:39:10:9c:9f:3f:5e:bc:7e:e8:3c:81:0a:
ab:1e:17:af:61:e8:ff:09:36:47:32:2f:85:31:4d:
bb:77:38:22:82:ff:31:20:05:81:d0:ed:05:fe:78:
e0:da:fa:e6:d7:d4:1f:ed:54:64:4e:28:5f:55:83:
63:63:24:50:c4:7e:57:0e:5e:94:7e:96:4d:28:0a:
01:d3:f7:a0:0a:37:5a:45:a4:f4:b6:2d:70:22:13:
92:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B3:6E:A9:67:60:2E:11:93:C6:7E:55:C6:86:1E:C9:FC:CE:2A:48
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/TrNuqWdgLhGTxn5VxoYeyfzOKkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.76.0/22
91.230.107.0/24
94.141.112.0/22
176.101.88.0/21
185.62.200.0-185.62.202.255
185.138.252.0/22
194.1.214.0/24
213.184.154.0-213.184.159.255
IPv6:
2a03:720::/32
Signature Algorithm: sha256WithRSAEncryption
47:63:25:bc:3d:7a:1e:07:c6:94:88:d1:58:4e:76:a1:dc:a3:
cd:85:fc:98:49:08:c1:84:7d:5a:42:2d:f5:9c:6b:88:32:00:
b7:f8:16:f4:13:5b:bf:72:9e:d3:3c:de:cb:15:39:78:47:2a:
3c:4d:1b:54:e5:a5:cc:26:33:f7:b9:c0:7d:71:39:76:43:aa:
23:8c:af:8f:7c:e9:f6:ba:65:6c:a2:17:34:0e:d9:84:01:c2:
ea:5e:8d:74:a8:2b:80:8e:40:0b:d1:5e:56:a3:aa:ce:06:bf:
c2:85:13:f7:9c:b4:2e:98:7a:8a:29:57:58:dd:e6:cc:cc:99:
d0:9e:ce:56:0b:8e:62:89:0c:6f:0a:2b:1f:d9:cb:9f:f6:fb:
c8:f1:c5:bf:3e:76:33:a8:e2:50:05:54:fe:c3:15:61:01:8e:
e5:0c:b5:7d:2c:93:c1:5a:80:45:12:3f:6a:8e:a0:bb:8d:a2:
e8:aa:43:f6:c5:7f:fe:a9:36:02:12:01:d0:94:33:71:2c:40:
7a:45:36:4d:39:e3:e5:72:b1:22:99:5a:d3:ab:b7:db:2f:ff:
dd:cf:17:16:fe:73:27:f9:8a:9f:b0:5f:83:8b:2f:21:fc:83:
68:5e:66:6b:bc:17:9b:96:cc:ab:0a:c0:c0:82:b3:e4:cc:b0:
0e:6f:22:9b
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZk9c2CcR64rQZ4kVRkOvNrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5
MDBhNzYwHhcNMjUwOTEyMTAyMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIzNmVhOTY3NjAyZTExOTNjNjdlNTVjNjg2MWVjOWZjY2UyYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibu4OEdfvz3+33VEMYKi/XEAagiR
YlWuUedteJRSVjJYmRKkAQCxPaGHjcDsaihZRrGZEuJWXnYHEQQk3RoG1Mw2L/2H
bdt4+mL1w3bmDGFvWqy1RPM5GgE2SIUmSekWdO5Z5oeHzGGlWI++n15hDlj123XS
tTW7HaGa+RNiaqbapVRBvBYjjulicneEbgzr/Qmshst1pgPAs2ovmeMUIaD/ESqg
bV45EJyfP168fug8gQqrHhevYej/CTZHMi+FMU27dzgigv8xIAWB0O0F/njg2vrm
19Qf7VRkTihfVYNjYyRQxH5XDl6UfpZNKAoB0/egCjdaRaT0ti1wIhOSzwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFE6zbqlnYC4Rk8Z+VcaGHsn8zipIMB8GA1UdIwQY
MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt
ODlhY2UzODIyMGZiLzEvVHJOdXFXZGdMaEdUeG41VnhvWWV5ZnpPS2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi
LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQCVcZMAwQA
W+ZrAwQCXo1wAwQDsGVYMAwDBAO5PsgDBAC5PsoDBAK5ivwDBADCAdYwDAMEAdW4
mgMEBdW4gDANBAIAAjAHAwUAKgMHIDANBgkqhkiG9w0BAQsFAAOCAQEAR2MlvD16
HgfGlIjRWE52odyjzYX8mEkIwYR9WkIt9ZxriDIAt/gW9BNbv3Ke0zzeyxU5eEcq
PE0bVOWlzCYz97nAfXE5dkOqI4yvj3zp9rplbKIXNA7ZhAHC6l6NdKgrgI5AC9Fe
VqOqzga/woUT95y0Lph6iilXWN3mzMyZ0J7OVguOYokMbworH9nLn/b7yPHFvz52
M6jiUAVU/sMVYQGO5Qy1fSyTwVqARRI/ao6gu42i6KpD9sV//qk2AhIB0JQzcSxA
ekU2TTnj5XKxIpla06u32y//3c8XFv5zJ/mKn7Bfg4svIfyDaF5ma7wXm5bMqwrA
wIKz5MywDm8imw==
-----END CERTIFICATE-----
Generated at Tue Sep 16 17:59:58 2025 by rpki-client