Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/b2ii9Ml7qpC36RUpZ8hKOXAe8yM.roa
File: b2ii9Ml7qpC36RUpZ8hKOXAe8yM.roa (raw, json)
Hash identifier: /Y0ueq9Pn525s9PDcY0SvkDIxOuDN0k+WvttGHuIvJE=
Subject key identifier: 6F:68:A2:F4:C9:7B:AA:90:B7:E9:15:29:67:C8:4A:39:70:1E:F3:23
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 01992DE0B323B1BAE8370149BE4A18C810C8
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/b2ii9Ml7qpC36RUpZ8hKOXAe8yM.roa
Signing time: Tue 09 Sep 2025 09:48:44 +0000
ROA not before: Tue 09 Sep 2025 09:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 45.83.112.0/22 maxlen: 24
80.254.236.0/22 maxlen: 24
192.144.52.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
194.39.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:e0:b3:23:b1:ba:e8:37:01:49:be:4a:18:c8:10:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Sep 9 09:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f68a2f4c97baa90b7e9152967c84a39701ef323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:51:75:b6:73:1f:d9:d2:79:f2:62:a4:a4:f1:
41:52:57:d9:94:dc:f7:1e:4e:2e:60:e7:3c:87:32:
cf:72:b1:4b:30:8c:56:5d:e1:37:83:79:b6:19:84:
38:8b:8d:09:cf:87:42:dd:e9:20:cc:74:a8:2d:c8:
d9:b8:a9:79:6e:23:52:e1:d0:c3:d0:a9:ef:23:d1:
65:f5:9e:e5:e1:03:24:22:da:e5:47:b0:c8:d9:f9:
53:8f:5c:13:7e:c0:aa:ab:bd:07:88:54:59:a1:30:
dc:3b:a1:54:7f:d3:35:9c:f8:16:7d:a3:f8:b0:be:
f3:5c:e0:ae:a9:98:94:14:6d:8d:45:c2:d5:7f:97:
0d:66:6b:ae:fe:70:d8:e6:ca:ea:28:68:a1:78:bc:
0d:a3:7a:7c:47:9f:09:cc:a8:08:1f:5c:91:b3:36:
9e:31:fa:5d:bd:1c:70:b3:97:16:a0:01:f7:05:2f:
58:5e:b0:a0:4e:f5:d3:1b:46:ea:ca:a0:36:a2:29:
5a:11:88:75:b7:a4:33:10:da:99:40:a9:57:32:de:
ee:6d:de:6e:42:a6:db:75:52:71:bd:8e:df:7a:de:
e2:37:4d:2e:19:6f:a5:df:da:65:90:b3:11:22:39:
3e:cc:27:f6:63:49:76:f7:03:c9:b2:89:0b:da:fe:
9e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:68:A2:F4:C9:7B:AA:90:B7:E9:15:29:67:C8:4A:39:70:1E:F3:23
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/b2ii9Ml7qpC36RUpZ8hKOXAe8yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.236.0/22
192.144.52.0/22
193.9.40.0/22
193.187.168.0/22
194.39.68.0/22
Signature Algorithm: sha256WithRSAEncryption
29:4d:66:04:78:bf:c0:02:5f:d0:3e:0b:cc:ee:ae:65:b6:ea:
83:83:8e:d6:46:9d:8b:d0:bb:f0:66:50:58:f8:9a:a2:08:76:
07:17:21:96:f4:05:e4:0f:7b:74:2b:a4:ee:f9:45:97:f6:a8:
f4:7f:65:b9:54:08:e9:43:a5:fd:5e:84:26:3d:c2:56:63:c1:
3c:10:ce:15:7f:44:95:b9:26:57:66:4b:39:52:77:ba:ed:dc:
a7:41:34:52:e0:1c:40:d4:d6:50:f6:9a:c5:83:9e:20:f7:95:
31:a2:db:99:93:9b:5e:a1:23:dc:ca:b9:ee:d9:6b:c9:65:7b:
80:89:a7:41:d7:bf:5a:89:9c:ba:c2:00:80:af:76:d1:39:4a:
8a:29:ab:75:e1:c6:26:e7:8a:a3:97:b1:cf:fb:30:45:ca:ba:
27:d4:59:ac:21:cd:78:76:f5:b8:1c:c9:78:15:c2:b9:cb:c8:
31:ec:56:ad:4a:cf:68:32:e9:57:db:54:0d:2e:07:e1:53:ee:
4d:cf:49:f2:9b:ae:7e:63:c4:8b:ff:45:f9:e5:4e:4a:e9:ea:
fd:ba:3b:40:00:88:a6:cd:bf:bc:80:22:76:bb:d2:7b:c3:df:
c3:ee:3c:01:69:2c:e5:97:b9:f9:a6:84:88:83:74:3f:90:f9:
78:51:2b:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZkt4LMjsbroNwFJvkoYyBDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjUwOTA5MDk0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjY4YTJmNGM5N2JhYTkwYjdlOTE1Mjk2N2M4NGEzOTcwMWVmMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslF1tnMf2dJ58mKkpPFBUlfZlNz3
Hk4uYOc8hzLPcrFLMIxWXeE3g3m2GYQ4i40Jz4dC3ekgzHSoLcjZuKl5biNS4dDD
0KnvI9Fl9Z7l4QMkItrlR7DI2flTj1wTfsCqq70HiFRZoTDcO6FUf9M1nPgWfaP4
sL7zXOCuqZiUFG2NRcLVf5cNZmuu/nDY5srqKGiheLwNo3p8R58JzKgIH1yRszae
MfpdvRxws5cWoAH3BS9YXrCgTvXTG0bqyqA2oilaEYh1t6QzENqZQKlXMt7ubd5u
QqbbdVJxvY7fet7iN00uGW+l39plkLMRIjk+zCf2Y0l29wPJsokL2v6eqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG9oovTJe6qQt+kVKWfISjlwHvMjMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvYjJpaTlNbDdxcEMzNlJVcFo4aEtPWEFlOHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVNwAwQC
UP7sAwQCwJA0AwQCwQkoAwQCwbuoAwQCwidEMA0GCSqGSIb3DQEBCwUAA4IBAQAp
TWYEeL/AAl/QPgvM7q5ltuqDg47WRp2L0LvwZlBY+JqiCHYHFyGW9AXkD3t0K6Tu
+UWX9qj0f2W5VAjpQ6X9XoQmPcJWY8E8EM4Vf0SVuSZXZks5Une67dynQTRS4BxA
1NZQ9prFg54g95UxotuZk5teoSPcyrnu2WvJZXuAiadB179aiZy6wgCAr3bROUqK
Kat14cYm54qjl7HP+zBFyron1FmsIc14dvW4HMl4FcK5y8gx7FatSs9oMulX21QN
LgfhU+5Nz0nym65+Y8SL/0X55U5K6er9ujtAAIimzb+8gCJ2u9J7w9/D7jwBaSzl
l7n5poSIg3Q/kPl4USsn
-----END CERTIFICATE-----
Generated at Tue Sep 16 21:48:35 2025 by rpki-client