Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/0XAsS9JxHUdvax1K7_fLGVXaRlc.roa
File: 0XAsS9JxHUdvax1K7_fLGVXaRlc.roa (raw, json)
Hash identifier: Og5mtIgEa7Wu+4+Cbt7l5y3X6d9YBgIumgqPXgh/sFY=
Subject key identifier: D1:70:2C:4B:D2:71:1D:47:6F:6B:1D:4A:EF:F7:CB:19:55:DA:46:57
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 01990F858BE829F42F7676008A6551888220
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/0XAsS9JxHUdvax1K7_fLGVXaRlc.roa
Signing time: Wed 03 Sep 2025 12:20:34 +0000
ROA not before: Wed 03 Sep 2025 12:20:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.68.144/28 maxlen: 28
185.104.68.240/29 maxlen: 29
185.104.70.0/24 maxlen: 24
185.104.70.0/28 maxlen: 28
185.104.70.32/30 maxlen: 30
185.104.70.220/30 maxlen: 30
185.104.71.0/24 maxlen: 24
185.104.71.0/28 maxlen: 28
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
185.104.71.24/30 maxlen: 30
185.104.71.28/30 maxlen: 30
185.104.71.32/28 maxlen: 28
185.104.71.128/28 maxlen: 28
185.104.71.160/29 maxlen: 29
185.104.71.176/29 maxlen: 29
185.104.71.200/29 maxlen: 29
185.104.71.224/28 maxlen: 28
2a06:3480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 09:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:85:8b:e8:29:f4:2f:76:76:00:8a:65:51:88:82:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Sep 3 12:20:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1702c4bd2711d476f6b1d4aeff7cb1955da4657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4a:18:e9:f8:22:4f:98:99:93:6a:83:10:83:
18:79:24:62:4e:7f:f7:16:f9:43:3a:3d:5c:04:1d:
f0:8f:91:0e:fe:cd:88:75:56:e6:a7:e8:16:dd:4c:
11:32:84:fb:f3:cd:5a:2b:e1:ea:95:0c:b0:ac:73:
e1:d3:b4:21:8f:86:e4:fc:26:64:45:91:b2:5f:74:
17:b7:b5:de:51:55:63:d1:34:05:a0:67:af:13:fe:
2c:5d:a6:80:b2:db:2e:6d:20:53:43:c9:b9:59:29:
86:1d:0f:53:40:bd:98:96:fa:f6:91:a2:9e:a4:2d:
2a:36:24:2e:24:a8:fb:c2:75:de:e1:9f:0d:72:8c:
15:17:f7:68:ad:03:a3:36:4c:b9:23:e3:e4:e4:b6:
48:0b:ed:d4:b0:a9:67:3c:16:a9:52:40:86:b2:22:
39:44:11:3f:db:43:d5:1d:1c:b0:7d:79:6e:e0:ac:
c2:6f:11:33:f4:26:e8:70:8b:95:26:21:cc:34:e5:
fc:65:ab:b3:0e:a3:66:a5:2e:34:d6:16:33:6a:6d:
79:5f:a2:b2:fc:90:e5:79:1e:9b:4b:28:10:86:17:
a3:a9:f3:3d:1a:5e:e5:82:b7:c9:68:bf:17:02:c7:
30:f8:40:c4:36:ce:1f:a7:79:f0:ad:d1:a8:f3:73:
99:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:70:2C:4B:D2:71:1D:47:6F:6B:1D:4A:EF:F7:CB:19:55:DA:46:57
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/0XAsS9JxHUdvax1K7_fLGVXaRlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
48:a7:22:4a:23:1f:28:61:f9:42:e1:85:1a:33:ee:bb:62:53:
f5:d8:fb:d7:e7:0b:d2:a8:22:4d:79:f4:01:a5:1d:95:76:ae:
16:a6:8d:c4:3b:06:3d:c7:ae:5a:74:71:a7:df:0f:24:fc:29:
de:d0:09:fa:db:7c:8b:79:5a:fe:27:91:af:fc:d6:b6:d1:7f:
3f:45:88:ad:65:91:e6:a4:ab:33:f9:e1:64:51:2a:7c:3b:60:
3d:14:6b:16:54:6f:e9:ce:82:ab:e7:a8:fa:b2:87:e7:7b:7a:
4b:e9:d3:19:21:e9:82:f1:94:cd:f3:5b:bc:26:ce:ea:7d:bc:
72:d6:17:6d:0b:6a:a9:18:f5:ff:4d:8b:91:51:8c:f9:91:13:
db:3d:56:de:fa:a4:fb:b6:79:48:c3:5a:c1:31:fb:cd:c3:5f:
cd:5a:55:17:fc:7e:85:d8:4d:d7:24:36:fa:ce:b8:1c:52:47:
3f:7b:39:4e:a2:3c:68:c0:55:4d:15:bc:bd:74:49:f7:53:ea:
76:26:e7:08:b4:fb:52:4f:03:7c:dc:1c:3b:0e:12:f2:5b:ad:
f5:28:da:aa:a3:ab:d6:8d:87:e5:85:d4:1e:ba:7b:d2:fd:68:
3a:bf:54:9b:76:eb:1d:c8:27:93:67:53:20:25:ae:75:23:97:
4d:b0:15:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZkPhYvoKfQvdnYAimVRiIIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjUwOTAzMTIyMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcwMmM0YmQyNzExZDQ3NmY2YjFkNGFlZmY3Y2IxOTU1ZGE0NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUoY6fgiT5iZk2qDEIMYeSRiTn/3
FvlDOj1cBB3wj5EO/s2IdVbmp+gW3UwRMoT7881aK+HqlQywrHPh07Qhj4bk/CZk
RZGyX3QXt7XeUVVj0TQFoGevE/4sXaaAstsubSBTQ8m5WSmGHQ9TQL2Ylvr2kaKe
pC0qNiQuJKj7wnXe4Z8NcowVF/dorQOjNky5I+Pk5LZIC+3UsKlnPBapUkCGsiI5
RBE/20PVHRywfXlu4KzCbxEz9CbocIuVJiHMNOX8ZauzDqNmpS401hYzam15X6Ky
/JDleR6bSygQhhejqfM9Gl7lgrfJaL8XAscw+EDENs4fp3nwrdGo83OZfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNFwLEvScR1Hb2sdSu/3yxlV2kZXMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvMFhBc1M5SnhIVWR2YXgxSzdfZkxHVlhhUmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQBIpyJKIx8oYflC4YUaM+67
YlP12PvX5wvSqCJNefQBpR2Vdq4Wpo3EOwY9x65adHGn3w8k/Cne0An623yLeVr+
J5Gv/Na20X8/RYitZZHmpKsz+eFkUSp8O2A9FGsWVG/pzoKr56j6sofne3pL6dMZ
IemC8ZTN81u8Js7qfbxy1hdtC2qpGPX/TYuRUYz5kRPbPVbe+qT7tnlIw1rBMfvN
w1/NWlUX/H6F2E3XJDb6zrgcUkc/ezlOojxowFVNFby9dEn3U+p2JucItPtSTwN8
3Bw7DhLyW631KNqqo6vWjYflhdQeunvS/Wg6v1SbdusdyCeTZ1MgJa51I5dNsBU5
-----END CERTIFICATE-----
Generated at Thu Sep 11 18:43:19 2025 by rpki-client